Add ClinePass usage provider#2219
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3cb9d0d995
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
|
|
||
| var request = URLRequest(url: self.usageURL) | ||
| request.httpMethod = "GET" | ||
| request.setValue("Bearer \(cleanedKey)", forHTTPHeaderField: "Authorization") |
There was a problem hiding this comment.
Use dashboard auth for ClinePass usage
With the current settings flow, users paste the CLINE_API_KEY documented for Cline's Chat Completions API, but this is the dashboard usage-limits request; Cline's ClinePass docs direct usage checks to the signed-in dashboard, whose request is authenticated by the cline_session_id cookie rather than the Chat Completions Bearer key. In that documented setup the provider reports 401/403 even though the user is subscribed, so the new provider cannot display ClinePass usage unless this endpoint is authenticated with the web session/cookie or a documented usage API.
Useful? React with 👍 / 👎.
|
Codex review: needs real behavior proof before merge. Reviewed July 16, 2026, 4:01 PM ET / 20:01 UTC. Summary Reproducibility: not applicable. This PR adds a provider rather than fixing a reproducible current-main bug. The relevant validation is a real-account ClinePass fetch through the app or CLI. Review metrics: 3 noteworthy metrics.
Root-cause cluster Members:
Proposal only: this assessment does not dispatch repair, suppress jobs, mutate sibling items, close, or merge anything. Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Rank-up moves:
Proof guidance:
Risk before merge
Maintainer options:
Next step before merge
Security Review detailsBest possible solution: Keep the API-key design if a redacted real-account run confirms the exact subscription endpoint and rendered windows; otherwise use a documented account-auth source without exposing credentials or changing provider identity semantics. Do we have a high-confidence way to reproduce the issue? Not applicable: this PR adds a provider rather than fixing a reproducible current-main bug. The relevant validation is a real-account ClinePass fetch through the app or CLI. Is this the best way to solve the issue? Unclear: the API-key path matches current Bearer-auth guidance and CodexBar's established provider architecture, but it is not confirmed as the best solution until the exact subscription endpoint succeeds in a real setup. AGENTS.md: found and applied where relevant. Codex review notes: model internal, reasoning high; reviewed against 2f153f4f6b05. Label changesLabel changes:
Label justifications:
Evidence reviewedWhat I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
Review history (6 earlier review cycles)
|
|
@clawsweeper re-review Addressed the ClinePass parser robustness and stale social-card findings at a01488d: unknown limits[].type values are now skipped instead of failing the whole payload, focused regression coverage preserves 5-hour, weekly, and monthly windows, and docs/social.png was regenerated from the 61-provider social card source. Local verification passed: swift test --filter ClinePass; make check. |
|
🦞👀 Command router queued. I will update this comment with the next step. |
|
@clawsweeper re-review The previous review placeholder for a01488d appears stale after its lease expired. Current head addresses parser robustness for unknown limits[].type values and regenerates the social-card artifact, with local verification: swift test --filter ClinePass; make check. Please re-review current head. |
|
🦞🧹 I asked ClawSweeper to review this item again. Re-review progress:
|
|
@clawsweeper re-review The review placeholder for a01488d expired without a verdict. Current head fixes unknown limit parsing and regenerates the social card, with local verification in the PR body. Please re-review current head. |
|
@clawsweeper re-review The review placeholder for a01488d expired again without a verdict. Current head includes the ClinePass parser/social-card fixes and verification; one macOS shard is still finishing, but please re-review current head when available. |
|
@clawsweeper re-review The review placeholder for a01488d expired again without a verdict. CI is clean; current head includes the ClinePass parser/social-card fixes and PR verification. Please re-review current head. |
1 similar comment
|
@clawsweeper re-review The review placeholder for a01488d expired again without a verdict. CI is clean; current head includes the ClinePass parser/social-card fixes and PR verification. Please re-review current head. |
# Conflicts: # Sources/CodexBarCore/Generated/CodexParserHash.generated.swift
|
Verified and merged at head
Live account verification was unavailable for this provider. Merge commit: |
Summary
Verification
swift test --filter ClinePassmake check