PR #11 left literal \n escapes in <system-reminder> blocks (which
break Anthropic's content validator), capitalized X-Stainless-* headers
that diverge from upstream's lowercase JS SDK output, a broken
_pascalcase_mcp_name that ignored the mcp_ prefix, and tests that
referenced removed functions. Restore the Opus 4.6 temperature
stripping that was dropped in the merge.
Port upstream PR #136 (repair_tool_pairs) to prevent HTTP 400 on long
conversations with orphaned tool_use/tool_result blocks, and PR #126
(haiku effort stripping) to prevent HTTP 400 on haiku models.
Resolve the unfinished intent of commit 6d9cade by lowercasing the
first character after MCP-namespace unwrap so hermes's tool dispatcher
resolves the registered snake_case name without its auto-repair
warning. Patch normalize_response on both pre-0.11 hermes
(agent.anthropic_adapter) and 0.11+ hermes (AnthropicTransport) for
backward compatibility.
On macOS, Claude Code stores OAuth credentials in Keychain but
hermes-agent reads them from ~/.claude/.credentials.json. The oneliner
would install the patch successfully but auth still failed until users
manually ran DrQbz's Python mirror snippet (README troubleshooting).
install.sh now detects Darwin via 'uname -s' and mirrors the 'Claude
Code-credentials' Keychain entry into ~/.claude/.credentials.json on
every run (with content-compare to skip no-op writes). No-op on Linux
where Claude Code writes the file directly.
- install.sh: Darwin branch reads Keychain via 'security' and mirrors
to file with 0600 perms; warns if neither Keychain entry nor file
exist so the user knows to run 'claude auth login --claudeai'
- README.md: troubleshooting section updated to note the auto-mirror,
keeps the manual Python snippet as a fallback for edge cases
- anthropic_billing_bypass.py: version bump to 1.1.1 (module unchanged,
tracks the installer release)
- tests/test_install.sh: 3 new tests via PATH-shimmed 'uname' and
'security' fakes — fresh mirror, idempotent re-run, missing Keychain
Closes the last gap on issue #5 (@DrQbz, macOS Keychain auth).
Anthropic tightened OAuth validation between 2026-04-14 and 2026-04-22.
Requests are now classified as third-party and routed to extra-usage
credits (or rejected with 'Third-party apps now draw from your extra
usage, not your plan limits') unless the fingerprint matches real
Claude Code. Ports the two upstream opencode-claude-auth fixes that
address this:
- PR #191 (merged, v1.4.10): PascalCase `mcp_` tool names. Hermes
prefixes tools with lowercase `mcp_bash`; the validator now flags
that as non-Claude-Code. Real CC uses `mcp_Bash` / `mcp_Read` /
`mcp_Background_output`. Adds a request-side rewrite hook plus a
response-side unhook that lowercases the first char after hermes
strips the prefix, so the tool dispatcher continues to receive the
original lowercase names.
- PR #207 (open, attempted fix for Claude Code 2.1.112): updates the
billing fingerprint. Changes the `cc_entrypoint` in the signed
billing header from `cli` to `sdk-cli`, adds the
`advisor-tool-2026-03-01` beta flag, injects the Stainless SDK
headers that real CC sends (`x-stainless-*`) plus
`anthropic-dangerous-direct-browser-access: true`, and appends
`?beta=true` to the /v1/messages query string. All non-body signals
ride the Anthropic Python SDK's per-request `extra_headers` and
`extra_query` kwargs so we don't need to rewrap the HTTP client.
Other changes:
- Bump __version__ to 1.1.0 and document the rationale above in the
module docstring.
- Extend `_EXTRA_OAUTH_BETAS` so both prompt-caching and advisor-tool
betas are appended to hermes's `_OAUTH_ONLY_BETAS` list.
- 10 new unit tests covering PascalCase rewrite (request + response),
sdk-cli entrypoint, Stainless headers, extra_query=beta:true, and
preservation of pre-existing extra_headers.
Smoke-tested on Linux with hermes-agent v0.10.0 against claude-sonnet-4-6,
claude-opus-4-6, and claude-opus-4-7 \u2014 all return 200 and complete
responses with the new patch loaded. Billing-tier routing (plan vs
extra-usage) cannot be verified from the client side; this tracks the
best-known upstream bypass as of 2026-04-22 but Anthropic may tighten
validation again at any time.
Refs: #6
Upstream: https://github.com/griffinmartin/opencode-claude-auth/pull/191
Upstream: https://github.com/griffinmartin/opencode-claude-auth/pull/207