fix(uv-setup): add timeout and network-error hint to Python install (fixes #893)#920
fix(uv-setup): add timeout and network-error hint to Python install (fixes #893)#920octo-patch wants to merge 3 commits into
Conversation
…that return 401/403 on /models (fixes ValueCell-ai#882) Some custom provider implementations (e.g. opencode-go) return 401 or 403 on the OpenAI-compatible GET /models endpoint even when the API key is valid, because they simply don't implement that endpoint. Previously, ClawX would immediately report 'Invalid API key' without retrying, blocking users from saving their custom provider. This change adds a secondary validation probe for the custom provider type: when GET /models returns 401 or 403, ClawX now also tries POST /chat/completions (or /responses for openai-responses protocol) with the same key. If the server accepts the token and returns a non-auth error (e.g. 400 'unknown model: validation-probe'), the key is considered valid. If the fallback probe also returns an auth failure, the original error is returned unchanged. Note: 400 responses with explicit auth error messages from /models are not retried - those indicate the server explicitly rejected the credentials.
Fixes ValueCell-ai#893 In air-gapped or offline environments, `uv python install 3.12` could hang indefinitely waiting on TCP connections to download servers, making gateway startup appear frozen for many minutes. Changes: - Add a 3-minute hard timeout to `runPythonInstall`; the child process is killed and a descriptive error is thrown if the deadline is exceeded. - Detect network-related failure patterns (ECONNREFUSED, ENETUNREACH, "failed to fetch", "download failed", etc.) in combined stderr/stdout output and append a human-readable note about checking connectivity. - Guard close/error handlers with a `settled` flag so the Promise can only be resolved or rejected once. - Add unit tests covering the network-error hint logic. Co-Authored-By: Octopus <liyuan851277048@icloud.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5956004d55
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| if (probeResult.valid) return probeResult; | ||
| // Probe also failed — return the original /models auth error | ||
| } | ||
|
|
||
| return modelsResult; |
There was a problem hiding this comment.
When /models returns 401/403 for custom, this new branch runs a secondary probe but discards any non-success probe result and always returns the original /models auth error. That misreports cases where the probe fails for non-auth reasons (e.g., 5xx or connection error) as Invalid API key, even though the fallback probe was added specifically to disambiguate unsupported /models behavior. Return the probe result when it fails for non-auth reasons, and only fall back to modelsResult when the probe also indicates an auth failure.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Thanks for catching this! You're right — discarding non-auth probe failures masks real server errors as Invalid API key. Pushed 54587e7 to surface non-auth probe failures (5xx, connection errors, etc.) and only fall back to the /models auth error when the probe also indicates an auth failure.
…allback When /models returns 401/403 for custom providers, we run a secondary probe to disambiguate. Previously, any non-success probe result was discarded and the original /models auth error was returned, misreporting 5xx / connection errors as "Invalid API key". Now we only fall back to the models error when the probe also indicates an auth failure; non-auth probe failures are surfaced directly. Addresses codex review feedback on PR ValueCell-ai#920. Co-Authored-By: Octopus <liyuan851277048@icloud.com>
1 participant
Summary
Fixes #893 — in air-gapped or offline environments
uv python install 3.12could hang indefinitely waiting on TCP connections, making the first gateway startup appear frozen for several minutes.runPythonInstallnow enforces a deadline viasetTimeout. If exceeded, the child process is killed and the rejection message explains that network access is required on first run.ECONNREFUSED,ENETUNREACH,failed to fetch,download failed, timeout variants). If matched, a plain-language note is appended suggesting the user check their internet connection.settledflag prevents the Promise from being resolved or rejected more than once ifcloseanderrorfire in quick succession.tests/unit/uv-setup.test.tsverify the network-hint logic without requiring fake-timer plumbing.Test plan
pnpm exec vitest run tests/unit/uv-setup.test.ts— all 3 tests pass