2026-02-02 19:01:51 -08:00
|
|
|
"""
|
|
|
|
|
Status command for hermes CLI.
|
|
|
|
|
|
|
|
|
|
Shows the status of all Hermes Agent components.
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
import os
|
|
|
|
|
import sys
|
2026-04-28 06:46:45 -07:00
|
|
|
import subprocess # noqa: F401 — re-exported for tests that monkeypatch status.subprocess to guard against regressions
|
2026-04-29 18:20:53 +05:30
|
|
|
import importlib.util
|
2026-02-02 19:01:51 -08:00
|
|
|
from pathlib import Path
|
|
|
|
|
|
|
|
|
|
PROJECT_ROOT = Path(__file__).parent.parent.resolve()
|
|
|
|
|
|
2026-03-11 19:37:42 +03:00
|
|
|
from hermes_cli.auth import AuthError, resolve_provider
|
2026-02-20 23:23:32 -08:00
|
|
|
from hermes_cli.colors import Colors, color
|
2026-04-29 18:20:53 +05:30
|
|
|
from hermes_cli.config import get_env_path, get_env_value, get_hermes_home, load_config
|
2026-03-11 19:37:42 +03:00
|
|
|
from hermes_cli.models import provider_label
|
2026-03-26 15:27:27 -07:00
|
|
|
from hermes_cli.nous_subscription import get_nous_subscription_features
|
2026-03-11 19:37:42 +03:00
|
|
|
from hermes_cli.runtime_provider import resolve_requested_provider
|
2026-04-29 18:20:53 +05:30
|
|
|
from hermes_cli.vercel_auth import describe_vercel_auth
|
2026-02-20 23:23:32 -08:00
|
|
|
from hermes_constants import OPENROUTER_MODELS_URL
|
2026-03-30 13:28:10 +09:00
|
|
|
from tools.tool_backend_helpers import managed_nous_tools_enabled
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
def check_mark(ok: bool) -> str:
|
|
|
|
|
if ok:
|
|
|
|
|
return color("✓", Colors.GREEN)
|
|
|
|
|
return color("✗", Colors.RED)
|
|
|
|
|
|
|
|
|
|
def redact_key(key: str) -> str:
|
refactor(redact): canonical mask_secret helper; fix status.py DIM drift (#17207)
Three modules independently implemented the same "preserve head+tail of
a secret, mask the middle" logic with slightly different behaviors that
had started to drift:
hermes_cli/config.py redact_key — 12-char floor, 4+4, DIM '(not set)'
hermes_cli/status.py redact_key — 12-char floor, 4+4, plain '(not set)' ← drift
hermes_cli/dump.py _redact — 12-char floor, 4+4, empty string
The visible bug: 'hermes status' displayed the '(not set)' placeholder
in plain text while 'hermes config' showed it in dim text. Same concept,
inconsistent UI.
Introduces mask_secret() in agent/redact.py as the canonical helper,
with head/tail/floor/placeholder/empty kwargs. The three call sites
become one-line wrappers that differ only in the 'empty' handling:
config.redact_key → mask_secret(k, empty=color('(not set)', Colors.DIM))
status.redact_key → mask_secret(k, empty=color('(not set)', Colors.DIM))
dump._redact → mask_secret(v) # empty → ''
agent.redact._mask_token (log redactor, different policy: 18-char floor,
6+4 visible, '***' on empty) also ports to mask_secret but retains its
own empty-case handling to preserve the historical '***' return.
Net: the three display-time redactors now agree on formatting, the
canonical helper lives in one place, and future tweaks (e.g. adding
bullet-point masking, changing the head/tail widths) happen once.
Verified:
- 3/3 tests/hermes_cli/test_web_server.py::TestRedactKey pass
- 89/89 agent/tests/test_redact.py + tests/tools/test_browser_secret_exfil.py
+ tests/hermes_cli/test_redact_config_bridge.py pass
- Live 'hermes status', 'hermes config', 'hermes dump' all render the
same way they did before (verified against actual env with real
keys: OpenRouter, Firecrawl, Browserbase, FAL, Tinker all show
'prefix...suffix'; Kimi shows '***' at <12 chars; unset shows
'(not set)' uniformly).
Co-authored-by: teknium1 <teknium@users.noreply.github.com>
2026-04-28 21:04:35 -07:00
|
|
|
"""Redact an API key for display.
|
|
|
|
|
|
|
|
|
|
Thin wrapper over :func:`agent.redact.mask_secret`. Preserves the
|
|
|
|
|
"(not set)" placeholder in dim color to match ``hermes config``'s
|
|
|
|
|
output (previously this variant was missing the DIM color —
|
|
|
|
|
consolidated via PR that also introduced ``mask_secret``).
|
|
|
|
|
"""
|
|
|
|
|
from agent.redact import mask_secret
|
|
|
|
|
return mask_secret(key, empty=color("(not set)", Colors.DIM))
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
|
2026-02-20 17:24:00 -08:00
|
|
|
def _format_iso_timestamp(value) -> str:
|
|
|
|
|
"""Format ISO timestamps for status output, converting to local timezone."""
|
|
|
|
|
if not value or not isinstance(value, str):
|
|
|
|
|
return "(unknown)"
|
|
|
|
|
from datetime import datetime, timezone
|
|
|
|
|
text = value.strip()
|
|
|
|
|
if not text:
|
|
|
|
|
return "(unknown)"
|
|
|
|
|
if text.endswith("Z"):
|
|
|
|
|
text = text[:-1] + "+00:00"
|
|
|
|
|
try:
|
|
|
|
|
parsed = datetime.fromisoformat(text)
|
|
|
|
|
if parsed.tzinfo is None:
|
|
|
|
|
parsed = parsed.replace(tzinfo=timezone.utc)
|
|
|
|
|
except Exception:
|
|
|
|
|
return value
|
|
|
|
|
return parsed.astimezone().strftime("%Y-%m-%d %H:%M:%S %Z")
|
|
|
|
|
|
|
|
|
|
|
2026-03-11 19:37:42 +03:00
|
|
|
def _configured_model_label(config: dict) -> str:
|
|
|
|
|
"""Return the configured default model from config.yaml."""
|
|
|
|
|
model_cfg = config.get("model")
|
|
|
|
|
if isinstance(model_cfg, dict):
|
|
|
|
|
model = (model_cfg.get("default") or model_cfg.get("name") or "").strip()
|
|
|
|
|
elif isinstance(model_cfg, str):
|
|
|
|
|
model = model_cfg.strip()
|
|
|
|
|
else:
|
|
|
|
|
model = ""
|
|
|
|
|
return model or "(not set)"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _effective_provider_label() -> str:
|
|
|
|
|
"""Return the provider label matching current CLI runtime resolution."""
|
|
|
|
|
requested = resolve_requested_provider()
|
|
|
|
|
try:
|
|
|
|
|
effective = resolve_provider(requested)
|
|
|
|
|
except AuthError:
|
|
|
|
|
effective = requested or "auto"
|
|
|
|
|
|
|
|
|
|
if effective == "openrouter" and get_env_value("OPENAI_BASE_URL"):
|
|
|
|
|
effective = "custom"
|
|
|
|
|
|
|
|
|
|
return provider_label(effective)
|
|
|
|
|
|
|
|
|
|
|
2026-04-09 14:53:02 -07:00
|
|
|
from hermes_constants import is_termux as _is_termux
|
2026-04-09 09:08:33 +02:00
|
|
|
|
|
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
def show_status(args):
|
|
|
|
|
"""Show status of all Hermes Agent components."""
|
|
|
|
|
show_all = getattr(args, 'all', False)
|
|
|
|
|
deep = getattr(args, 'deep', False)
|
|
|
|
|
|
|
|
|
|
print()
|
|
|
|
|
print(color("┌─────────────────────────────────────────────────────────┐", Colors.CYAN))
|
2026-02-20 21:25:04 -08:00
|
|
|
print(color("│ ⚕ Hermes Agent Status │", Colors.CYAN))
|
2026-02-02 19:01:51 -08:00
|
|
|
print(color("└─────────────────────────────────────────────────────────┘", Colors.CYAN))
|
|
|
|
|
|
|
|
|
|
# =========================================================================
|
|
|
|
|
# Environment
|
|
|
|
|
# =========================================================================
|
|
|
|
|
print()
|
|
|
|
|
print(color("◆ Environment", Colors.CYAN, Colors.BOLD))
|
|
|
|
|
print(f" Project: {PROJECT_ROOT}")
|
|
|
|
|
print(f" Python: {sys.version.split()[0]}")
|
|
|
|
|
|
2026-02-26 16:49:14 +11:00
|
|
|
env_path = get_env_path()
|
2026-02-02 19:01:51 -08:00
|
|
|
print(f" .env file: {check_mark(env_path.exists())} {'exists' if env_path.exists() else 'not found'}")
|
2026-03-11 19:37:42 +03:00
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
config = load_config()
|
|
|
|
|
except Exception:
|
|
|
|
|
config = {}
|
|
|
|
|
|
|
|
|
|
print(f" Model: {_configured_model_label(config)}")
|
|
|
|
|
print(f" Provider: {_effective_provider_label()}")
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
# =========================================================================
|
|
|
|
|
# API Keys
|
|
|
|
|
# =========================================================================
|
|
|
|
|
print()
|
|
|
|
|
print(color("◆ API Keys", Colors.CYAN, Colors.BOLD))
|
|
|
|
|
|
|
|
|
|
keys = {
|
|
|
|
|
"OpenRouter": "OPENROUTER_API_KEY",
|
|
|
|
|
"OpenAI": "OPENAI_API_KEY",
|
feat: add z.ai/GLM, Kimi/Moonshot, MiniMax as first-class providers
Adds 4 new direct API-key providers (zai, kimi-coding, minimax, minimax-cn)
to the inference provider system. All use standard OpenAI-compatible
chat/completions endpoints with Bearer token auth.
Core changes:
- auth.py: Extended ProviderConfig with api_key_env_vars and base_url_env_var
fields. Added providers to PROVIDER_REGISTRY. Added provider aliases
(glm, z-ai, zhipu, kimi, moonshot). Added auto-detection of API-key
providers in resolve_provider(). Added resolve_api_key_provider_credentials()
and get_api_key_provider_status() helpers.
- runtime_provider.py: Added generic API-key provider branch in
resolve_runtime_provider() — any provider with auth_type='api_key'
is automatically handled.
- main.py: Added providers to hermes model menu with generic
_model_flow_api_key_provider() flow. Updated _has_any_provider_configured()
to check all provider env vars. Updated argparse --provider choices.
- setup.py: Added providers to setup wizard with API key prompts and
curated model lists.
- config.py: Added env vars (GLM_API_KEY, KIMI_API_KEY, MINIMAX_API_KEY,
etc.) to OPTIONAL_ENV_VARS.
- status.py: Added API key display and provider status section.
- doctor.py: Added connectivity checks for each provider endpoint.
- cli.py: Updated provider docstrings.
Docs: Updated README.md, .env.example, cli-config.yaml.example,
cli-commands.md, environment-variables.md, configuration.md.
Tests: 50 new tests covering registry, aliases, resolution, auto-detection,
credential resolution, and runtime provider dispatch.
Inspired by PR #33 (numman-ali) which proposed a provider registry approach.
Credit to tars90percent (PR #473) and manuelschipper (PR #420) for related
provider improvements merged earlier in this changeset.
2026-03-06 18:55:12 -08:00
|
|
|
"Z.AI/GLM": "GLM_API_KEY",
|
|
|
|
|
"Kimi": "KIMI_API_KEY",
|
2026-04-22 13:28:01 +05:30
|
|
|
"StepFun Step Plan": "STEPFUN_API_KEY",
|
feat: add z.ai/GLM, Kimi/Moonshot, MiniMax as first-class providers
Adds 4 new direct API-key providers (zai, kimi-coding, minimax, minimax-cn)
to the inference provider system. All use standard OpenAI-compatible
chat/completions endpoints with Bearer token auth.
Core changes:
- auth.py: Extended ProviderConfig with api_key_env_vars and base_url_env_var
fields. Added providers to PROVIDER_REGISTRY. Added provider aliases
(glm, z-ai, zhipu, kimi, moonshot). Added auto-detection of API-key
providers in resolve_provider(). Added resolve_api_key_provider_credentials()
and get_api_key_provider_status() helpers.
- runtime_provider.py: Added generic API-key provider branch in
resolve_runtime_provider() — any provider with auth_type='api_key'
is automatically handled.
- main.py: Added providers to hermes model menu with generic
_model_flow_api_key_provider() flow. Updated _has_any_provider_configured()
to check all provider env vars. Updated argparse --provider choices.
- setup.py: Added providers to setup wizard with API key prompts and
curated model lists.
- config.py: Added env vars (GLM_API_KEY, KIMI_API_KEY, MINIMAX_API_KEY,
etc.) to OPTIONAL_ENV_VARS.
- status.py: Added API key display and provider status section.
- doctor.py: Added connectivity checks for each provider endpoint.
- cli.py: Updated provider docstrings.
Docs: Updated README.md, .env.example, cli-config.yaml.example,
cli-commands.md, environment-variables.md, configuration.md.
Tests: 50 new tests covering registry, aliases, resolution, auto-detection,
credential resolution, and runtime provider dispatch.
Inspired by PR #33 (numman-ali) which proposed a provider registry approach.
Credit to tars90percent (PR #473) and manuelschipper (PR #420) for related
provider improvements merged earlier in this changeset.
2026-03-06 18:55:12 -08:00
|
|
|
"MiniMax": "MINIMAX_API_KEY",
|
|
|
|
|
"MiniMax-CN": "MINIMAX_CN_API_KEY",
|
2026-02-02 19:01:51 -08:00
|
|
|
"Firecrawl": "FIRECRAWL_API_KEY",
|
2026-03-17 04:28:03 -07:00
|
|
|
"Tavily": "TAVILY_API_KEY",
|
feat: switch managed browser provider from Browserbase to Browser Use (#5750)
* feat: switch managed browser provider from Browserbase to Browser Use
The Nous subscription tool gateway now routes browser automation through
Browser Use instead of Browserbase. This commit:
- Adds managed Nous gateway support to BrowserUseProvider (idempotency
keys, X-BB-API-Key auth header, external_call_id persistence)
- Removes managed gateway support from BrowserbaseProvider (now
direct-only via BROWSERBASE_API_KEY/BROWSERBASE_PROJECT_ID)
- Updates browser_tool.py fallback: prefers Browser Use over Browserbase
- Updates nous_subscription.py: gateway vendor 'browser-use', auto-config
sets cloud_provider='browser-use' for new subscribers
- Updates tools_config.py: Nous Subscription entry now uses Browser Use
- Updates setup.py, cli.py, status.py, prompt_builder.py display strings
- Updates all affected tests to match new behavior
Browserbase remains fully functional for users with direct API credentials.
The change only affects the managed/subscription path.
* chore: remove redundant Browser Use hint from system prompt
* fix: upgrade Browser Use provider to v3 API
- Base URL: api/v2 -> api/v3 (v2 is legacy)
- Unified all endpoints to use native Browser Use paths:
- POST /browsers (create session, returns cdpUrl)
- PATCH /browsers/{id} with {action: stop} (close session)
- Removed managed-mode branching that used Browserbase-style
/v1/sessions paths — v3 gateway now supports /browsers directly
- Removed unused managed_mode variable in close_session
* fix(browser-use): use X-Browser-Use-API-Key header for managed mode
The managed gateway expects X-Browser-Use-API-Key, not X-BB-API-Key
(which is a Browserbase-specific header). Using the wrong header caused
a 401 AUTH_ERROR on every managed-mode browser session create.
Simplified _headers() to always use X-Browser-Use-API-Key regardless
of direct vs managed mode.
* fix(nous_subscription): browserbase explicit provider is direct-only
Since managed Nous gateway now routes through Browser Use, the
browserbase explicit provider path should not check managed_browser_available
(which resolves against the browser-use gateway). Simplified to direct-only
with managed=False.
* fix(browser-use): port missing improvements from PR #5605
- CDP URL normalization: resolve HTTP discovery URLs to websocket after
cloud provider create_session() (prevents agent-browser failures)
- Managed session payload: send timeout=5 and proxyCountryCode=us for
gateway-backed sessions (prevents billing overruns)
- Update prompt builder, browser_close schema, and module docstring to
replace remaining Browserbase references with Browser Use
- Dynamic /browser status detection via _get_cloud_provider() instead
of hardcoded env var checks (future-proof for new providers)
- Rename post_setup key from 'browserbase' to 'agent_browser'
- Update setup hint to mention Browser Use alongside Browserbase
- Add tests: CDP normalization, browserbase direct-only guard,
managed browser-use gateway, direct browserbase fallback
---------
Co-authored-by: rob-maron <132852777+rob-maron@users.noreply.github.com>
2026-04-07 22:40:22 +10:00
|
|
|
"Browser Use": "BROWSER_USE_API_KEY", # Optional — local browser works without this
|
|
|
|
|
"Browserbase": "BROWSERBASE_API_KEY", # Optional — direct credentials only
|
2026-02-02 19:01:51 -08:00
|
|
|
"FAL": "FAL_KEY",
|
2026-02-04 09:36:51 -08:00
|
|
|
"Tinker": "TINKER_API_KEY",
|
|
|
|
|
"WandB": "WANDB_API_KEY",
|
2026-02-12 10:05:08 -08:00
|
|
|
"ElevenLabs": "ELEVENLABS_API_KEY",
|
Add Skills Hub — universal skill search, install, and management from online registries
Implements the Hermes Skills Hub with agentskills.io spec compliance,
multi-registry skill discovery, security scanning, and user-driven
management via CLI and /skills slash command.
Core features:
- Security scanner (tools/skills_guard.py): 120 threat patterns across
12 categories, trust-aware install policy (builtin/trusted/community),
structural checks, unicode injection detection, LLM audit pass
- Hub client (tools/skills_hub.py): GitHub, ClawHub, Claude Code
marketplace, and LobeHub source adapters with shared GitHubAuth
(PAT + gh CLI + GitHub App), lock file provenance tracking, quarantine
flow, and unified search across all sources
- CLI interface (hermes_cli/skills_hub.py): search, install, inspect,
list, audit, uninstall, publish (GitHub PR), snapshot export/import,
and tap management — powers both `hermes skills` and `/skills`
Spec conformance (Phase 0):
- Upgraded frontmatter parser to yaml.safe_load with fallback
- Migrated 39 SKILL.md files: tags/related_skills to metadata.hermes.*
- Added assets/ directory support and compatibility/metadata fields
- Excluded .hub/ from skill discovery in skills_tool.py
Updated 13 config/doc files including README, AGENTS.md, .env.example,
setup wizard, doctor, status, pyproject.toml, and docs.
2026-02-18 16:09:05 -08:00
|
|
|
"GitHub": "GITHUB_TOKEN",
|
2026-02-02 19:01:51 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for name, env_var in keys.items():
|
2026-02-26 16:49:14 +11:00
|
|
|
value = get_env_value(env_var) or ""
|
2026-02-02 19:01:51 -08:00
|
|
|
has_key = bool(value)
|
|
|
|
|
display = redact_key(value) if not show_all else value
|
|
|
|
|
print(f" {name:<12} {check_mark(has_key)} {display}")
|
2026-02-20 17:24:00 -08:00
|
|
|
|
refactor: extract shared helpers to deduplicate repeated code patterns (#7917)
* refactor: add shared helper modules for code deduplication
New modules:
- gateway/platforms/helpers.py: MessageDeduplicator, TextBatchAggregator,
strip_markdown, ThreadParticipationTracker, redact_phone
- hermes_cli/cli_output.py: print_info/success/warning/error, prompt helpers
- tools/path_security.py: validate_within_dir, has_traversal_component
- utils.py additions: safe_json_loads, read_json_file, read_jsonl,
append_jsonl, env_str/lower/int/bool helpers
- hermes_constants.py additions: get_config_path, get_skills_dir,
get_logs_dir, get_env_path
* refactor: migrate gateway adapters to shared helpers
- MessageDeduplicator: discord, slack, dingtalk, wecom, weixin, mattermost
- strip_markdown: bluebubbles, feishu, sms
- redact_phone: sms, signal
- ThreadParticipationTracker: discord, matrix
- _acquire/_release_platform_lock: telegram, discord, slack, whatsapp,
signal, weixin
Net -316 lines across 19 files.
* refactor: migrate CLI modules to shared helpers
- tools_config.py: use cli_output print/prompt + curses_radiolist (-117 lines)
- setup.py: use cli_output print helpers + curses_radiolist (-101 lines)
- mcp_config.py: use cli_output prompt (-15 lines)
- memory_setup.py: use curses_radiolist (-86 lines)
Net -263 lines across 5 files.
* refactor: migrate to shared utility helpers
- safe_json_loads: agent/display.py (4 sites)
- get_config_path: skill_utils.py, hermes_logging.py, hermes_time.py
- get_skills_dir: skill_utils.py, prompt_builder.py
- Token estimation dedup: skills_tool.py imports from model_metadata
- Path security: skills_tool, cronjob_tools, skill_manager_tool, credential_files
- Non-atomic YAML writes: doctor.py, config.py now use atomic_yaml_write
- Platform dict: new platforms.py, skills_config + tools_config derive from it
- Anthropic key: new get_anthropic_key() in auth.py, used by doctor/status/config/main
* test: update tests for shared helper migrations
- test_dingtalk: use _dedup.is_duplicate() instead of _is_duplicate()
- test_mattermost: use _dedup instead of _seen_posts/_prune_seen
- test_signal: import redact_phone from helpers instead of signal
- test_discord_connect: _platform_lock_identity instead of _token_lock_identity
- test_telegram_conflict: updated lock error message format
- test_skill_manager_tool: 'escapes' instead of 'boundary' in error msgs
2026-04-11 13:59:52 -07:00
|
|
|
from hermes_cli.auth import get_anthropic_key
|
|
|
|
|
anthropic_value = get_anthropic_key()
|
2026-03-13 02:09:52 -07:00
|
|
|
anthropic_display = redact_key(anthropic_value) if not show_all else anthropic_value
|
|
|
|
|
print(f" {'Anthropic':<12} {check_mark(bool(anthropic_value))} {anthropic_display}")
|
|
|
|
|
|
2026-02-20 17:24:00 -08:00
|
|
|
# =========================================================================
|
|
|
|
|
# Auth Providers (OAuth)
|
|
|
|
|
# =========================================================================
|
|
|
|
|
print()
|
|
|
|
|
print(color("◆ Auth Providers", Colors.CYAN, Colors.BOLD))
|
|
|
|
|
|
|
|
|
|
try:
|
feat(qwen): add Qwen OAuth provider with portal request support
Based on #6079 by @tunamitom with critical fixes and comprehensive tests.
Changes from #6079:
- Fix: sanitization overwrite bug — Qwen message prep now runs AFTER codex
field sanitization, not before (was silently discarding Qwen transforms)
- Fix: missing try/except AuthError in runtime_provider.py — stale Qwen
credentials now fall through to next provider on auto-detect
- Fix: 'qwen' alias conflict — bare 'qwen' stays mapped to 'alibaba'
(DashScope); use 'qwen-portal' or 'qwen-cli' for the OAuth provider
- Fix: hardcoded ['coder-model'] replaced with live API fetch + curated
fallback list (qwen3-coder-plus, qwen3-coder)
- Fix: extract _is_qwen_portal() helper + _qwen_portal_headers() to replace
5 inline 'portal.qwen.ai' string checks and share headers between init
and credential swap
- Fix: add Qwen branch to _apply_client_headers_for_base_url for mid-session
credential swaps
- Fix: remove suspicious TypeError catch blocks around _prompt_provider_choice
- Fix: handle bare string items in content lists (were silently dropped)
- Fix: remove redundant dict() copies after deepcopy in message prep
- Revert: unrelated ai-gateway test mock removal and model_switch.py comment deletion
New tests (30 test functions):
- _qwen_cli_auth_path, _read_qwen_cli_tokens (success + 3 error paths)
- _save_qwen_cli_tokens (roundtrip, parent creation, permissions)
- _qwen_access_token_is_expiring (5 edge cases: fresh, expired, within skew,
None, non-numeric)
- _refresh_qwen_cli_tokens (success, preserve old refresh, 4 error paths,
default expires_in, disk persistence)
- resolve_qwen_runtime_credentials (fresh, auto-refresh, force-refresh,
missing token, env override)
- get_qwen_auth_status (logged in, not logged in)
- Runtime provider resolution (direct, pool entry, alias)
- _build_api_kwargs (metadata, vl_high_resolution_images, message formatting,
max_tokens suppression)
2026-04-08 20:48:21 +05:30
|
|
|
from hermes_cli.auth import get_nous_auth_status, get_codex_auth_status, get_qwen_auth_status
|
2026-02-20 17:24:00 -08:00
|
|
|
nous_status = get_nous_auth_status()
|
2026-02-25 18:20:38 -08:00
|
|
|
codex_status = get_codex_auth_status()
|
feat(qwen): add Qwen OAuth provider with portal request support
Based on #6079 by @tunamitom with critical fixes and comprehensive tests.
Changes from #6079:
- Fix: sanitization overwrite bug — Qwen message prep now runs AFTER codex
field sanitization, not before (was silently discarding Qwen transforms)
- Fix: missing try/except AuthError in runtime_provider.py — stale Qwen
credentials now fall through to next provider on auto-detect
- Fix: 'qwen' alias conflict — bare 'qwen' stays mapped to 'alibaba'
(DashScope); use 'qwen-portal' or 'qwen-cli' for the OAuth provider
- Fix: hardcoded ['coder-model'] replaced with live API fetch + curated
fallback list (qwen3-coder-plus, qwen3-coder)
- Fix: extract _is_qwen_portal() helper + _qwen_portal_headers() to replace
5 inline 'portal.qwen.ai' string checks and share headers between init
and credential swap
- Fix: add Qwen branch to _apply_client_headers_for_base_url for mid-session
credential swaps
- Fix: remove suspicious TypeError catch blocks around _prompt_provider_choice
- Fix: handle bare string items in content lists (were silently dropped)
- Fix: remove redundant dict() copies after deepcopy in message prep
- Revert: unrelated ai-gateway test mock removal and model_switch.py comment deletion
New tests (30 test functions):
- _qwen_cli_auth_path, _read_qwen_cli_tokens (success + 3 error paths)
- _save_qwen_cli_tokens (roundtrip, parent creation, permissions)
- _qwen_access_token_is_expiring (5 edge cases: fresh, expired, within skew,
None, non-numeric)
- _refresh_qwen_cli_tokens (success, preserve old refresh, 4 error paths,
default expires_in, disk persistence)
- resolve_qwen_runtime_credentials (fresh, auto-refresh, force-refresh,
missing token, env override)
- get_qwen_auth_status (logged in, not logged in)
- Runtime provider resolution (direct, pool entry, alias)
- _build_api_kwargs (metadata, vl_high_resolution_images, message formatting,
max_tokens suppression)
2026-04-08 20:48:21 +05:30
|
|
|
qwen_status = get_qwen_auth_status()
|
2026-02-20 17:24:00 -08:00
|
|
|
except Exception:
|
|
|
|
|
nous_status = {}
|
2026-02-25 18:20:38 -08:00
|
|
|
codex_status = {}
|
feat(qwen): add Qwen OAuth provider with portal request support
Based on #6079 by @tunamitom with critical fixes and comprehensive tests.
Changes from #6079:
- Fix: sanitization overwrite bug — Qwen message prep now runs AFTER codex
field sanitization, not before (was silently discarding Qwen transforms)
- Fix: missing try/except AuthError in runtime_provider.py — stale Qwen
credentials now fall through to next provider on auto-detect
- Fix: 'qwen' alias conflict — bare 'qwen' stays mapped to 'alibaba'
(DashScope); use 'qwen-portal' or 'qwen-cli' for the OAuth provider
- Fix: hardcoded ['coder-model'] replaced with live API fetch + curated
fallback list (qwen3-coder-plus, qwen3-coder)
- Fix: extract _is_qwen_portal() helper + _qwen_portal_headers() to replace
5 inline 'portal.qwen.ai' string checks and share headers between init
and credential swap
- Fix: add Qwen branch to _apply_client_headers_for_base_url for mid-session
credential swaps
- Fix: remove suspicious TypeError catch blocks around _prompt_provider_choice
- Fix: handle bare string items in content lists (were silently dropped)
- Fix: remove redundant dict() copies after deepcopy in message prep
- Revert: unrelated ai-gateway test mock removal and model_switch.py comment deletion
New tests (30 test functions):
- _qwen_cli_auth_path, _read_qwen_cli_tokens (success + 3 error paths)
- _save_qwen_cli_tokens (roundtrip, parent creation, permissions)
- _qwen_access_token_is_expiring (5 edge cases: fresh, expired, within skew,
None, non-numeric)
- _refresh_qwen_cli_tokens (success, preserve old refresh, 4 error paths,
default expires_in, disk persistence)
- resolve_qwen_runtime_credentials (fresh, auto-refresh, force-refresh,
missing token, env override)
- get_qwen_auth_status (logged in, not logged in)
- Runtime provider resolution (direct, pool entry, alias)
- _build_api_kwargs (metadata, vl_high_resolution_images, message formatting,
max_tokens suppression)
2026-04-08 20:48:21 +05:30
|
|
|
qwen_status = {}
|
2026-02-20 17:24:00 -08:00
|
|
|
|
|
|
|
|
nous_logged_in = bool(nous_status.get("logged_in"))
|
2026-04-23 19:47:35 +02:00
|
|
|
nous_error = nous_status.get("error")
|
|
|
|
|
nous_label = "logged in" if nous_logged_in else "not logged in (run: hermes auth add nous --type oauth)"
|
2026-02-20 17:24:00 -08:00
|
|
|
print(
|
|
|
|
|
f" {'Nous Portal':<12} {check_mark(nous_logged_in)} "
|
2026-04-23 19:47:35 +02:00
|
|
|
f"{nous_label}"
|
2026-02-20 17:24:00 -08:00
|
|
|
)
|
2026-04-23 19:47:35 +02:00
|
|
|
portal_url = nous_status.get("portal_base_url") or "(unknown)"
|
|
|
|
|
access_exp = _format_iso_timestamp(nous_status.get("access_expires_at"))
|
|
|
|
|
key_exp = _format_iso_timestamp(nous_status.get("agent_key_expires_at"))
|
|
|
|
|
refresh_label = "yes" if nous_status.get("has_refresh_token") else "no"
|
|
|
|
|
if nous_logged_in or portal_url != "(unknown)" or nous_error:
|
2026-02-20 17:24:00 -08:00
|
|
|
print(f" Portal URL: {portal_url}")
|
2026-04-23 19:47:35 +02:00
|
|
|
if nous_logged_in or nous_status.get("access_expires_at"):
|
2026-02-20 17:24:00 -08:00
|
|
|
print(f" Access exp: {access_exp}")
|
2026-04-23 19:47:35 +02:00
|
|
|
if nous_logged_in or nous_status.get("agent_key_expires_at"):
|
2026-02-20 17:24:00 -08:00
|
|
|
print(f" Key exp: {key_exp}")
|
2026-04-23 19:47:35 +02:00
|
|
|
if nous_logged_in or nous_status.get("has_refresh_token"):
|
2026-02-20 17:24:00 -08:00
|
|
|
print(f" Refresh: {refresh_label}")
|
2026-04-23 19:47:35 +02:00
|
|
|
if nous_error and not nous_logged_in:
|
|
|
|
|
print(f" Error: {nous_error}")
|
2026-02-20 17:24:00 -08:00
|
|
|
|
2026-02-25 18:20:38 -08:00
|
|
|
codex_logged_in = bool(codex_status.get("logged_in"))
|
|
|
|
|
print(
|
|
|
|
|
f" {'OpenAI Codex':<12} {check_mark(codex_logged_in)} "
|
2026-02-28 21:47:51 -08:00
|
|
|
f"{'logged in' if codex_logged_in else 'not logged in (run: hermes model)'}"
|
2026-02-25 18:20:38 -08:00
|
|
|
)
|
2026-03-05 21:27:12 +03:00
|
|
|
codex_auth_file = codex_status.get("auth_store")
|
2026-02-25 18:20:38 -08:00
|
|
|
if codex_auth_file:
|
|
|
|
|
print(f" Auth file: {codex_auth_file}")
|
|
|
|
|
codex_last_refresh = _format_iso_timestamp(codex_status.get("last_refresh"))
|
|
|
|
|
if codex_status.get("last_refresh"):
|
|
|
|
|
print(f" Refreshed: {codex_last_refresh}")
|
|
|
|
|
if codex_status.get("error") and not codex_logged_in:
|
|
|
|
|
print(f" Error: {codex_status.get('error')}")
|
|
|
|
|
|
feat(qwen): add Qwen OAuth provider with portal request support
Based on #6079 by @tunamitom with critical fixes and comprehensive tests.
Changes from #6079:
- Fix: sanitization overwrite bug — Qwen message prep now runs AFTER codex
field sanitization, not before (was silently discarding Qwen transforms)
- Fix: missing try/except AuthError in runtime_provider.py — stale Qwen
credentials now fall through to next provider on auto-detect
- Fix: 'qwen' alias conflict — bare 'qwen' stays mapped to 'alibaba'
(DashScope); use 'qwen-portal' or 'qwen-cli' for the OAuth provider
- Fix: hardcoded ['coder-model'] replaced with live API fetch + curated
fallback list (qwen3-coder-plus, qwen3-coder)
- Fix: extract _is_qwen_portal() helper + _qwen_portal_headers() to replace
5 inline 'portal.qwen.ai' string checks and share headers between init
and credential swap
- Fix: add Qwen branch to _apply_client_headers_for_base_url for mid-session
credential swaps
- Fix: remove suspicious TypeError catch blocks around _prompt_provider_choice
- Fix: handle bare string items in content lists (were silently dropped)
- Fix: remove redundant dict() copies after deepcopy in message prep
- Revert: unrelated ai-gateway test mock removal and model_switch.py comment deletion
New tests (30 test functions):
- _qwen_cli_auth_path, _read_qwen_cli_tokens (success + 3 error paths)
- _save_qwen_cli_tokens (roundtrip, parent creation, permissions)
- _qwen_access_token_is_expiring (5 edge cases: fresh, expired, within skew,
None, non-numeric)
- _refresh_qwen_cli_tokens (success, preserve old refresh, 4 error paths,
default expires_in, disk persistence)
- resolve_qwen_runtime_credentials (fresh, auto-refresh, force-refresh,
missing token, env override)
- get_qwen_auth_status (logged in, not logged in)
- Runtime provider resolution (direct, pool entry, alias)
- _build_api_kwargs (metadata, vl_high_resolution_images, message formatting,
max_tokens suppression)
2026-04-08 20:48:21 +05:30
|
|
|
qwen_logged_in = bool(qwen_status.get("logged_in"))
|
|
|
|
|
print(
|
|
|
|
|
f" {'Qwen OAuth':<12} {check_mark(qwen_logged_in)} "
|
|
|
|
|
f"{'logged in' if qwen_logged_in else 'not logged in (run: qwen auth qwen-oauth)'}"
|
|
|
|
|
)
|
|
|
|
|
qwen_auth_file = qwen_status.get("auth_file")
|
|
|
|
|
if qwen_auth_file:
|
|
|
|
|
print(f" Auth file: {qwen_auth_file}")
|
|
|
|
|
qwen_exp = qwen_status.get("expires_at_ms")
|
|
|
|
|
if qwen_exp:
|
|
|
|
|
from datetime import datetime, timezone
|
|
|
|
|
print(f" Access exp: {datetime.fromtimestamp(int(qwen_exp) / 1000, tz=timezone.utc).isoformat()}")
|
|
|
|
|
if qwen_status.get("error") and not qwen_logged_in:
|
|
|
|
|
print(f" Error: {qwen_status.get('error')}")
|
|
|
|
|
|
2026-03-26 15:27:27 -07:00
|
|
|
# =========================================================================
|
|
|
|
|
# Nous Subscription Features
|
|
|
|
|
# =========================================================================
|
2026-03-30 13:28:10 +09:00
|
|
|
if managed_nous_tools_enabled():
|
|
|
|
|
features = get_nous_subscription_features(config)
|
|
|
|
|
print()
|
feat: ungate Tool Gateway — subscription-based access with per-tool opt-in
Replace the HERMES_ENABLE_NOUS_MANAGED_TOOLS env-var feature flag with
subscription-based detection. The Tool Gateway is now available to any
paid Nous subscriber without needing a hidden env var.
Core changes:
- managed_nous_tools_enabled() checks get_nous_auth_status() +
check_nous_free_tier() instead of an env var
- New use_gateway config flag per tool section (web, tts, browser,
image_gen) records explicit user opt-in and overrides direct API
keys at runtime
- New prefers_gateway(section) shared helper in tool_backend_helpers.py
used by all 4 tool runtimes (web, tts, image gen, browser)
UX flow:
- hermes model: after Nous login/model selection, shows a curses
prompt listing all gateway-eligible tools with current status.
User chooses to enable all, enable only unconfigured tools, or skip.
Defaults to Enable for new users, Skip when direct keys exist.
- hermes tools: provider selection now manages use_gateway flag —
selecting Nous Subscription sets it, selecting any other provider
clears it
- hermes status: renamed section to Nous Tool Gateway, added
free-tier upgrade nudge for logged-in free users
- curses_radiolist: new description parameter for multi-line context
that survives the screen clear
Runtime behavior:
- Each tool runtime (web_tools, tts_tool, image_generation_tool,
browser_use) checks prefers_gateway() before falling back to
direct env-var credentials
- get_nous_subscription_features() respects use_gateway flags,
suppressing direct credential detection when the user opted in
Removed:
- HERMES_ENABLE_NOUS_MANAGED_TOOLS env var and all references
- apply_nous_provider_defaults() silent TTS auto-set
- get_nous_subscription_explainer_lines() static text
- Override env var warnings (use_gateway handles this properly now)
2026-04-16 01:59:51 -04:00
|
|
|
print(color("◆ Nous Tool Gateway", Colors.CYAN, Colors.BOLD))
|
2026-03-30 13:28:10 +09:00
|
|
|
if not features.nous_auth_present:
|
|
|
|
|
print(" Nous Portal ✗ not logged in")
|
2026-03-26 15:27:27 -07:00
|
|
|
else:
|
2026-03-30 13:28:10 +09:00
|
|
|
print(" Nous Portal ✓ managed tools available")
|
|
|
|
|
for feature in features.items():
|
|
|
|
|
if feature.managed_by_nous:
|
|
|
|
|
state = "active via Nous subscription"
|
|
|
|
|
elif feature.active:
|
|
|
|
|
current = feature.current_provider or "configured provider"
|
|
|
|
|
state = f"active via {current}"
|
|
|
|
|
elif feature.included_by_default and features.nous_auth_present:
|
|
|
|
|
state = "included by subscription, not currently selected"
|
|
|
|
|
elif feature.key == "modal" and features.nous_auth_present:
|
|
|
|
|
state = "available via subscription (optional)"
|
|
|
|
|
else:
|
|
|
|
|
state = "not configured"
|
|
|
|
|
print(f" {feature.label:<15} {check_mark(feature.available or feature.active or feature.managed_by_nous)} {state}")
|
feat: ungate Tool Gateway — subscription-based access with per-tool opt-in
Replace the HERMES_ENABLE_NOUS_MANAGED_TOOLS env-var feature flag with
subscription-based detection. The Tool Gateway is now available to any
paid Nous subscriber without needing a hidden env var.
Core changes:
- managed_nous_tools_enabled() checks get_nous_auth_status() +
check_nous_free_tier() instead of an env var
- New use_gateway config flag per tool section (web, tts, browser,
image_gen) records explicit user opt-in and overrides direct API
keys at runtime
- New prefers_gateway(section) shared helper in tool_backend_helpers.py
used by all 4 tool runtimes (web, tts, image gen, browser)
UX flow:
- hermes model: after Nous login/model selection, shows a curses
prompt listing all gateway-eligible tools with current status.
User chooses to enable all, enable only unconfigured tools, or skip.
Defaults to Enable for new users, Skip when direct keys exist.
- hermes tools: provider selection now manages use_gateway flag —
selecting Nous Subscription sets it, selecting any other provider
clears it
- hermes status: renamed section to Nous Tool Gateway, added
free-tier upgrade nudge for logged-in free users
- curses_radiolist: new description parameter for multi-line context
that survives the screen clear
Runtime behavior:
- Each tool runtime (web_tools, tts_tool, image_generation_tool,
browser_use) checks prefers_gateway() before falling back to
direct env-var credentials
- get_nous_subscription_features() respects use_gateway flags,
suppressing direct credential detection when the user opted in
Removed:
- HERMES_ENABLE_NOUS_MANAGED_TOOLS env var and all references
- apply_nous_provider_defaults() silent TTS auto-set
- get_nous_subscription_explainer_lines() static text
- Override env var warnings (use_gateway handles this properly now)
2026-04-16 01:59:51 -04:00
|
|
|
elif nous_logged_in:
|
|
|
|
|
# Logged into Nous but on the free tier — show upgrade nudge
|
|
|
|
|
print()
|
|
|
|
|
print(color("◆ Nous Tool Gateway", Colors.CYAN, Colors.BOLD))
|
|
|
|
|
print(" Your free-tier Nous account does not include Tool Gateway access.")
|
|
|
|
|
print(" Upgrade your subscription to unlock managed web, image, TTS, and browser tools.")
|
|
|
|
|
try:
|
|
|
|
|
portal_url = nous_status.get("portal_base_url", "").rstrip("/")
|
|
|
|
|
if portal_url:
|
|
|
|
|
print(f" Upgrade: {portal_url}")
|
|
|
|
|
except Exception:
|
|
|
|
|
pass
|
2026-03-26 15:27:27 -07:00
|
|
|
|
feat: add z.ai/GLM, Kimi/Moonshot, MiniMax as first-class providers
Adds 4 new direct API-key providers (zai, kimi-coding, minimax, minimax-cn)
to the inference provider system. All use standard OpenAI-compatible
chat/completions endpoints with Bearer token auth.
Core changes:
- auth.py: Extended ProviderConfig with api_key_env_vars and base_url_env_var
fields. Added providers to PROVIDER_REGISTRY. Added provider aliases
(glm, z-ai, zhipu, kimi, moonshot). Added auto-detection of API-key
providers in resolve_provider(). Added resolve_api_key_provider_credentials()
and get_api_key_provider_status() helpers.
- runtime_provider.py: Added generic API-key provider branch in
resolve_runtime_provider() — any provider with auth_type='api_key'
is automatically handled.
- main.py: Added providers to hermes model menu with generic
_model_flow_api_key_provider() flow. Updated _has_any_provider_configured()
to check all provider env vars. Updated argparse --provider choices.
- setup.py: Added providers to setup wizard with API key prompts and
curated model lists.
- config.py: Added env vars (GLM_API_KEY, KIMI_API_KEY, MINIMAX_API_KEY,
etc.) to OPTIONAL_ENV_VARS.
- status.py: Added API key display and provider status section.
- doctor.py: Added connectivity checks for each provider endpoint.
- cli.py: Updated provider docstrings.
Docs: Updated README.md, .env.example, cli-config.yaml.example,
cli-commands.md, environment-variables.md, configuration.md.
Tests: 50 new tests covering registry, aliases, resolution, auto-detection,
credential resolution, and runtime provider dispatch.
Inspired by PR #33 (numman-ali) which proposed a provider registry approach.
Credit to tars90percent (PR #473) and manuelschipper (PR #420) for related
provider improvements merged earlier in this changeset.
2026-03-06 18:55:12 -08:00
|
|
|
# =========================================================================
|
|
|
|
|
# API-Key Providers
|
|
|
|
|
# =========================================================================
|
|
|
|
|
print()
|
|
|
|
|
print(color("◆ API-Key Providers", Colors.CYAN, Colors.BOLD))
|
|
|
|
|
|
|
|
|
|
apikey_providers = {
|
|
|
|
|
"Z.AI / GLM": ("GLM_API_KEY", "ZAI_API_KEY", "Z_AI_API_KEY"),
|
|
|
|
|
"Kimi / Moonshot": ("KIMI_API_KEY",),
|
2026-04-22 13:28:01 +05:30
|
|
|
"StepFun Step Plan": ("STEPFUN_API_KEY",),
|
feat: add z.ai/GLM, Kimi/Moonshot, MiniMax as first-class providers
Adds 4 new direct API-key providers (zai, kimi-coding, minimax, minimax-cn)
to the inference provider system. All use standard OpenAI-compatible
chat/completions endpoints with Bearer token auth.
Core changes:
- auth.py: Extended ProviderConfig with api_key_env_vars and base_url_env_var
fields. Added providers to PROVIDER_REGISTRY. Added provider aliases
(glm, z-ai, zhipu, kimi, moonshot). Added auto-detection of API-key
providers in resolve_provider(). Added resolve_api_key_provider_credentials()
and get_api_key_provider_status() helpers.
- runtime_provider.py: Added generic API-key provider branch in
resolve_runtime_provider() — any provider with auth_type='api_key'
is automatically handled.
- main.py: Added providers to hermes model menu with generic
_model_flow_api_key_provider() flow. Updated _has_any_provider_configured()
to check all provider env vars. Updated argparse --provider choices.
- setup.py: Added providers to setup wizard with API key prompts and
curated model lists.
- config.py: Added env vars (GLM_API_KEY, KIMI_API_KEY, MINIMAX_API_KEY,
etc.) to OPTIONAL_ENV_VARS.
- status.py: Added API key display and provider status section.
- doctor.py: Added connectivity checks for each provider endpoint.
- cli.py: Updated provider docstrings.
Docs: Updated README.md, .env.example, cli-config.yaml.example,
cli-commands.md, environment-variables.md, configuration.md.
Tests: 50 new tests covering registry, aliases, resolution, auto-detection,
credential resolution, and runtime provider dispatch.
Inspired by PR #33 (numman-ali) which proposed a provider registry approach.
Credit to tars90percent (PR #473) and manuelschipper (PR #420) for related
provider improvements merged earlier in this changeset.
2026-03-06 18:55:12 -08:00
|
|
|
"MiniMax": ("MINIMAX_API_KEY",),
|
|
|
|
|
"MiniMax (China)": ("MINIMAX_CN_API_KEY",),
|
|
|
|
|
}
|
|
|
|
|
for pname, env_vars in apikey_providers.items():
|
|
|
|
|
key_val = ""
|
|
|
|
|
for ev in env_vars:
|
|
|
|
|
key_val = get_env_value(ev) or ""
|
|
|
|
|
if key_val:
|
|
|
|
|
break
|
|
|
|
|
configured = bool(key_val)
|
|
|
|
|
label = "configured" if configured else "not configured (run: hermes model)"
|
|
|
|
|
print(f" {pname:<16} {check_mark(configured)} {label}")
|
|
|
|
|
|
2026-04-25 12:30:55 -04:00
|
|
|
# LM Studio reachability — only probe when it's the active provider so
|
|
|
|
|
# users with foreign configs don't see noise. Auth rejection vs. silent
|
|
|
|
|
# empty list is the most common LM Studio support case.
|
|
|
|
|
if _effective_provider_label() == "LM Studio":
|
|
|
|
|
from hermes_cli.models import probe_lmstudio_models
|
|
|
|
|
model_cfg = config.get("model")
|
|
|
|
|
base = (model_cfg.get("base_url") if isinstance(model_cfg, dict) else None) or get_env_value("LM_BASE_URL") or "http://127.0.0.1:1234/v1"
|
|
|
|
|
try:
|
|
|
|
|
models = probe_lmstudio_models(api_key=get_env_value("LM_API_KEY") or "", base_url=base, timeout=1.5)
|
|
|
|
|
if models is None:
|
|
|
|
|
ok, msg = False, f"unreachable at {base}"
|
|
|
|
|
else:
|
|
|
|
|
ok, msg = True, f"reachable ({len(models)} model(s)) at {base}"
|
|
|
|
|
except AuthError:
|
|
|
|
|
ok, msg = False, "auth rejected — set LM_API_KEY"
|
|
|
|
|
print(f" {'LM Studio':<16} {check_mark(ok)} {msg}")
|
|
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
# =========================================================================
|
|
|
|
|
# Terminal Configuration
|
|
|
|
|
# =========================================================================
|
|
|
|
|
print()
|
|
|
|
|
print(color("◆ Terminal Backend", Colors.CYAN, Colors.BOLD))
|
|
|
|
|
|
2026-04-29 18:20:53 +05:30
|
|
|
terminal_cfg = config.get("terminal", {}) if isinstance(config.get("terminal"), dict) else {}
|
2026-02-16 19:47:23 -08:00
|
|
|
terminal_env = os.getenv("TERMINAL_ENV", "")
|
|
|
|
|
if not terminal_env:
|
2026-04-29 18:20:53 +05:30
|
|
|
terminal_env = terminal_cfg.get("backend", "local")
|
2026-02-02 19:01:51 -08:00
|
|
|
print(f" Backend: {terminal_env}")
|
|
|
|
|
|
|
|
|
|
if terminal_env == "ssh":
|
|
|
|
|
ssh_host = os.getenv("TERMINAL_SSH_HOST", "")
|
|
|
|
|
ssh_user = os.getenv("TERMINAL_SSH_USER", "")
|
|
|
|
|
print(f" SSH Host: {ssh_host or '(not set)'}")
|
|
|
|
|
print(f" SSH User: {ssh_user or '(not set)'}")
|
|
|
|
|
elif terminal_env == "docker":
|
|
|
|
|
docker_image = os.getenv("TERMINAL_DOCKER_IMAGE", "python:3.11-slim")
|
|
|
|
|
print(f" Docker Image: {docker_image}")
|
2026-03-05 00:44:39 -08:00
|
|
|
elif terminal_env == "daytona":
|
|
|
|
|
daytona_image = os.getenv("TERMINAL_DAYTONA_IMAGE", "nikolaik/python-nodejs:python3.11-nodejs20")
|
|
|
|
|
print(f" Daytona Image: {daytona_image}")
|
2026-04-29 18:20:53 +05:30
|
|
|
elif terminal_env == "vercel_sandbox":
|
|
|
|
|
runtime = os.getenv("TERMINAL_VERCEL_RUNTIME") or terminal_cfg.get("vercel_runtime") or "node24"
|
|
|
|
|
persist = os.getenv("TERMINAL_CONTAINER_PERSISTENT")
|
|
|
|
|
if persist is None:
|
|
|
|
|
persist_enabled = bool(terminal_cfg.get("container_persistent", True))
|
|
|
|
|
else:
|
|
|
|
|
persist_enabled = persist.lower() in ("1", "true", "yes", "on")
|
|
|
|
|
auth_status = describe_vercel_auth()
|
|
|
|
|
sdk_ok = importlib.util.find_spec("vercel") is not None
|
|
|
|
|
sdk_label = "installed" if sdk_ok else "missing (install: pip install 'hermes-agent[vercel]')"
|
|
|
|
|
print(f" Runtime: {runtime}")
|
|
|
|
|
print(f" SDK: {check_mark(sdk_ok)} {sdk_label}")
|
|
|
|
|
print(f" Auth: {check_mark(auth_status.ok)} {auth_status.label}")
|
|
|
|
|
for line in auth_status.detail_lines:
|
|
|
|
|
print(f" Auth detail: {line}")
|
|
|
|
|
print(f" Persistence: {'snapshot filesystem' if persist_enabled else 'ephemeral filesystem'}")
|
|
|
|
|
print(" Processes: live processes do not survive cleanup, snapshots, or sandbox recreation")
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
sudo_password = os.getenv("SUDO_PASSWORD", "")
|
|
|
|
|
print(f" Sudo: {check_mark(bool(sudo_password))} {'enabled' if sudo_password else 'disabled'}")
|
|
|
|
|
|
|
|
|
|
# =========================================================================
|
|
|
|
|
# Messaging Platforms
|
|
|
|
|
# =========================================================================
|
|
|
|
|
print()
|
|
|
|
|
print(color("◆ Messaging Platforms", Colors.CYAN, Colors.BOLD))
|
|
|
|
|
|
|
|
|
|
platforms = {
|
|
|
|
|
"Telegram": ("TELEGRAM_BOT_TOKEN", "TELEGRAM_HOME_CHANNEL"),
|
|
|
|
|
"Discord": ("DISCORD_BOT_TOKEN", "DISCORD_HOME_CHANNEL"),
|
|
|
|
|
"WhatsApp": ("WHATSAPP_ENABLED", None),
|
fix: Signal adapter parity pass — integration gaps, clawdbot features, env var simplification
Integration gaps fixed (7 files missing Signal):
- cron/scheduler.py: Signal in platform_map (cron delivery was broken)
- agent/prompt_builder.py: PLATFORM_HINTS for Signal (agent knows it's on Signal)
- toolsets.py: hermes-signal toolset + added to hermes-gateway composite
- hermes_cli/status.py: Signal + Slack in platform status display
- tools/send_message_tool.py: Signal example in target description
- tools/cronjob_tools.py: Signal in delivery option docs + schema
- gateway/channel_directory.py: Signal in session-based channel discovery
Clawdbot parity features added to signal.py:
- Self-message filtering: prevents reply loops by checking sender != account
- SyncMessage filtering: ignores sync envelopes (sent transcripts, read receipts)
- Edit message support: reads dataMessage from editMessage envelope
- Mention rendering: replaces \uFFFC placeholders with @identifier text
- Jitter in SSE reconnection backoff (20% randomization, prevents thundering herd)
Env var simplification (7 → 4):
- Removed SIGNAL_DM_POLICY (DM auth follows standard platform pattern via
SIGNAL_ALLOWED_USERS + DM pairing, same as Telegram/Discord)
- Removed SIGNAL_GROUP_POLICY (derived from SIGNAL_GROUP_ALLOWED_USERS:
not set = disabled, set with IDs = allowlist, set with * = open)
- Removed SIGNAL_DEBUG (was setting root logger, removed entirely)
- Remaining: SIGNAL_HTTP_URL, SIGNAL_ACCOUNT (required),
SIGNAL_ALLOWED_USERS, SIGNAL_GROUP_ALLOWED_USERS (optional)
Updated all docs (website, AGENTS.md, signal.md) to match.
2026-03-08 21:00:21 -07:00
|
|
|
"Signal": ("SIGNAL_HTTP_URL", "SIGNAL_HOME_CHANNEL"),
|
|
|
|
|
"Slack": ("SLACK_BOT_TOKEN", None),
|
feat: add email gateway platform (IMAP/SMTP)
Allow users to interact with Hermes by sending and receiving emails.
Uses IMAP polling for incoming messages and SMTP for replies with
proper threading (In-Reply-To, References headers).
Integrates with all 14 gateway extension points: config, adapter
factory, authorization, send_message tool, cron delivery, toolsets,
prompt hints, channel directory, setup wizard, status display, and
env example.
65 tests covering config, parsing, dispatch, threading, IMAP fetch,
SMTP send, attachments, and all integration points.
2026-03-10 03:15:38 +03:00
|
|
|
"Email": ("EMAIL_ADDRESS", "EMAIL_HOME_ADDRESS"),
|
feat: add SMS (Twilio) platform adapter
Add SMS as a first-class messaging platform via the Twilio API.
Shares credentials with the existing telephony skill — same
TWILIO_ACCOUNT_SID, TWILIO_AUTH_TOKEN, TWILIO_PHONE_NUMBER env vars.
Adapter (gateway/platforms/sms.py):
- aiohttp webhook server for inbound (Twilio form-encoded POSTs)
- Twilio REST API with Basic auth for outbound
- Markdown stripping, smart chunking at 1600 chars
- Echo loop prevention, phone number redaction in logs
Integration (13 files):
- gateway config, run, channel_directory
- agent prompt_builder (SMS platform hint)
- cron scheduler, cronjob tools
- send_message_tool (_send_sms via Twilio API)
- toolsets (hermes-sms + hermes-gateway)
- gateway setup wizard, status display
- pyproject.toml (sms optional extra)
- 21 tests
Docs:
- website/docs/user-guide/messaging/sms.md (full setup guide)
- Updated messaging index (architecture, toolsets, security, links)
- Updated environment-variables.md reference
Inspired by PR #1575 (@sunsakis), rewritten for Twilio.
2026-03-17 03:14:53 -07:00
|
|
|
"SMS": ("TWILIO_ACCOUNT_SID", "SMS_HOME_CHANNEL"),
|
2026-03-29 21:29:13 -07:00
|
|
|
"DingTalk": ("DINGTALK_CLIENT_ID", None),
|
|
|
|
|
"Feishu": ("FEISHU_APP_ID", "FEISHU_HOME_CHANNEL"),
|
|
|
|
|
"WeCom": ("WECOM_BOT_ID", "WECOM_HOME_CHANNEL"),
|
docs: add platform adapter developer guide + WeCom Callback docs (#7969)
Add the missing 'Adding a Platform Adapter' developer guide — a
comprehensive step-by-step checklist covering all 20+ integration
points (enum, adapter, config, runner, CLI, tools, toolsets, cron,
webhooks, tests, and docs). Includes common patterns for long-poll,
callback/webhook, and token-lock adapters with reference implementations.
Also adds full docs coverage for the WeCom Callback platform:
- New docs page: user-guide/messaging/wecom-callback.md
- Environment variables reference (9 WECOM_CALLBACK_* vars)
- Toolsets reference (hermes-wecom-callback)
- Messaging index (comparison table, architecture diagram, toolsets,
security, next-steps links)
- Integrations index listing
- Sidebar entries for both new pages
2026-04-11 15:50:54 -07:00
|
|
|
"WeCom Callback": ("WECOM_CALLBACK_CORP_ID", None),
|
2026-04-10 05:20:20 -07:00
|
|
|
"Weixin": ("WEIXIN_ACCOUNT_ID", "WEIXIN_HOME_CHANNEL"),
|
feat(gateway): add BlueBubbles iMessage platform adapter (#6437)
Adds Apple iMessage as a gateway platform via BlueBubbles macOS server.
Architecture:
- Webhook-based inbound (event-driven, no polling/dedup needed)
- Email/phone → chat GUID resolution for user-friendly addressing
- Private API safety (checks helper_connected before tapback/typing)
- Inbound attachment downloading (images, audio, documents cached locally)
- Markdown stripping for clean iMessage delivery
- Smart progress suppression for platforms without message editing
Based on PR #5869 by @benjaminsehl (webhook architecture, GUID resolution,
Private API safety, progress suppression) with inbound attachment downloading
from PR #4588 by @1960697431 (attachment cache routing).
Integration points: Platform enum, env config, adapter factory, auth maps,
cron delivery, send_message routing, channel directory, platform hints,
toolset definition, setup wizard, status display.
27 tests covering config, adapter, webhook parsing, GUID resolution,
attachment download routing, toolset consistency, and prompt hints.
2026-04-08 23:54:03 -07:00
|
|
|
"BlueBubbles": ("BLUEBUBBLES_SERVER_URL", "BLUEBUBBLES_HOME_CHANNEL"),
|
2026-04-26 18:50:49 -07:00
|
|
|
"QQBot": ("QQ_APP_ID", "QQ_HOME_CHANNEL"),
|
|
|
|
|
"Yuanbao": ("YUANBAO_APP_ID", "YUANBAO_HOME_CHANNEL"),
|
2026-02-02 19:01:51 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for name, (token_var, home_var) in platforms.items():
|
|
|
|
|
token = os.getenv(token_var, "")
|
|
|
|
|
has_token = bool(token)
|
|
|
|
|
|
|
|
|
|
home_channel = ""
|
|
|
|
|
if home_var:
|
|
|
|
|
home_channel = os.getenv(home_var, "")
|
2026-04-17 15:29:15 -07:00
|
|
|
# Back-compat: QQBot home channel was renamed from QQ_HOME_CHANNEL to QQBOT_HOME_CHANNEL
|
|
|
|
|
if not home_channel and home_var == "QQBOT_HOME_CHANNEL":
|
|
|
|
|
home_channel = os.getenv("QQ_HOME_CHANNEL", "")
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
status = "configured" if has_token else "not configured"
|
|
|
|
|
if home_channel:
|
|
|
|
|
status += f" (home: {home_channel})"
|
|
|
|
|
|
|
|
|
|
print(f" {name:<12} {check_mark(has_token)} {status}")
|
|
|
|
|
|
|
|
|
|
# =========================================================================
|
|
|
|
|
# Gateway Status
|
|
|
|
|
# =========================================================================
|
|
|
|
|
print()
|
|
|
|
|
print(color("◆ Gateway Service", Colors.CYAN, Colors.BOLD))
|
2026-04-16 13:16:02 -04:00
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
from hermes_cli.gateway import get_gateway_runtime_snapshot, _format_gateway_pids
|
|
|
|
|
|
|
|
|
|
snapshot = get_gateway_runtime_snapshot()
|
|
|
|
|
is_running = snapshot.running
|
2026-04-09 09:08:33 +02:00
|
|
|
print(f" Status: {check_mark(is_running)} {'running' if is_running else 'stopped'}")
|
2026-04-16 13:16:02 -04:00
|
|
|
print(f" Manager: {snapshot.manager}")
|
|
|
|
|
if snapshot.gateway_pids:
|
|
|
|
|
print(f" PID(s): {_format_gateway_pids(snapshot.gateway_pids)}")
|
|
|
|
|
if snapshot.has_process_service_mismatch:
|
|
|
|
|
print(" Service: installed but not managing the current running gateway")
|
|
|
|
|
elif _is_termux() and not snapshot.gateway_pids:
|
2026-04-09 09:08:33 +02:00
|
|
|
print(" Start with: hermes gateway")
|
|
|
|
|
print(" Note: Android may stop background jobs when Termux is suspended")
|
2026-04-16 13:16:02 -04:00
|
|
|
elif snapshot.service_installed and not snapshot.service_running:
|
|
|
|
|
print(" Service: installed but stopped")
|
|
|
|
|
except Exception:
|
|
|
|
|
if _is_termux():
|
|
|
|
|
print(f" Status: {color('unknown', Colors.DIM)}")
|
|
|
|
|
print(" Manager: Termux / manual process")
|
|
|
|
|
elif sys.platform.startswith('linux'):
|
|
|
|
|
print(f" Status: {color('unknown', Colors.DIM)}")
|
|
|
|
|
print(" Manager: systemd/manual")
|
|
|
|
|
elif sys.platform == 'darwin':
|
|
|
|
|
print(f" Status: {color('unknown', Colors.DIM)}")
|
|
|
|
|
print(" Manager: launchd")
|
2026-04-12 14:42:46 -07:00
|
|
|
else:
|
2026-04-16 13:16:02 -04:00
|
|
|
print(f" Status: {color('N/A', Colors.DIM)}")
|
|
|
|
|
print(" Manager: (not supported on this platform)")
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
# =========================================================================
|
|
|
|
|
# Cron Jobs
|
|
|
|
|
# =========================================================================
|
|
|
|
|
print()
|
|
|
|
|
print(color("◆ Scheduled Jobs", Colors.CYAN, Colors.BOLD))
|
|
|
|
|
|
fix(cli): respect HERMES_HOME in all remaining hardcoded ~/.hermes paths
Several files resolved paths via Path.home() / ".hermes" or
os.path.expanduser("~/.hermes/..."), bypassing the HERMES_HOME
environment variable. This broke isolation when running multiple
Hermes instances with distinct HERMES_HOME directories.
Replace all hardcoded paths with calls to get_hermes_home() from
hermes_cli.config, consistent with the rest of the codebase.
Files fixed:
- tools/process_registry.py (processes.json)
- gateway/pairing.py (pairing/)
- gateway/sticker_cache.py (sticker_cache.json)
- gateway/channel_directory.py (channel_directory.json, sessions.json)
- gateway/config.py (gateway.json, config.yaml, sessions_dir)
- gateway/mirror.py (sessions/)
- gateway/hooks.py (hooks/)
- gateway/platforms/base.py (image_cache/, audio_cache/, document_cache/)
- gateway/platforms/whatsapp.py (whatsapp/session)
- gateway/delivery.py (cron/output)
- agent/auxiliary_client.py (auth.json)
- agent/prompt_builder.py (SOUL.md)
- cli.py (config.yaml, images/, pastes/, history)
- run_agent.py (logs/)
- tools/environments/base.py (sandboxes/)
- tools/environments/modal.py (modal_snapshots.json)
- tools/environments/singularity.py (singularity_snapshots.json)
- tools/tts_tool.py (audio_cache)
- hermes_cli/status.py (cron/jobs.json, sessions.json)
- hermes_cli/gateway.py (logs/, whatsapp session)
- hermes_cli/main.py (whatsapp/session)
Tests updated to use HERMES_HOME env var instead of patching Path.home().
Closes #892
(cherry picked from commit 78ac1bba43b8b74a934c6172f2c29bb4d03164b9)
2026-03-11 07:31:41 +01:00
|
|
|
jobs_file = get_hermes_home() / "cron" / "jobs.json"
|
2026-02-02 19:01:51 -08:00
|
|
|
if jobs_file.exists():
|
|
|
|
|
import json
|
|
|
|
|
try:
|
2026-03-05 17:04:33 -05:00
|
|
|
with open(jobs_file, encoding="utf-8") as f:
|
2026-02-02 19:01:51 -08:00
|
|
|
data = json.load(f)
|
|
|
|
|
jobs = data.get("jobs", [])
|
|
|
|
|
enabled_jobs = [j for j in jobs if j.get("enabled", True)]
|
|
|
|
|
print(f" Jobs: {len(enabled_jobs)} active, {len(jobs)} total")
|
2026-02-20 23:23:32 -08:00
|
|
|
except Exception:
|
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
Three categories of cleanup, all zero-behavioral-change:
1. F-strings without placeholders (154 fixes across 29 files)
- Converted f'...' to '...' where no {expression} was present
- Heaviest files: run_agent.py (24), cli.py (20), honcho_integration/cli.py (34)
2. Simplify defensive patterns in run_agent.py
- Added explicit self._is_anthropic_oauth = False in __init__ (before
the api_mode branch that conditionally sets it)
- Replaced 7x getattr(self, '_is_anthropic_oauth', False) with direct
self._is_anthropic_oauth (attribute always initialized now)
- Added _is_openrouter_url() and _is_anthropic_url() helper methods
- Replaced 3 inline 'openrouter' in self._base_url_lower checks
3. Remove dead code in small files
- hermes_cli/claw.py: removed unused 'total' computation
- tools/fuzzy_match.py: removed unused strip_indent() function and
pattern_stripped variable
Full test suite: 6184 passed, 0 failures
E2E PTY: banner clean, tool calls work, zero garbled ANSI
2026-03-25 19:47:58 -07:00
|
|
|
print(" Jobs: (error reading jobs file)")
|
2026-02-02 19:01:51 -08:00
|
|
|
else:
|
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
Three categories of cleanup, all zero-behavioral-change:
1. F-strings without placeholders (154 fixes across 29 files)
- Converted f'...' to '...' where no {expression} was present
- Heaviest files: run_agent.py (24), cli.py (20), honcho_integration/cli.py (34)
2. Simplify defensive patterns in run_agent.py
- Added explicit self._is_anthropic_oauth = False in __init__ (before
the api_mode branch that conditionally sets it)
- Replaced 7x getattr(self, '_is_anthropic_oauth', False) with direct
self._is_anthropic_oauth (attribute always initialized now)
- Added _is_openrouter_url() and _is_anthropic_url() helper methods
- Replaced 3 inline 'openrouter' in self._base_url_lower checks
3. Remove dead code in small files
- hermes_cli/claw.py: removed unused 'total' computation
- tools/fuzzy_match.py: removed unused strip_indent() function and
pattern_stripped variable
Full test suite: 6184 passed, 0 failures
E2E PTY: banner clean, tool calls work, zero garbled ANSI
2026-03-25 19:47:58 -07:00
|
|
|
print(" Jobs: 0")
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
# =========================================================================
|
|
|
|
|
# Sessions
|
|
|
|
|
# =========================================================================
|
|
|
|
|
print()
|
|
|
|
|
print(color("◆ Sessions", Colors.CYAN, Colors.BOLD))
|
|
|
|
|
|
fix(cli): respect HERMES_HOME in all remaining hardcoded ~/.hermes paths
Several files resolved paths via Path.home() / ".hermes" or
os.path.expanduser("~/.hermes/..."), bypassing the HERMES_HOME
environment variable. This broke isolation when running multiple
Hermes instances with distinct HERMES_HOME directories.
Replace all hardcoded paths with calls to get_hermes_home() from
hermes_cli.config, consistent with the rest of the codebase.
Files fixed:
- tools/process_registry.py (processes.json)
- gateway/pairing.py (pairing/)
- gateway/sticker_cache.py (sticker_cache.json)
- gateway/channel_directory.py (channel_directory.json, sessions.json)
- gateway/config.py (gateway.json, config.yaml, sessions_dir)
- gateway/mirror.py (sessions/)
- gateway/hooks.py (hooks/)
- gateway/platforms/base.py (image_cache/, audio_cache/, document_cache/)
- gateway/platforms/whatsapp.py (whatsapp/session)
- gateway/delivery.py (cron/output)
- agent/auxiliary_client.py (auth.json)
- agent/prompt_builder.py (SOUL.md)
- cli.py (config.yaml, images/, pastes/, history)
- run_agent.py (logs/)
- tools/environments/base.py (sandboxes/)
- tools/environments/modal.py (modal_snapshots.json)
- tools/environments/singularity.py (singularity_snapshots.json)
- tools/tts_tool.py (audio_cache)
- hermes_cli/status.py (cron/jobs.json, sessions.json)
- hermes_cli/gateway.py (logs/, whatsapp session)
- hermes_cli/main.py (whatsapp/session)
Tests updated to use HERMES_HOME env var instead of patching Path.home().
Closes #892
(cherry picked from commit 78ac1bba43b8b74a934c6172f2c29bb4d03164b9)
2026-03-11 07:31:41 +01:00
|
|
|
sessions_file = get_hermes_home() / "sessions" / "sessions.json"
|
2026-02-02 19:01:51 -08:00
|
|
|
if sessions_file.exists():
|
|
|
|
|
import json
|
|
|
|
|
try:
|
2026-03-05 17:04:33 -05:00
|
|
|
with open(sessions_file, encoding="utf-8") as f:
|
2026-02-02 19:01:51 -08:00
|
|
|
data = json.load(f)
|
|
|
|
|
print(f" Active: {len(data)} session(s)")
|
2026-02-20 23:23:32 -08:00
|
|
|
except Exception:
|
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
Three categories of cleanup, all zero-behavioral-change:
1. F-strings without placeholders (154 fixes across 29 files)
- Converted f'...' to '...' where no {expression} was present
- Heaviest files: run_agent.py (24), cli.py (20), honcho_integration/cli.py (34)
2. Simplify defensive patterns in run_agent.py
- Added explicit self._is_anthropic_oauth = False in __init__ (before
the api_mode branch that conditionally sets it)
- Replaced 7x getattr(self, '_is_anthropic_oauth', False) with direct
self._is_anthropic_oauth (attribute always initialized now)
- Added _is_openrouter_url() and _is_anthropic_url() helper methods
- Replaced 3 inline 'openrouter' in self._base_url_lower checks
3. Remove dead code in small files
- hermes_cli/claw.py: removed unused 'total' computation
- tools/fuzzy_match.py: removed unused strip_indent() function and
pattern_stripped variable
Full test suite: 6184 passed, 0 failures
E2E PTY: banner clean, tool calls work, zero garbled ANSI
2026-03-25 19:47:58 -07:00
|
|
|
print(" Active: (error reading sessions file)")
|
2026-02-02 19:01:51 -08:00
|
|
|
else:
|
chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)
Three categories of cleanup, all zero-behavioral-change:
1. F-strings without placeholders (154 fixes across 29 files)
- Converted f'...' to '...' where no {expression} was present
- Heaviest files: run_agent.py (24), cli.py (20), honcho_integration/cli.py (34)
2. Simplify defensive patterns in run_agent.py
- Added explicit self._is_anthropic_oauth = False in __init__ (before
the api_mode branch that conditionally sets it)
- Replaced 7x getattr(self, '_is_anthropic_oauth', False) with direct
self._is_anthropic_oauth (attribute always initialized now)
- Added _is_openrouter_url() and _is_anthropic_url() helper methods
- Replaced 3 inline 'openrouter' in self._base_url_lower checks
3. Remove dead code in small files
- hermes_cli/claw.py: removed unused 'total' computation
- tools/fuzzy_match.py: removed unused strip_indent() function and
pattern_stripped variable
Full test suite: 6184 passed, 0 failures
E2E PTY: banner clean, tool calls work, zero garbled ANSI
2026-03-25 19:47:58 -07:00
|
|
|
print(" Active: 0")
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
# =========================================================================
|
|
|
|
|
# Deep checks
|
|
|
|
|
# =========================================================================
|
|
|
|
|
if deep:
|
|
|
|
|
print()
|
|
|
|
|
print(color("◆ Deep Checks", Colors.CYAN, Colors.BOLD))
|
|
|
|
|
|
|
|
|
|
# Check OpenRouter connectivity
|
|
|
|
|
openrouter_key = os.getenv("OPENROUTER_API_KEY", "")
|
|
|
|
|
if openrouter_key:
|
|
|
|
|
try:
|
|
|
|
|
import httpx
|
|
|
|
|
response = httpx.get(
|
2026-02-20 23:23:32 -08:00
|
|
|
OPENROUTER_MODELS_URL,
|
2026-02-02 19:01:51 -08:00
|
|
|
headers={"Authorization": f"Bearer {openrouter_key}"},
|
|
|
|
|
timeout=10
|
|
|
|
|
)
|
|
|
|
|
ok = response.status_code == 200
|
|
|
|
|
print(f" OpenRouter: {check_mark(ok)} {'reachable' if ok else f'error ({response.status_code})'}")
|
|
|
|
|
except Exception as e:
|
|
|
|
|
print(f" OpenRouter: {check_mark(False)} error: {e}")
|
|
|
|
|
|
|
|
|
|
# Check gateway port
|
|
|
|
|
try:
|
|
|
|
|
import socket
|
|
|
|
|
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|
|
|
|
sock.settimeout(1)
|
|
|
|
|
result = sock.connect_ex(('127.0.0.1', 18789))
|
|
|
|
|
sock.close()
|
|
|
|
|
# Port in use = gateway likely running
|
|
|
|
|
port_in_use = result == 0
|
|
|
|
|
# This is informational, not necessarily bad
|
|
|
|
|
print(f" Port 18789: {'in use' if port_in_use else 'available'}")
|
2026-02-20 23:23:32 -08:00
|
|
|
except OSError:
|
2026-02-02 19:01:51 -08:00
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
print()
|
|
|
|
|
print(color("─" * 60, Colors.DIM))
|
|
|
|
|
print(color(" Run 'hermes doctor' for detailed diagnostics", Colors.DIM))
|
|
|
|
|
print(color(" Run 'hermes setup' to configure", Colors.DIM))
|
|
|
|
|
print()
|