RE didericis/bot-bottle#121 (comment)
On it.
RE didericis/bot-bottle#121 (comment)
The blocker is that the addon runs in a stdlib-only environment inside the container — bot_bottle is never…
RE didericis/bot-bottle#121 (comment)
Got it — expanding scope and revising the merge design. Here's my read before I update the PRD:
**Provisioned-wins…
RE didericis/bot-bottle#119 (comment)
Good call — the sentinel skip was a code smell. Here is the revised plan:
- Add
provisioned_env: dict[str, str]…
Re: egress_resolve_token_values_with_provider — the reason CODEX_HOST_CREDENTIAL_TOKEN_REF exists as a sentinel is that egress_resolve_token_values assumes every token_ref is an…
Independent Code Review — Hotspot Assessment
Cloned the repo and read the flagged files plus several others. Here's where I agree, disagree, and what I think was missed.
Where I…
Done — api.anthropic.com is now always emitted as a tls_passthrough route for Claude (same pattern as Codex + the OpenAI hosts). Auth scheme and token_ref only populated when auth_token is…
Will expand the branch to include it. I'll update the PRD to reflect the broader scope, implement agent_provider.auth_token, have the Claude provisioner inject the api.anthropic.com route from…
Got it — so the end state is: agent_provider.auth_token: BOT_BOTTLE_CLAUDE_OAUTH_TOKEN in the manifest drives the provisioner to inject a provider-owned api.anthropic.com route (Bearer,…
Re: placeholder_env_for (#issuecomment-941) — agree, wrong abstraction. Will remove it. One option to fix print_util without template-switching: add a hidden_env_names: frozenset[str] field…
Agreed — the has_provider_auth detection and placeholder injection is provider logic that should live in agent_provision_plan, not in each backend. Moving it there will also let us drop…
Implemented in b79b490 on prd-0029-egress-routes-via-agent-provision-plan. Summary of what changed:
EgressRoutegainstls_passthrough: bool.egress_manifest_routeslifts the manifest…
RE: didericis/bot-bottle#110 (comment)
Agreed on the direction. Concrete shape I have in mind:
- Add
egress_routes: tuple[EgressRoute, ...]to `AgentProvi…
Fair — this is the same provider-specific branching the rest of the PR moved out of the backends.
The root cause is that EgressRoute has no tls_passthrough field, so `pipelock_effective_tls_p…
Replying to didericis/bot-bottle#114 (comment):
git http-backend is the built-in — the Python class is a CGI adapter around it, not a custom git…