fix: record OAuth-host verification + models.json SPOT (#112)#119
Merged
Conversation
…e/default (#112) Three alignment/SPOT findings from the 2026-05-31 audit: 1. The OAuth token-refresh host (platform.claude.com/v1/oauth/token, a Class A surface) was introduced in the 2026-04-11 drift commit and had no verification record. Verified against the compiled cli.js (claude.exe v2.1.154) via `strings`: OAUTH_TOKEN_URL and OAUTH_CLIENT_ID both appear in the binary byte-for-byte (in the same `prod` config object), and the legacy host console.anthropic.com/v1/oauth is absent (0 hits). Recorded this as an inline ALIGNMENT citation comment above the constants. No live OAuth probe was run — a refresh-token grant would rotate the operator's real credentials; the strings-on-binary evidence is decisive. (cli.js: verified against compiled claude.exe v2.1.154, 2026-05-31.) 2. fetchUsageFromApi() hardcoded the haiku model ID; now derives from modelsConfig.aliases.haiku (ADR 0003 SPOT). Prevents a silent /usage break on a future haiku ID bump. 3. [P3] The default request model hardcoded the sonnet ID; now derives from modelsConfig.aliases.sonnet (ADR 0003 SPOT). Both SPOT values are byte-identical to the literals they replace today, so zero behavior change — only drift-resistance. The alignment.yml blacklist pin for the wrong-host variant was deliberately NOT included here: extending the blacklist is a governance-layer change (alignment.yml inline policy) and belongs in its own PR. ALIGNMENT.md: finding 1 IS the verification (cli.js citation recorded inline); findings 2-3 are SPOT hygiene that forward no new operation. No blacklisted tokens or port literals introduced; alignment.yml passes. Independent fresh-context reviewer (opus) INDEPENDENTLY re-ran `strings` on the binary and confirmed the host/client_id present and the legacy host absent — APPROVE (Iron Rule 10; alignment hard-requirement #3 satisfied). Closes #112. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
dtzp555-max
added a commit
that referenced
this pull request
May 31, 2026
….md amendment (#123) (#128) Follow-up to the 2026-05-31 audit (deferred from #112). The OAuth token host platform.claude.com/v1/oauth/token was verified against the compiled cli.js in #119; this pins the legacy WRONG host so a future accidental revert hard-fails CI. - .github/workflows/alignment.yml: add "console.anthropic.com/v1/oauth/token" to the BLACKLIST; rewrite the comment + failure message so the blacklist now documents TWO kinds of token — known hallucinations AND pinned wrong-host variants of a verified Class A endpoint (a hit means a drift, not necessarily a hallucination). The pinned token is absent from server.mjs (which uses platform.claude.com), so CI stays green. - ALIGNMENT.md: new "OAuth token-host verification (2026-05-31)" subsection recording the binary verification (claude.exe 2.1.154, strings, no live probe) and the dual-purpose blacklist policy. Purely additive; Rules / audit pin / Historical Lesson untouched. Per ALIGNMENT.md Amendment Procedure: (a) motivating evidence cited (issues #112/#119/#123), (b) independent fresh-context opus reviewer APPROVE — verified the pinned token does not trip the build (absent from server.mjs; live host not blacklisted), YAML valid, amendment consistent with the server.mjs verification comment, purely additive scope. (c) not incident-driven (a confirming verification, not a new drift) so Historical Lesson unchanged. Closes #123. Co-authored-by: dtzp555 <dtzp555@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes the three alignment /
models.json-SPOT findings from the 2026-05-31 audit (#112, 2×P2 + 1×P3).OAUTH_TOKEN_URL = platform.claude.com/v1/oauth/token(a Class A surface) was born in the 2026-04-11 drift commit with no verification record. Verified against the compiled cli.js (claude.exev2.1.154) viastrings:OAUTH_TOKEN_URLandOAUTH_CLIENT_IDboth present byte-for-byte (paired in the binary'sprodconfig object); legacyconsole.anthropic.com/v1/oauthabsent (0 hits). Recorded as an inline ALIGNMENT citation comment. No live OAuth probe (would rotate the operator's real refresh token).fetchUsageFromApi()now usesmodelsConfig.aliases.haikuinstead of a hardcoded ID (ADR 0003).modelsConfig.aliases.sonnet.Both SPOT values are byte-identical to the literals they replace today → zero behavior change, only drift-resistance.
Deliberately deferred: the
alignment.ymlblacklist pin for the wrong-host variant. Extending the CI blacklist is a governance-layer change (per alignment.yml's own inline "extend only via an ALIGNMENT.md amendment PR" policy) and belongs in its own constitutional PR — not smuggled into a code-fix PR.ALIGNMENT.md (server.mjs hard requirements)
platform.claude.com/v1/oauth/token+ client_id verified against compiledclaude.exev2.1.154 (2026-05-31). Findings 2-3 forward no new operation (SPOT hygiene).alignment.ymlpasses (and is untouched).stringson the binary and confirmed the host present (×2), client_id present (×2), and the legacy host absent (×0) — not trusting the diff's comment. ConfirmedmodelsConfigin scope, both aliases resolve to currentVALID_MODELSmembers (no 400 risk),alignment.ymluntouched.npm test→ 154 passed, 0 failed. Verdict APPROVE.Closes #112.
🤖 Generated with Claude Code