mirror of
https://github.com/openclaw/openclaw.git
synced 2026-06-27 18:53:34 +00:00
646e54ae35
The Copilot usage read in extensions/github-copilot/usage.ts parsed its HTTP response with an unbounded await res.json(). A hostile or buggy api.github.com proxy (the proxy endpoint is derived from a user-supplied token) could stream an unbounded JSON body and drive the usage snapshot into OOM. Route the read through the shared readProviderJsonResponse (from openclaw/plugin-sdk/provider-http), which enforces the 16 MiB byte cap, cancels the stream on overflow, and wraps malformed JSON with the caller label. Same no-helper-import-to-bounded-reader shape as the #96027 / #96038 response-limit work. Add a focused regression test: when the usage stream exceeds the JSON byte cap, fetchCopilotUsage rejects with a bounded-overflow error and the reader cancels the body mid-flight instead of buffering the full advertised stream. Existing parse/HTTP-error cases keep passing.
74 lines
1.8 KiB
TypeScript
74 lines
1.8 KiB
TypeScript
// Github Copilot plugin module implements usage behavior.
|
|
import { buildCopilotIdeHeaders } from "openclaw/plugin-sdk/provider-auth";
|
|
import { readProviderJsonResponse } from "openclaw/plugin-sdk/provider-http";
|
|
import {
|
|
buildUsageHttpErrorSnapshot,
|
|
fetchJson,
|
|
clampPercent,
|
|
PROVIDER_LABELS,
|
|
type ProviderUsageSnapshot,
|
|
type UsageWindow,
|
|
} from "openclaw/plugin-sdk/provider-usage";
|
|
|
|
type CopilotUsageResponse = {
|
|
quota_snapshots?: {
|
|
premium_interactions?: { percent_remaining?: number | null };
|
|
chat?: { percent_remaining?: number | null };
|
|
};
|
|
copilot_plan?: string;
|
|
};
|
|
|
|
export async function fetchCopilotUsage(
|
|
token: string,
|
|
timeoutMs: number,
|
|
fetchFn: typeof fetch,
|
|
): Promise<ProviderUsageSnapshot> {
|
|
const res = await fetchJson(
|
|
"https://api.github.com/copilot_internal/user",
|
|
{
|
|
headers: {
|
|
Authorization: `token ${token}`,
|
|
...buildCopilotIdeHeaders({ includeApiVersion: true }),
|
|
},
|
|
},
|
|
timeoutMs,
|
|
fetchFn,
|
|
);
|
|
|
|
if (!res.ok) {
|
|
return buildUsageHttpErrorSnapshot({
|
|
provider: "github-copilot",
|
|
status: res.status,
|
|
});
|
|
}
|
|
|
|
const data = await readProviderJsonResponse<CopilotUsageResponse>(
|
|
res,
|
|
"github-copilot-usage",
|
|
);
|
|
const windows: UsageWindow[] = [];
|
|
|
|
if (data.quota_snapshots?.premium_interactions) {
|
|
const remaining = data.quota_snapshots.premium_interactions.percent_remaining;
|
|
windows.push({
|
|
label: "Premium",
|
|
usedPercent: clampPercent(100 - (remaining ?? 0)),
|
|
});
|
|
}
|
|
|
|
if (data.quota_snapshots?.chat) {
|
|
const remaining = data.quota_snapshots.chat.percent_remaining;
|
|
windows.push({
|
|
label: "Chat",
|
|
usedPercent: clampPercent(100 - (remaining ?? 0)),
|
|
});
|
|
}
|
|
|
|
return {
|
|
provider: "github-copilot",
|
|
displayName: PROVIDER_LABELS["github-copilot"],
|
|
windows,
|
|
plan: data.copilot_plan,
|
|
};
|
|
}
|