diegosouzapw/OmniRoute v3.5.5

on GitHub

✨ New Features

• Node.js 24 Compatibility Warning: Added a proactive version incompatibility warning on the login page to guide users to the stable Node.js 22 LTS, preventing native sqlite binding crashes.
• Context Relay Combo Strategy: Added the new context-relay combo strategy with priority-style routing, structured handoff summary generation once quota usage reaches the warning threshold, and handoff injection after the next real account switch.
• Global Context Relay Defaults: Added global Settings defaults plus combo-level configuration for handoffThreshold, handoffModel, and handoffProviders, so new or unconfigured combos can inherit the feature consistently.

🐛 Bug Fixes

• Proxy Connection Healthchecks: Applied proxy resolution per connection in the sweeping loop (tokenHealthCheck.ts) and global provider validation sweeps, resolving Node 22 bypass and improving proxy stability (#1051, #1056, #1061).
• Security Vulnerability Remediation: Resolved multiple CodeQL scanning alerts including SSRF in model sync, insecure randomness in web crypto (generateSessionId), and incomplete URL sanitization.
• Context Relay Typing & Synchronization: Reverted out-of-scope test breakages and resolved handoffProvider and response input extraction payload typing.
• Legacy OpenAI-Compatible Responses Routing: Fixed legacy/imported OpenAI-compatible providers (for example openai-compatible-sp-openai) incorrectly routing Chat Completions traffic to /chat/completions when the real provider node was configured as apiType: "responses". OmniRoute now treats providerSpecificData.apiType as authoritative across routing, executors, and translator tools, avoiding false empty-content failures during combo/provider smoke tests (#1069).
• Gemini PDF Attachment Integration: Fixed payload generation and format for parsing inline_data and generic base64 sources for deep Gemini PDF routing (#993, #1021).
• Vercel AI SDK Fallbacks: Mapped max_output_tokens to max_tokens for strict OpenAI-compatible providers, resolving errors from standard AI agents and frameworks (#994).
• External Auth & UI Reliability: Handled null state failures in Cline OAuth exchange (#1016), added 3rd-party 400 error patterns to combo fallback (#1024), and resolved desktop sidebar layout and popover overflows (#1039, #1001).
• Context Relay In-Flight Deduplication: Prevented duplicate handoff generation for the same session/combo while an earlier summary request is still in flight.
• Context Relay Provider Gating: Aligned runtime behavior with configuration so explicit handoffProviders exclusions, including an empty array, now disable handoff generation as expected.

🛠️ Maintenance & Dependabot

• Updated Sub-dependencies: Bumped hono to 4.12.12 and @hono/node-server to 1.19.13 to patch critical security gaps (#1063, #1064, #1067, #1068).

📚 Documentation

• Documentation Synchronization: Updated system documentation (README, Architecture, Features, Tools, Troubleshooting) and synced i18n configurations to match the v3.5.5 context relay patterns and proxy troubleshooting steps.
• Context Relay Delivery Notes: Documented the current architecture, runtime flow, and Codex-focused scope in the feature docs, changelog, and agent guidance.

What's Changed

• Fix API provider error by @sevcator in #1061
• deps: bump @hono/node-server from 1.19.12 to 1.19.13 by @dependabot[bot] in #1063
• deps: bump hono from 4.12.9 to 4.12.12 by @dependabot[bot] in #1064
• deps: bump hono from 4.12.9 to 4.12.12 by @dependabot[bot] in #1068
• deps: bump @hono/node-server from 1.19.12 to 1.19.13 by @dependabot[bot] in #1067
• Release/v3.5.5 by @diegosouzapw in #1059

New Contributors

• @sevcator made their first contribution in #1061

Full Changelog: v3.5.4...v3.5.5