The debug logging added in commit dacde39 tried to access 'env' variable
before it was initialized at line 946. Changed to use process.env which
is always available.
Chutes AI counts each HTTP API request separately. The existing fix using
stepCountIs(1) only limited the Vercel AI SDK's internal loop, but the
outer while(true) loops in processor.ts and prompt.ts continued to make
additional HTTP requests after tool execution.
This fix:
- Returns singleStepTools flag from LLM.stream() to signal single-step mode
- Breaks out of processor.ts inner loop after one iteration for Chutes
- Breaks out of prompt.ts outer loop after one iteration for Chutes
This ensures only one HTTP request is made per user message for providers
like Chutes that bill per request.
- Change openrouter/pony-alpha model status from 'alpha' to 'beta' to prevent deletion
- Fix ReferenceError where heartbeat was used before initialization in cleanupStream
- Declare heartbeat and streamTimeout with let before cleanupStream function
- Change const assignments to let assignments for timer variables
Add detailed logging to provider initialization to help debug why Chutes
and other providers aren't loading:
- Log all providers found in database
- Log API key env vars detected
- Log custom loader results with autoload status
- Log final loaded providers count
This will help identify if the issue is:
1. Database not loading correctly
2. Missing env vars
3. Custom loaders not being called
4. Providers being filtered out
- Add openrouter/pony-alpha model to models-api.json fixture
- Fix getModel() to lookup models with provider prefix (e.g., openrouter/pony-alpha)
When user specifies openrouter/pony-alpha, the code now correctly looks for
the full model ID including prefix in the provider's models object
This fixes the 'ModelNotFoundError' when using OpenRouter models that have
prefixed IDs in the database.
- Add comprehensive prompt injection security module with 160+ attack pattern detection
- Implement security checks in message handling with proper blocking and user feedback
- Add OpenRouter paid API key support (OPENROUTER_PAID_API_KEY) for premium models
- Update model discovery and chat functions to use paid API key for premium models
- Add comprehensive test suite with 434 test cases (98.39% accuracy)
- Tests cover legitimate WordPress development queries, injection attacks, obfuscated attempts
- Improve builder loading indicators with text-based progress (building/planning)
- Replace spinning animations with 'Starting build/planning process' messages
