HoshinoSuzumi/claude-code
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
main
claude-code/.env.example
nirholas d35ea47ba7 📝 feat: update TypeScript configuration and add API support 
- Changed root directory in tsconfig.json to include all source files.
- Updated server.json to include npm package configuration for claude-code-explorer-mcp.
- Enhanced x402 command to support non-interactive mode.
- Refactored x402 command call function to simplify argument handling.
- Introduced .mcp.json for MCP server configuration.
- Added bunfig.toml for Bun development mode configuration.
- Created bridge.md documentation for IDE integration and architecture overview.
- Added .npmignore to exclude unnecessary files from npm package.
- Implemented build-bundle script for production and development builds.
- Developed bun-plugin-shims for Bun preload plugin.
- Created ci-build.sh for CI/CD build pipeline.
- Added dev.ts for development launcher using Bun's TS runtime.
- Implemented package-npm.ts to generate a publishable npm package.
- Created test-auth.ts to verify API key configuration.
- Developed test-mcp.ts for MCP client/server roundtrip testing.
- Implemented test-services.ts to ensure all services initialize correctly.
- Added stub.ts for bridge functionality when BRIDGE_MODE is disabled.
2026-03-31 10:59:36 +00:00

298 lines
12 KiB
Plaintext
Raw Permalink Blame History

# =============================================================================
# Claude Code CLI — Environment Variables
# =============================================================================
# Copy this file to .env and fill in the values you need.
# All variables are optional unless noted otherwise.
#
# ─── HOW AUTHENTICATION WORKS ───────────────────────────────────────────────
#
# The CLI supports multiple authentication backends, resolved in this order:
#
# 1. PROVIDER SELECTION (src/utils/model/providers.ts — getAPIProvider()):
# Checks CLAUDE_CODE_USE_BEDROCK, CLAUDE_CODE_USE_VERTEX, or
# CLAUDE_CODE_USE_FOUNDRY. If set, routes to that 3rd-party provider.
# Otherwise uses Direct Anthropic API.
#
# 2. OAUTH vs API KEY DECISION (src/utils/auth.ts — isAnthropicAuthEnabled()):
# OAuth is DISABLED (API-key-only mode) when any of these are true:
# - --bare flag is used (sets CLAUDE_CODE_SIMPLE=1)
# - CLAUDE_CODE_USE_BEDROCK / VERTEX / FOUNDRY is set
# - ANTHROPIC_API_KEY env var is set (and not in managed OAuth context)
# - ANTHROPIC_AUTH_TOKEN env var is set
# - An apiKeyHelper is configured in settings
# If none of the above, OAuth is attempted via ~/.claude/.credentials.json.
#
# 3. API KEY RESOLUTION (src/utils/auth.ts — getAnthropicApiKey()):
# Priority order when OAuth is not active:
# a. CLAUDE_CODE_API_KEY_FILE_DESCRIPTOR (pipe-passed key)
# b. apiKeyHelper (configured external command in settings)
# c. ANTHROPIC_API_KEY env var
# d. System keychain
# e. ~/.claude/.credentials config
#
# 4. CLIENT CONSTRUCTION (src/services/api/client.ts — getAnthropicClient()):
# Creates the appropriate SDK client (Anthropic, Bedrock, Vertex, or
# Foundry) using the resolved auth credentials plus any custom headers
# from ANTHROPIC_CUSTOM_HEADERS.
#
# FOR DEVELOPMENT: The simplest path is to set ANTHROPIC_API_KEY below.
# The auth system will detect the external key and skip OAuth entirely.
# =============================================================================
# ── Authentication ───────────────────────────────────────────────────────────
# Your Anthropic API key (required for direct API access)
ANTHROPIC_API_KEY=
# Bearer auth token (alternative to API key — used by bridge/remote)
# ANTHROPIC_AUTH_TOKEN=
# Custom API base URL (default: https://api.anthropic.com)
# ANTHROPIC_BASE_URL=
# Custom headers sent with every API request (multiline, "Name: Value" per line)
# ANTHROPIC_CUSTOM_HEADERS=
# Add additional protection header to API requests
# CLAUDE_CODE_ADDITIONAL_PROTECTION=true
# Pipe-pass API key via file descriptor (advanced — for managed environments)
# CLAUDE_CODE_API_KEY_FILE_DESCRIPTOR=
# ── Model Selection ──────────────────────────────────────────────────────────
# Override the default model
# ANTHROPIC_MODEL=
# Override the small/fast model used internally
# ANTHROPIC_SMALL_FAST_MODEL=
# Custom model overrides (name + description are optional display labels)
# ANTHROPIC_DEFAULT_OPUS_MODEL=
# ANTHROPIC_DEFAULT_OPUS_MODEL_NAME=
# ANTHROPIC_DEFAULT_OPUS_MODEL_DESCRIPTION=
# ANTHROPIC_DEFAULT_SONNET_MODEL=
# ANTHROPIC_DEFAULT_SONNET_MODEL_NAME=
# ANTHROPIC_DEFAULT_SONNET_MODEL_DESCRIPTION=
# ANTHROPIC_DEFAULT_HAIKU_MODEL=
# ANTHROPIC_DEFAULT_HAIKU_MODEL_NAME=
# ANTHROPIC_DEFAULT_HAIKU_MODEL_DESCRIPTION=
# Custom model option (shown alongside built-in models)
# ANTHROPIC_CUSTOM_MODEL_OPTION=
# ANTHROPIC_CUSTOM_MODEL_OPTION_NAME=
# ANTHROPIC_CUSTOM_MODEL_OPTION_DESCRIPTION=
# Model for sub-agents / teammates
# CLAUDE_CODE_SUBAGENT_MODEL=
# ── AWS Bedrock ──────────────────────────────────────────────────────────────
# Enable Bedrock backend (uses AWS SDK default credentials: IAM, profile, env)
# CLAUDE_CODE_USE_BEDROCK=true
# Custom Bedrock endpoint URL
# ANTHROPIC_BEDROCK_BASE_URL=
# AWS region for Bedrock (default: us-east-1)
# AWS_REGION=us-east-1
# AWS_DEFAULT_REGION=us-east-1
# Override AWS region specifically for the small fast model (Haiku)
# ANTHROPIC_SMALL_FAST_MODEL_AWS_REGION=
# Bearer token auth for Bedrock (alternative to IAM)
# AWS_BEARER_TOKEN_BEDROCK=
# Skip Bedrock auth (for testing without real AWS credentials)
# CLAUDE_CODE_SKIP_BEDROCK_AUTH=false
# ── Google Vertex AI ─────────────────────────────────────────────────────────
# Enable Vertex AI backend
# CLAUDE_CODE_USE_VERTEX=true
# Required: Your GCP project ID
# ANTHROPIC_VERTEX_PROJECT_ID=
# Default GCP region for all models
# CLOUD_ML_REGION=us-east5
# Model-specific region overrides (highest priority)
# VERTEX_REGION_CLAUDE_3_5_HAIKU=
# VERTEX_REGION_CLAUDE_HAIKU_4_5=
# VERTEX_REGION_CLAUDE_3_5_SONNET=
# VERTEX_REGION_CLAUDE_3_7_SONNET=
# Custom Vertex base URL
# ANTHROPIC_VERTEX_BASE_URL=
# GCP service account credentials JSON file
# GOOGLE_APPLICATION_CREDENTIALS=
# Skip Vertex auth (for testing without real GCP credentials)
# CLAUDE_CODE_SKIP_VERTEX_AUTH=false
# ── Azure Foundry ────────────────────────────────────────────────────────────
# Enable Azure Foundry backend
# CLAUDE_CODE_USE_FOUNDRY=true
# Azure resource name (creates URL: https://{resource}.services.ai.azure.com/...)
# ANTHROPIC_FOUNDRY_RESOURCE=
# Alternative: provide full base URL directly instead of resource name
# ANTHROPIC_FOUNDRY_BASE_URL=
# Foundry API key (if not set, uses Azure AD / DefaultAzureCredential)
# ANTHROPIC_FOUNDRY_API_KEY=
# Skip Foundry auth (for testing without real Azure credentials)
# CLAUDE_CODE_SKIP_FOUNDRY_AUTH=false
# ── Shell & Environment ─────────────────────────────────────────────────────
# Override shell used for BashTool (default: auto-detected)
# CLAUDE_CODE_SHELL=/bin/bash
# Prefix prepended to every shell command
# CLAUDE_CODE_SHELL_PREFIX=
# Override temp directory
# CLAUDE_CODE_TMPDIR=
# ── Performance & Limits ─────────────────────────────────────────────────────
# Maximum output tokens per response
# CLAUDE_CODE_MAX_OUTPUT_TOKENS=
# Maximum tokens when reading files
# CLAUDE_CODE_FILE_READ_MAX_OUTPUT_TOKENS=
# Idle timeout (minutes) before session ends (default: 75)
# CLAUDE_CODE_IDLE_THRESHOLD_MINUTES=75
# Idle token threshold (default: 100000)
# CLAUDE_CODE_IDLE_TOKEN_THRESHOLD=100000
# Node.js options (e.g. heap size)
# NODE_OPTIONS=--max-old-space-size=8192
# ── Features & Modes ────────────────────────────────────────────────────────
# Enable simplified/worker mode (also set by --bare flag)
# CLAUDE_CODE_SIMPLE=true
# Enable coordinator (multi-agent) mode
# CLAUDE_CODE_COORDINATOR_MODE=true
# Enable proactive mode
# CLAUDE_CODE_PROACTIVE=true
# Enable experimental agent teams
# CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS=true
# Enable task management
# CLAUDE_CODE_ENABLE_TASKS=true
# Enable prompt suggestions
# CLAUDE_CODE_ENABLE_PROMPT_SUGGESTION=true
# ── Accessibility & UX ──────────────────────────────────────────────────────
# Enable accessibility mode
# CLAUDE_CODE_ACCESSIBILITY=true
# Disable terminal title updates
# CLAUDE_CODE_DISABLE_TERMINAL_TITLE=true
# Disable virtual scrolling
# CLAUDE_CODE_DISABLE_VIRTUAL_SCROLL=true
# Streamlined output (less verbose)
# CLAUDE_CODE_STREAMLINED_OUTPUT=true
# Disable syntax highlighting
# CLAUDE_CODE_SYNTAX_HIGHLIGHT=false
# ── Remote / Bridge ─────────────────────────────────────────────────────────
# Enable remote execution mode
# CLAUDE_CODE_REMOTE=true
# Remote session ID
# CLAUDE_CODE_REMOTE_SESSION_ID=
# Environment kind (e.g. bridge)
# CLAUDE_CODE_ENVIRONMENT_KIND=
# OAuth token injected by bridge/CCR
# CLAUDE_CODE_OAUTH_TOKEN=
# OAuth refresh token for bridge
# CLAUDE_CODE_OAUTH_REFRESH_TOKEN=
# OAuth scopes
# CLAUDE_CODE_OAUTH_SCOPES=
# Session access token for remote
# CLAUDE_CODE_SESSION_ACCESS_TOKEN=
# Unix socket for SSH remote auth
# ANTHROPIC_UNIX_SOCKET=
# Entrypoint identifier (cli, mcp, remote, sdk-*, etc.)
# CLAUDE_CODE_ENTRYPOINT=cli
# ── Debugging ────────────────────────────────────────────────────────────────
# Debug log level (error, warn, info, debug, trace)
# CLAUDE_CODE_DEBUG_LOG_LEVEL=info
# Debug logs directory
# CLAUDE_CODE_DEBUG_LOGS_DIR=
# Enable startup profiling
# CLAUDE_CODE_PROFILE_STARTUP=true
# General debug flag
# DEBUG=true
# ── Privacy & Telemetry ─────────────────────────────────────────────────────
# Disable telemetry
# DISABLE_TELEMETRY=true
# Disable non-essential network traffic
# CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=true
# ── Proxy & Network ─────────────────────────────────────────────────────────
# HTTPS proxy
# HTTPS_PROXY=
# Custom SSL certificate
# SSL_CERT_FILE=
# =============================================================================
# ─── OAUTH STUB NOTES (Part D) ─────────────────────────────────────────────
# =============================================================================
#
# The OAuth flow (src/services/oauth/) requires a browser and Anthropic's
# OAuth endpoints. For development, you do NOT need to stub anything —
# just set ANTHROPIC_API_KEY and the auth system will skip OAuth automatically.
#
# How it works:
# src/utils/auth.ts — isAnthropicAuthEnabled() checks whether OAuth should
# be attempted. When it detects ANTHROPIC_API_KEY in the environment (and
# the context is not a "managed OAuth" context like Claude Desktop), it
# returns false, which causes the entire OAuth path to be bypassed.
#
# Decision chain:
# 1. isAnthropicAuthEnabled() in src/utils/auth.ts (line ~111)
# → returns false if external API key is detected
# 2. isClaudeAISubscriber() in src/utils/auth.ts (line ~1715)
# → checks OAuth tokens for user:inference scope (never reached if #1 is false)
# 3. getAnthropicApiKey() in src/utils/auth.ts (line ~201)
# → resolves API key from env/keychain/config
#
# If you needed to FORCE bypass OAuth in all cases (e.g. for testing the
# OAuth code paths themselves), you could:
# - Use --bare flag (sets CLAUDE_CODE_SIMPLE=1, disables OAuth in isBareMode())
# - Set CLAUDE_CODE_USE_BEDROCK=true + CLAUDE_CODE_SKIP_BEDROCK_AUTH=true
# (routes around OAuth entirely but creates a Bedrock-shaped client)
# - Directly modify isAnthropicAuthEnabled() to return false (not recommended
# for production)
#
# Bottom line: export ANTHROPIC_API_KEY="sk-ant-..." is sufficient for dev.
# =============================================================================
Reference in New Issue View Git Blame Copy Permalink