Skip to content

Add Kimi K2 usage dashboard shortcut#1919

Open
joeVenner wants to merge 2 commits into
steipete:mainfrom
joeVenner:feat/kimi-k2-dashboard
Open

Add Kimi K2 usage dashboard shortcut#1919
joeVenner wants to merge 2 commits into
steipete:mainfrom
joeVenner:feat/kimi-k2-dashboard

Conversation

@joeVenner

@joeVenner joeVenner commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

Summary

  • add a Usage Dashboard menu action for the unofficial Kimi K2 provider
  • point it at the human-facing credits page (https://kimrel.com/my-credits), not the bearer-token API endpoint
  • add a MenuDescriptor test covering the dashboard action and URL; update the metadata status-link test

Why kimrel.com/my-credits and not the API endpoint

The first iteration pointed the shortcut at https://kimi-k2.ai/api/user/credits. That is the bearer-token credits API: an unauthenticated browser open returns HTTP 401 JSON, so the "Usage Dashboard" item would dump raw error JSON instead of opening a real dashboard. Live verification (resolves the open question I previously flagged):

$ curl -sL -o /dev/null -w "%{http_code} %{url_effective}\n" https://kimi-k2.ai/api/user/credits
401 https://kimi-k2.ai/api/user/credits          # old URL — raw API; browser sees 401 JSON

$ curl -sL -o /dev/null -w "%{http_code} %{url_effective}\n" https://kimrel.com/my-credits
200 https://kimrel.com/auth/signin              # new URL — human Next.js credits page; unauthenticated → Sign In, authenticated → credit balance

kimi-k2.ai (the API host the descriptor already uses) 301-redirects to kimrel.com, and kimrel.com/my-credits is the human-facing credits page on the same service — unauthenticated users land on the Next.js Sign In page (HTML Sign in/Sign In body, confirmed live), and authenticated users see their credit balance. This resolves the "don't open the API endpoint as a dashboard" concern with a browser-safe destination that preserves the shortcut.

Note for the maintainer

kimrel.com is where kimi-k2.ai redirects, so it is the canonical human-facing domain for this service; if steipete prefers a different Kimi credits/dashboard surface, swapping the single dashboardURL string and the two test assertions is a one-line change. No CHANGELOG entry is included (release-owned); the maintainer can credit @joeVenner at release time as with the merged Kimi K2 follow-ups.

Testing

  • swift test --disable-sandbox --filter "MenuDescriptorKimiK2Tests|ProviderMetadataStatusLinkTests" (3 passed, incl. kimi K2 menu exposes the usage dashboard action and kimi K2 metadata identifies the unofficial provider and its credits dashboard)
  • live URL verification above (kimrel.com/my-credits → 200/signin; kimi-k2.ai/api/user/credits → 401)
  • swift build clean

@clawsweeper

clawsweeper Bot commented Jul 5, 2026

Copy link
Copy Markdown

Codex review: needs maintainer review before merge. Reviewed July 6, 2026, 8:34 PM ET / 00:34 UTC.

Summary
The branch sets the Kimi K2 provider dashboard URL to the Kimrel credits page and adds metadata/menu descriptor tests for the Usage Dashboard action.

Reproducibility: not applicable. this is a feature PR rather than a bug report. The observable behavior is supported by source inspection, the PR head menu test, and live URL output for the dashboard destination.

Review metrics: none identified.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🐚 platinum hermit
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

  • none.

Risk before merge

  • [P1] Some GitHub status checks were still queued or in progress at inspection time, so merge should wait for the normal required check gate.

Maintainer options:

  1. Decide the mitigation before merge
    Land the small metadata/test update if maintainers accept kimrel.com/my-credits as the Kimi K2 dashboard destination.
  2. Pause or close
    Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge

  • No repair lane is needed because no blocking code defect remains; the remaining action is normal maintainer review and required CI gating.

Security
Cleared: The diff only changes a provider metadata URL and tests; it does not add code execution, credential handling, dependencies, or supply-chain surface.

Review details

Best possible solution:

Land the small metadata/test update if maintainers accept kimrel.com/my-credits as the Kimi K2 dashboard destination.

Do we have a high-confidence way to reproduce the issue?

Not applicable: this is a feature PR rather than a bug report. The observable behavior is supported by source inspection, the PR head menu test, and live URL output for the dashboard destination.

Is this the best way to solve the issue?

Yes. The patch uses the existing ProviderMetadata.dashboardURL and MenuDescriptor action path rather than adding provider-specific menu plumbing.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against 46edb383c0ac.

Label changes

Label changes:

  • add proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes copied live curl output showing the new credits page reaches a 200 sign-in page while the old API endpoint returns 401, and the test covers the resulting menu action.
  • add rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🐚 platinum hermit and patch quality is 🐚 platinum hermit.
  • add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): The PR body includes copied live curl output showing the new credits page reaches a 200 sign-in page while the old API endpoint returns 401, and the test covers the resulting menu action.

Label justifications:

  • P3: This is a low-risk provider menu shortcut and focused test update for an optional unofficial provider.
  • rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🐚 platinum hermit and patch quality is 🐚 platinum hermit.
  • status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): The PR body includes copied live curl output showing the new credits page reaches a 200 sign-in page while the old API endpoint returns 401, and the test covers the resulting menu action.
  • proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes copied live curl output showing the new credits page reaches a 200 sign-in page while the old API endpoint returns 401, and the test covers the resulting menu action.
Evidence reviewed

What I checked:

Likely related people:

  • steipete: Remote path history shows Kimi K2 descriptor migration/refactor work plus earlier follow-up fixes around Kimi K2 wiring and parsing. (role: recent area contributor; confidence: high; commits: fa1a03840ce1, a5fb02b7d0f2, 762f60b382b3; files: Sources/CodexBarCore/Providers/KimiK2/KimiK2ProviderDescriptor.swift, Sources/CodexBarCore/Providers/KimiK2/KimiK2UsageFetcher.swift)
  • 0-CYBERDYNE-SYSTEMS-0: Remote history attributes the original Kimi K2 provider support and endpoint-based usage implementation to this contributor. (role: introduced behavior; confidence: medium; commits: eade57bfde35; files: Sources/CodexBarCore/Providers/KimiK2/KimiK2ProviderDescriptor.swift, docs/kimi-k2.md)
  • joeVenner: Separate from this PR, remote history shows recent merged Kimi K2 parser hardening work in the same provider area. (role: recent area contributor; confidence: high; commits: 4fe943fd2a69, b00797537dbf; files: Sources/CodexBarCore/Providers/KimiK2/KimiK2UsageFetcher.swift)
  • mturac: Remote history shows prior merged work clarifying the unofficial Kimi K2 provider and documentation boundary. (role: adjacent docs contributor; confidence: medium; commits: bf4424bb7ff8; files: Sources/CodexBarCore/Providers/KimiK2/KimiK2ProviderDescriptor.swift, docs/kimi-k2.md)
What the crustacean ranks mean
  • 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
  • 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
  • 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
  • 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
  • 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
  • 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
  • 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works
  • ClawSweeper keeps one durable marker-backed review comment per issue or PR.
  • Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
  • A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
  • PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
  • Maintainers can also comment @clawsweeper review to request a fresh review only.
  • Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
  • Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
  • Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.
Review history (9 earlier review cycles; latest 8 shown)
  • reviewed 2026-07-05T16:39:10.801Z sha 038e0b0 :: needs real behavior proof before merge. :: none
  • reviewed 2026-07-05T16:45:58.609Z sha 038e0b0 :: needs real behavior proof before merge. :: [P2] Point the shortcut at the credits page
  • reviewed 2026-07-05T16:51:01.638Z sha 038e0b0 :: needs real behavior proof before merge. :: [P2] Point the shortcut at a credit dashboard
  • reviewed 2026-07-06T19:19:41.631Z sha 0555e45 :: needs real behavior proof before merge. :: [P1] Don't open the API endpoint as a dashboard | [P2] Keep the metadata URL assertions consistent | [P3] Remove the release-owned changelog edit
  • reviewed 2026-07-06T21:45:46.525Z sha 1a753da :: needs real behavior proof before merge. :: [P1] Don't open the API endpoint as a dashboard | [P3] Remove the release-owned changelog edit
  • reviewed 2026-07-06T22:07:19.943Z sha 1a753da :: needs real behavior proof before merge. :: [P1] Don't open the API endpoint as a dashboard | [P3] Remove the release-owned changelog edit
  • reviewed 2026-07-07T00:16:32.892Z sha 0677b50 :: needs real behavior proof before merge. :: [P2] Use test stores when constructing SettingsStore
  • reviewed 2026-07-07T00:22:19.603Z sha 0677b50 :: needs real behavior proof before merge. :: [P2] Use test stores when constructing SettingsStore

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9bfd6389b9

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread Sources/CodexBarCore/Providers/KimiK2/KimiK2ProviderDescriptor.swift Outdated
@clawsweeper clawsweeper Bot added rating: 🦪 silver shellfish Thin PR readiness signal; proof, validation, or implementation needs work. status: 📣 needs proof The PR needs real behavior proof before ClawSweeper can clear the contributor ask. P3 Low-risk cleanup, docs, polish, ergonomics, or speculative feature. labels Jul 5, 2026
@joeVenner joeVenner changed the title Add Kimi K2 dashboard link Add Kimi K2 usage dashboard shortcut Jul 5, 2026
@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@joeVenner

Copy link
Copy Markdown
Contributor Author

@codex review

@clawsweeper

clawsweeper Bot commented Jul 5, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 038e0b0be3

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

usesAccountFallback: false,
browserCookieOrder: nil,
dashboardURL: nil,
dashboardURL: "https://kimi-k2.ai/",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Point Kimi K2 dashboard at the credits page

The new menu action opens this URL directly through dashboardURL(for:), but the Kimi K2/Kimrel API docs list usage tracking at /my-credits (https://kimrel.com/my-credits). With https://kimi-k2.ai/, the “Usage Dashboard” shortcut lands on the marketing/home page instead of the credit dashboard, so users still have to navigate manually to see the balance this provider tracks.

Useful? React with 👍 / 👎.

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@joeVenner

Copy link
Copy Markdown
Contributor Author

@openclaw-mantis visual task: verify Kimi K2 shows Usage Dashboard in CodexBar and opens https://kimrel.com/ via https://kimi-k2.ai/.

@clawsweeper clawsweeper Bot added rating: 🧂 unranked krab Not merge-ready due to missing proof or serious correctness/safety concerns. merge-risk: 🚨 other 🚨 Merging this PR has meaningful risk outside the owned taxonomy. and removed rating: 🦪 silver shellfish Thin PR readiness signal; proof, validation, or implementation needs work. labels Jul 5, 2026
@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jul 6, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jul 6, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

1 similar comment
@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jul 6, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Open the human-facing Kimi credits page (https://kimrel.com/my-credits)
from the menu Usage Dashboard action instead of the bearer-token
/api/user/credits endpoint, which returns HTTP 401 to an unauthenticated
browser. Add a MenuDescriptor test asserting the dashboard action and
URL, and update the metadata status-link test.
@joeVenner joeVenner force-pushed the feat/kimi-k2-dashboard branch from 1a753da to 0677b50 Compare July 7, 2026 00:07
@joeVenner

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jul 7, 2026

Copy link
Copy Markdown

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

@clawsweeper clawsweeper Bot added rating: 🦪 silver shellfish Thin PR readiness signal; proof, validation, or implementation needs work. merge-risk: 🚨 automation 🚨 Merging this PR could break CI, automerge, proof capture, label sync, or automation. and removed rating: 🧂 unranked krab Not merge-ready due to missing proof or serious correctness/safety concerns. labels Jul 7, 2026
Use testSettingsStore so the MenuDescriptor test uses in-memory/noop
stores for every legacy secret and cookie store instead of leaving
SettingsStore dependencies at their keychain-backed defaults.
@clawsweeper clawsweeper Bot added proof: sufficient Contributor real behavior proof is sufficient. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR. and removed status: 📣 needs proof The PR needs real behavior proof before ClawSweeper can clear the contributor ask. rating: 🦪 silver shellfish Thin PR readiness signal; proof, validation, or implementation needs work. merge-risk: 🚨 automation 🚨 Merging this PR could break CI, automerge, proof capture, label sync, or automation. merge-risk: 🚨 other 🚨 Merging this PR has meaningful risk outside the owned taxonomy. labels Jul 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

P3 Low-risk cleanup, docs, polish, ergonomics, or speculative feature. proof: sufficient Contributor real behavior proof is sufficient. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant