coleam00 · samuelcombey · Apr 11, 2026 · chatgpt-codex-connector · Apr 11, 2026
diff --git a/bun.lock b/bun.lock
diff --git a/package.json b/package.json
@@ -50,5 +50,8 @@
   },
   "dependencies": {
     "@anthropic-ai/claude-agent-sdk": "^0.2.74"
+  },
+  "patchedDependencies": {
+    "telegraf@4.16.3": "patches/telegraf@4.16.3.patch"
   }
 }
diff --git a/packages/cli/src/cli.ts b/packages/cli/src/cli.ts
@@ -38,6 +38,21 @@ if (!process.env.CLAUDE_API_KEY && !process.env.CLAUDE_CODE_OAUTH_TOKEN) {
   }
 }
 
+// Strip Claude Code's nested-session markers from process.env.
+// When Archon is launched from inside a Claude Code terminal session, the parent
+// exports CLAUDECODE and several CLAUDE_CODE_* markers. The embedded CLI spawned
+// by the Claude Agent SDK refuses to launch if it sees any of them (nested-session
+// guard). SUBPROCESS_ENV_ALLOWLIST already excludes these, but the SDK leaks
+// process.env into the subprocess anyway, so we delete at the process level.
+// Auth/config vars (OAUTH_TOKEN, USE_BEDROCK, USE_VERTEX) are kept — only the
+// nested-session markers below are removed.
+delete process.env.CLAUDECODE;
+delete process.env.CLAUDE_CODE_ENTRYPOINT;
+delete process.env.CLAUDE_CODE_EXECPATH;
+delete process.env.CLAUDE_CODE_HIDE_ACCOUNT_INFO;
+delete process.env.CLAUDE_CODE_NO_FLICKER;
+delete process.env.CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS;
+
 // DATABASE_URL is no longer required - SQLite will be used as default
 
 // Import commands after dotenv is loaded

diff --git a/packages/server/src/index.ts b/packages/server/src/index.ts
@@ -48,6 +48,21 @@ if (
   process.env.CLAUDE_USE_GLOBAL_AUTH = 'true';
 }
 
+// Strip Claude Code's nested-session markers from process.env.
+// When Archon is launched from inside a Claude Code terminal session, the parent
+// exports CLAUDECODE and several CLAUDE_CODE_* markers. The embedded CLI spawned
+// by the Claude Agent SDK refuses to launch if it sees any of them (nested-session
+// guard). SUBPROCESS_ENV_ALLOWLIST already excludes these, but the SDK leaks
+// process.env into the subprocess anyway, so we delete at the process level.
+// Auth/config vars (OAUTH_TOKEN, USE_BEDROCK, USE_VERTEX) are kept — only the
+// nested-session markers below are removed.
+delete process.env.CLAUDECODE;
+delete process.env.CLAUDE_CODE_ENTRYPOINT;
+delete process.env.CLAUDE_CODE_EXECPATH;
+delete process.env.CLAUDE_CODE_HIDE_ACCOUNT_INFO;
+delete process.env.CLAUDE_CODE_NO_FLICKER;
+delete process.env.CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS;
+
 import { OpenAPIHono } from '@hono/zod-openapi';
 import { validationErrorHook } from './routes/openapi-defaults';
 import { TelegramAdapter, GitHubAdapter, DiscordAdapter, SlackAdapter } from '@archon/adapters';

diff --git a/patches/telegraf@4.16.3.patch b/patches/telegraf@4.16.3.patch
@@ -0,0 +1,18 @@
+diff --git a/lib/core/network/client.js b/lib/core/network/client.js
+index 25fbbbb47c7f88e83ae26f629e5ae1a0c141725c..7ee7bc4fc5e5d8fdb2f6307ecfdf0e3b932d1943 100644
+--- a/lib/core/network/client.js
++++ b/lib/core/network/client.js
+@@ -245,7 +245,12 @@ async function answerToWebhook(response, payload, options) {
+     return true;
+ }
+ function redactToken(error) {
+-    error.message = error.message.replace(/\/(bot|user)(\d+):[^/]+\//, '/$1$2:[REDACTED]/');
++    // Bun frozen Error.message workaround: assignment may throw TypeError in Bun
++    // runtimes where error.message is non-writable. Fall back to re-throwing the
++    // original error rather than killing the polling loop.
++    try {
++        error.message = error.message.replace(/\/(bot|user)(\d+):[^/]+\//, '/$1$2:[REDACTED]/');
++    } catch (_) { /* message is read-only; re-throw original */ }
+     throw error;
+ }
+ class ApiClient {