fix: 升级 claude-agent-sdk 0.3.156 修复 opus-4-8 thinking 400 与子进程丢失 API key

[lishuceo]

变更概述

• 修复 飞书 Claude 集成 #1（thinking 400）：SDK 0.2.111 内置 CLI 不识别 opus-4-8，回退发送 legacy thinking.type.enabled 被 API 拒收。升级 @anthropic-ai/claude-agent-sdk 0.2.111 → 0.3.156（内置 CLI 2.1.156，支持 opus-4-8 adaptive thinking）。
• 修复 feat: SQLite 持久化会话，重启不丢状态 #2（Not logged in）：SDK 0.3.x 的 options.env 从「合并」改为「完全替换」子进程环境，executor 仅传 { ANTHROPIC_BASE_URL } 导致 ANTHROPIC_API_KEY 丢失。改为展开 { ...process.env, ANTHROPIC_BASE_URL }。
• 0.3.x 起 @anthropic-ai/sdk、@modelcontextprotocol/sdk 为 peerDependencies，提为直接依赖。
• 新增 executor 环境转发回归测试；CLAUDE.md 补充 SDK env gotcha 与「升级后需 npm install」部署提示。

测试计划

• npm run typecheck 通过
• npx vitest run 全量回归（新增 2 个回归用例；唯一失败为无关的 memory 语义召回 flaky 断言）
• 真实调用 opus-4-8 + adaptive 经代理返回 success（原 400 消失）
• 线上桥服务重启后真实用户查询成功完成（无 Not logged in）
• Reviewer 确认 peer 依赖在 CI/其他部署环境可正常 npm install（reviewer 确认 lockfile 已提交，CI 解析确定）

🤖 Generated with Claude Code

[github-actions]

Claude finished @lishuceo's task in 1m 15s —— View job

---

Claude Code Review

Verdict: ✅ Approved — clean, surgical fix for both reported bugs with proper regression test coverage.

• Checked for previous review comments (none from claude[bot])
• Read CLAUDE.md and PR description
• Reviewed executor.ts, executor.test.ts, package.json, CLAUDE.md
• Posted findings

---

What I checked

src/claude/executor.ts:786-792 — The two-branch logic is correct and symmetrical:

• When apiBaseUrl is set: spreads process.env then overrides ANTHROPIC_BASE_URL. Preserves ANTHROPIC_API_KEY, PATH, HOME, etc.
• When apiBaseUrl is empty: omits env entirely, letting the SDK's default (subprocess inherits process.env) take over.

Both paths produce the same subprocess env modulo the one overridden var — internally consistent. ✓

src/claude/__tests__/executor.test.ts:551-583 — Regression tests cover both branches and correctly restore config.claude.apiBaseUrl / process.env.ANTHROPIC_API_KEY via try/finally. The assertion on opts.env.ANTHROPIC_API_KEY is exactly what was failing in prod.

package.json — SDK bump 0.2.111 → 0.3.156, plus promoting @anthropic-ai/sdk and @modelcontextprotocol/sdk from peer to direct deps. Reasonable given they're now peerDependencies upstream.

CLAUDE.md — The two new bullets (env replacement semantics + npm install requirement for optionalDependencies binaries) are exactly the kind of non-obvious deployment gotchas worth documenting. Future-you will thank past-you.

---

Considerations (informational, not blockers)

1. Spreading process.env forwards everything to the subprocess — including FEISHU_APP_SECRET, DASHSCOPE_API_KEY, and any other secrets in the bridge server's env. This matches both the previous SDK 0.2.x default and the no-apiBaseUrl branch, so there's no new exposure. But if a future hardening pass wants to reduce blast radius, a curated allowlist (ANTHROPIC_API_KEY, ANTHROPIC_BASE_URL, PATH, HOME, NODE_*, ...) would be more principled than full forwarding. Not necessary for this PR.

2. The remaining test-plan checkbox — Reviewer 确认 peer 依赖在 CI/其他部署环境可正常 npm install. Since @anthropic-ai/sdk and @modelcontextprotocol/sdk are now direct deps (not just peers), npm install will resolve them deterministically; the CLAUDE.md note about needing a fresh npm install post-pull is the right operational guardrail. Should be fine in CI as long as the lockfile is committed (which it is — 813/-706 in package-lock.json).

---

Summary

Both fixes are root-cause level (not workarounds), tests are tight, and documentation captures the upgrade footguns. No changes requested.
· fix/sdk-0.3-opus-4-8-auth

[lishuceo]

感谢 review。两条 considerations 已确认，均不在本 PR 范围内处理：

1. 子进程 env 全量转发 — 同意分析:与 SDK 0.2.x 默认行为及无代理分支一致,无新增暴露。curated allowlist 是合理的未来加固方向,但需谨慎枚举子进程实际依赖的变量(PATH/HOME/NODE_*/代理相关等),避免遗漏致回归;故不纳入本次故障修复,后续单独做硬化。
2. test-plan checkbox — 已勾选(lockfile 已提交,CI 可确定性解析)。

本 PR 聚焦两个 root-cause 修复,保持最小改动。