Fix Linux build of AlibabaTokenPlanCookieHeader

[m1qaweb]

AlibabaTokenPlanCookieHeader.swift uses HTTPCookie (lines 79, 94, 95, 97-99, 102, 113, 118, 134, 146) but only imports Foundation. On macOS HTTPCookie lives in Foundation, but on Linux it was moved to FoundationNetworking and is "explicitly marked unavailable" in Foundation -- so the new file added in #1098 (Alibaba Token Plan provider) breaks the Linux build of CodexBarCore outright. Sibling new files in the same PR (AlibabaTokenPlanUsageFetcher, T3ChatUsageFetcher) already use the right conditional import; this one was overlooked.

VERIFICATION

Ubuntu 24.04 x86_64 with Swift 6.2.4:

Before:
$ swift build
error: 'HTTPCookie' is unavailable: This type has moved to the
FoundationNetworking module. Import that module to use it.
(10+ occurrences across the file, build aborts)

After:
$ swift build
Build complete! (72.86s)
$ swift test
Test run with 14 tests in 3 suites passed

No source-of-truth change beyond restoring buildability -- adds the same
"#if canImport(FoundationNetworking) / import FoundationNetworking / #endif"
block that already guards GeminiStatusProbe, ManusCookieHeader,
AlibabaTokenPlanUsageFetcher, T3ChatUsageFetcher, and others.

[clawsweeper]

Codex review: needs maintainer review before merge.

Latest ClawSweeper review: 2026-05-22 11:31 UTC / May 22, 2026, 7:31 AM ET.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
The PR adds a conditional FoundationNetworking import to AlibabaTokenPlanCookieHeader.swift so HTTPCookie resolves on Linux.

Reproducibility: yes. Source inspection shows current main uses HTTPCookie in a Linux-built core file without FoundationNetworking, and the PR body provides before/after Ubuntu swift build and swift test terminal output; I did not run builds because this review is read-only.

PR rating
Overall: 🦞 diamond lobster
Proof: 🦞 diamond lobster
Patch quality: 🦞 diamond lobster
Summary: A narrow, consistent build fix with clear contributor terminal proof and no blocking review findings.

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

Real behavior proof
Sufficient (terminal): The PR body includes before/after Ubuntu terminal output for swift build and swift test, showing the Linux failure and the successful after-fix run.

Next step before merge
No repair lane is needed; the PR already contains the narrow fix and only needs normal maintainer merge/CI handling.

Security
Cleared: The diff only adds a conditional standard-library module import and does not change credential handling, networking behavior, dependencies, scripts, or CI permissions.

Review details

Best possible solution:

Merge the conditional import after normal CI/maintainer checks, preserving the existing Alibaba Token Plan behavior.

Do we have a high-confidence way to reproduce the issue?

Yes. Source inspection shows current main uses HTTPCookie in a Linux-built core file without FoundationNetworking, and the PR body provides before/after Ubuntu swift build and swift test terminal output; I did not run builds because this review is read-only.

Is this the best way to solve the issue?

Yes. The PR applies the narrow existing cross-platform import pattern without changing provider behavior or cookie handling.

Label changes:

• add P1: Current main can break the supported Linux CLI/Core build path after a newly merged provider addition.
• add proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes before/after Ubuntu terminal output for swift build and swift test, showing the Linux failure and the successful after-fix run.
• add rating: 🦞 diamond lobster: Current PR rating is 🦞 diamond lobster because proof is 🦞 diamond lobster, patch quality is 🦞 diamond lobster, and A narrow, consistent build fix with clear contributor terminal proof and no blocking review findings.
• add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (terminal): The PR body includes before/after Ubuntu terminal output for swift build and swift test, showing the Linux failure and the successful after-fix run.

Label justifications:

• P1: Current main can break the supported Linux CLI/Core build path after a newly merged provider addition.
• rating: 🦞 diamond lobster: Current PR rating is 🦞 diamond lobster because proof is 🦞 diamond lobster, patch quality is 🦞 diamond lobster, and A narrow, consistent build fix with clear contributor terminal proof and no blocking review findings.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (terminal): The PR body includes before/after Ubuntu terminal output for swift build and swift test, showing the Linux failure and the successful after-fix run.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes before/after Ubuntu terminal output for swift build and swift test, showing the Linux failure and the successful after-fix run.

What I checked:

• Current main missing Linux import: AlibabaTokenPlanCookieHeader.swift imports only Foundation while using HTTPCookie in public cookie-header construction and helpers, which is the exact Linux portability gap described by the PR. (Sources/CodexBarCore/Providers/Alibaba/AlibabaTokenPlanCookieHeader.swift:1, 68a6b23ba641)
• Patch matches existing pattern: The PR branch adds only #if canImport(FoundationNetworking) import FoundationNetworking #endif after the Foundation import. (Sources/CodexBarCore/Providers/Alibaba/AlibabaTokenPlanCookieHeader.swift:1, 7a6628c17a92)
• Sibling Alibaba file already imports FoundationNetworking: AlibabaTokenPlanUsageFetcher.swift, added with the same provider, already uses the conditional FoundationNetworking import, supporting the PR's consistency claim. (Sources/CodexBarCore/Providers/Alibaba/AlibabaTokenPlanUsageFetcher.swift:1, 68a6b23ba641)
• Linux build is a supported surface: The package defines Linux-testable CodexBarCore, CodexBarCLI, and CodexBarLinuxTests targets, and CI runs swift build and swift test on Linux. (Package.swift:65, 68a6b23ba641)
• Feature history: The affected file was introduced by the merged Alibaba Token Plan provider commit, so this PR is repairing a very recent provider addition. (Sources/CodexBarCore/Providers/Alibaba/AlibabaTokenPlanCookieHeader.swift:1, b2bc921ab8b8)

Likely related people:

• YanxinXue: Authored the merged Alibaba Token Plan provider that added the affected cookie-header file and its focused tests. (role: introduced behavior; confidence: high; commits: b2bc921ab8b8; files: Sources/CodexBarCore/Providers/Alibaba/AlibabaTokenPlanCookieHeader.swift, Sources/CodexBarCore/Providers/Alibaba/AlibabaTokenPlanUsageFetcher.swift, Tests/CodexBarTests/AlibabaTokenPlanProviderTests.swift)
• steipete: Co-authored the merged Alibaba Token Plan provider commit and is tied to nearby release/appcast work for the current release train. (role: co-author and adjacent owner; confidence: medium; commits: b2bc921ab8b8, 2db843a4600f; files: Sources/CodexBarCore/Providers/Alibaba/AlibabaTokenPlanCookieHeader.swift, Sources/CodexBarCore/Providers/Alibaba/AlibabaTokenPlanProviderDescriptor.swift)

Codex review notes: model gpt-5.5, reasoning high; reviewed against 68a6b23ba641.

[clawsweeper]

ClawSweeper PR egg

✨ Hatched: 🥚 common Moonlit Branchling

Hatch command

Comment @clawsweeper hatch when this PR is hatchable.

Hatchability rules:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

Rarity: 🥚 common.
Trait: stacks clean commits.
Image traits: location proof lagoon; accessory proof snapshot camera; palette violet, aqua, and starlight; mood curious; pose balancing on a branch marker; shell matte ceramic shell; lighting soft studio lighting; background tiny shells and proof notes.
Share on X: post this hatch
Copy: My PR egg hatched a 🥚 common Moonlit Branchling in ClawSweeper.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchability usually comes from sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness. A merged PR is already final, so merge makes the egg hatchable independently.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[steipete]

Thanks for catching this. The exact Linux build fix is already on main via #1104 / fd4878b, including the conditional FoundationNetworking import in AlibabaTokenPlanCookieHeader.swift.

Proof: the post-merge #1104 checks were green for Linux x64, Linux arm64, and lint-build-test, and current main contains the same import block this PR adds.

Closing this one as superseded so the queue stays tidy. Appreciate the tight repro and verification.