@artale/pi-pai 4.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,611 @@
1
+ # Claude Code Security Patterns
2
+ # =============================
3
+ # Add patterns here to block dangerous commands.
4
+ # Each script (py, sh, ts) loads this file.
5
+
6
+ # These patterns are matched against Bash tool commands only
7
+ bashToolPatterns:
8
+ # ---------------------------------------------------------------------------
9
+ # DESTRUCTIVE FILE OPERATIONS
10
+ # ---------------------------------------------------------------------------
11
+ - pattern: '\brm\s+(-[^\s]*)*-[rRf]'
12
+ reason: rm with recursive or force flags
13
+
14
+ - pattern: '\brm\s+-[rRf]'
15
+ reason: rm with recursive or force flags
16
+
17
+ - pattern: '\brm\s+--recursive'
18
+ reason: rm with --recursive flag
19
+
20
+ - pattern: '\brm\s+--force'
21
+ reason: rm with --force flag
22
+
23
+ - pattern: '\bsudo\s+rm\b'
24
+ reason: sudo rm
25
+
26
+ - pattern: '\brmdir\s+--ignore-fail-on-non-empty'
27
+ reason: rmdir ignore-fail
28
+
29
+ # ---------------------------------------------------------------------------
30
+ # PERMISSION CHANGES
31
+ # ---------------------------------------------------------------------------
32
+ - pattern: '\bchmod\s+(-[^\s]+\s+)*777\b'
33
+ reason: chmod 777 (world writable)
34
+
35
+ - pattern: '\bchmod\s+-[Rr].*777'
36
+ reason: recursive chmod 777
37
+
38
+ - pattern: '\bchown\s+-[Rr].*\broot\b'
39
+ reason: recursive chown to root
40
+
41
+ # ---------------------------------------------------------------------------
42
+ # GIT DESTRUCTIVE OPERATIONS
43
+ # ---------------------------------------------------------------------------
44
+ - pattern: '\bgit\s+reset\s+--hard\b'
45
+ reason: git reset --hard (use --soft or stash)
46
+
47
+ - pattern: '\bgit\s+clean\s+(-[^\s]*)*-[fd]'
48
+ reason: git clean with force/directory flags
49
+
50
+ # Note: This blocks --force but NOT --force-with-lease
51
+ - pattern: '\bgit\s+push\s+.*--force(?!-with-lease)'
52
+ reason: git push --force (use --force-with-lease)
53
+
54
+ - pattern: '\bgit\s+push\s+(-[^\s]*)*-f\b'
55
+ reason: git push -f (use --force-with-lease)
56
+
57
+ - pattern: '\bgit\s+stash\s+clear\b'
58
+ reason: git stash clear (deletes ALL stashes)
59
+
60
+ - pattern: '\bgit\s+reflog\s+expire\b'
61
+ reason: git reflog expire (destroys recovery mechanism)
62
+
63
+ - pattern: '\bgit\s+gc\s+.*--prune=now'
64
+ reason: git gc --prune=now (can lose dangling commits)
65
+
66
+ - pattern: '\bgit\s+filter-branch\b'
67
+ reason: git filter-branch (rewrites entire history)
68
+
69
+ # ---------------------------------------------------------------------------
70
+ # GIT OPERATIONS REQUIRING CONFIRMATION (ask: true)
71
+ # ---------------------------------------------------------------------------
72
+ - pattern: '\bgit\s+checkout\s+--\s*\.'
73
+ reason: Discards all uncommitted changes
74
+ ask: true
75
+
76
+ - pattern: '\bgit\s+restore\s+\.'
77
+ reason: Discards all uncommitted changes
78
+ ask: true
79
+
80
+ - pattern: '\bgit\s+stash\s+drop\b'
81
+ reason: Permanently deletes a stash
82
+ ask: true
83
+
84
+ - pattern: '\bgit\s+branch\s+(-[^\s]*)*-D'
85
+ reason: Force deletes branch (even if unmerged)
86
+ ask: true
87
+
88
+ - pattern: '\bgit\s+push\s+\S+\s+--delete\b'
89
+ reason: Deletes remote branch
90
+ ask: true
91
+
92
+ - pattern: '\bgit\s+push\s+\S+\s+:\S+'
93
+ reason: Deletes remote branch (old syntax)
94
+ ask: true
95
+
96
+ # ---------------------------------------------------------------------------
97
+ # SYSTEM-LEVEL DESTRUCTION
98
+ # ---------------------------------------------------------------------------
99
+ - pattern: '\bmkfs\.'
100
+ reason: filesystem format command
101
+
102
+ - pattern: '\bdd\s+.*of=/dev/'
103
+ reason: dd writing to device
104
+
105
+ # ---------------------------------------------------------------------------
106
+ # PROCESS DESTRUCTION
107
+ # ---------------------------------------------------------------------------
108
+ - pattern: '\bkill\s+-9\s+-1\b'
109
+ reason: kill all processes
110
+
111
+ - pattern: '\bkillall\s+-9\b'
112
+ reason: killall -9
113
+
114
+ - pattern: '\bpkill\s+-9\b'
115
+ reason: pkill -9
116
+
117
+ # ---------------------------------------------------------------------------
118
+ # HISTORY/SHELL MANIPULATION
119
+ # ---------------------------------------------------------------------------
120
+ - pattern: '\bhistory\s+-c\b'
121
+ reason: clearing shell history
122
+
123
+ # ---------------------------------------------------------------------------
124
+ # AWS CLI DESTRUCTIVE OPERATIONS
125
+ # ---------------------------------------------------------------------------
126
+ - pattern: '\baws\s+s3\s+rm\s+.*--recursive'
127
+ reason: aws s3 rm --recursive (deletes all objects)
128
+
129
+ - pattern: '\baws\s+s3\s+rb\s+.*--force'
130
+ reason: aws s3 rb --force (force removes bucket)
131
+
132
+ - pattern: '\baws\s+ec2\s+terminate-instances\b'
133
+ reason: aws ec2 terminate-instances
134
+
135
+ - pattern: '\baws\s+rds\s+delete-db-instance\b'
136
+ reason: aws rds delete-db-instance
137
+
138
+ - pattern: '\baws\s+cloudformation\s+delete-stack\b'
139
+ reason: aws cloudformation delete-stack (deletes infrastructure)
140
+
141
+ - pattern: '\baws\s+dynamodb\s+delete-table\b'
142
+ reason: aws dynamodb delete-table
143
+
144
+ - pattern: '\baws\s+eks\s+delete-cluster\b'
145
+ reason: aws eks delete-cluster
146
+
147
+ - pattern: '\baws\s+lambda\s+delete-function\b'
148
+ reason: aws lambda delete-function
149
+
150
+ - pattern: '\baws\s+iam\s+delete-role\b'
151
+ reason: aws iam delete-role
152
+
153
+ - pattern: '\baws\s+iam\s+delete-user\b'
154
+ reason: aws iam delete-user
155
+
156
+ # ---------------------------------------------------------------------------
157
+ # GCP (gcloud) DESTRUCTIVE OPERATIONS
158
+ # ---------------------------------------------------------------------------
159
+ - pattern: '\bgcloud\s+projects\s+delete\b'
160
+ reason: gcloud projects delete (DELETES ENTIRE PROJECT)
161
+
162
+ - pattern: '\bgcloud\s+compute\s+instances\s+delete\b'
163
+ reason: gcloud compute instances delete
164
+
165
+ - pattern: '\bgcloud\s+sql\s+instances\s+delete\b'
166
+ reason: gcloud sql instances delete
167
+
168
+ - pattern: '\bgcloud\s+container\s+clusters\s+delete\b'
169
+ reason: gcloud container clusters delete (GKE)
170
+
171
+ - pattern: '\bgcloud\s+storage\s+rm\s+.*-r'
172
+ reason: gcloud storage rm -r (recursive delete)
173
+
174
+ - pattern: '\bgcloud\s+functions\s+delete\b'
175
+ reason: gcloud functions delete
176
+
177
+ - pattern: '\bgcloud\s+iam\s+service-accounts\s+delete\b'
178
+ reason: gcloud iam service-accounts delete
179
+
180
+ # ---------------------------------------------------------------------------
181
+ # FIREBASE DESTRUCTIVE OPERATIONS
182
+ # ---------------------------------------------------------------------------
183
+ - pattern: '\bfirebase\s+projects:delete\b'
184
+ reason: firebase projects:delete (deletes entire project)
185
+
186
+ - pattern: '\bfirebase\s+firestore:delete\s+.*--all-collections'
187
+ reason: firebase firestore:delete --all-collections (wipes all data)
188
+
189
+ - pattern: '\bfirebase\s+database:remove\b'
190
+ reason: firebase database:remove (wipes Realtime DB)
191
+
192
+ - pattern: '\bfirebase\s+hosting:disable\b'
193
+ reason: firebase hosting:disable
194
+
195
+ - pattern: '\bfirebase\s+functions:delete\b'
196
+ reason: firebase functions:delete
197
+
198
+ # ---------------------------------------------------------------------------
199
+ # VERCEL DESTRUCTIVE OPERATIONS
200
+ # ---------------------------------------------------------------------------
201
+ - pattern: '\bvercel\s+remove\s+.*--yes'
202
+ reason: vercel remove --yes (removes deployment)
203
+
204
+ - pattern: '\bvercel\s+projects\s+rm\b'
205
+ reason: vercel projects rm (deletes project)
206
+
207
+ - pattern: '\bvercel\s+env\s+rm\s+.*--yes'
208
+ reason: vercel env rm --yes (removes env variables)
209
+
210
+ # ---------------------------------------------------------------------------
211
+ # NETLIFY DESTRUCTIVE OPERATIONS
212
+ # ---------------------------------------------------------------------------
213
+ - pattern: '\bnetlify\s+sites:delete\b'
214
+ reason: netlify sites:delete (deletes entire site)
215
+
216
+ - pattern: '\bnetlify\s+functions:delete\b'
217
+ reason: netlify functions:delete
218
+
219
+ # ---------------------------------------------------------------------------
220
+ # CLOUDFLARE (wrangler) DESTRUCTIVE OPERATIONS
221
+ # ---------------------------------------------------------------------------
222
+ - pattern: '\bwrangler\s+delete\b'
223
+ reason: wrangler delete (deletes Worker)
224
+
225
+ - pattern: '\bwrangler\s+r2\s+bucket\s+delete\b'
226
+ reason: wrangler r2 bucket delete
227
+
228
+ - pattern: '\bwrangler\s+kv:namespace\s+delete\b'
229
+ reason: wrangler kv:namespace delete
230
+
231
+ - pattern: '\bwrangler\s+d1\s+delete\b'
232
+ reason: wrangler d1 delete (deletes database)
233
+
234
+ - pattern: '\bwrangler\s+queues\s+delete\b'
235
+ reason: wrangler queues delete
236
+
237
+ # ---------------------------------------------------------------------------
238
+ # DOCKER DESTRUCTIVE OPERATIONS
239
+ # ---------------------------------------------------------------------------
240
+ - pattern: '\bdocker\s+system\s+prune\s+.*-a'
241
+ reason: docker system prune -a (removes all unused data)
242
+
243
+ - pattern: '\bdocker\s+rm\s+.*-f.*\$\(docker\s+ps'
244
+ reason: docker rm -f $(docker ps) (force removes containers)
245
+
246
+ - pattern: '\bdocker\s+rmi\s+.*-f'
247
+ reason: docker rmi -f (force removes images)
248
+
249
+ - pattern: '\bdocker\s+volume\s+rm\b'
250
+ reason: docker volume rm (data loss)
251
+
252
+ - pattern: '\bdocker\s+volume\s+prune\b'
253
+ reason: docker volume prune (removes unused volumes)
254
+
255
+ # ---------------------------------------------------------------------------
256
+ # KUBERNETES (kubectl) DESTRUCTIVE OPERATIONS
257
+ # ---------------------------------------------------------------------------
258
+ - pattern: '\bkubectl\s+delete\s+namespace\b'
259
+ reason: kubectl delete namespace
260
+
261
+ - pattern: '\bkubectl\s+delete\s+all\s+--all'
262
+ reason: kubectl delete all --all
263
+
264
+ - pattern: '\bkubectl\s+delete\s+.*--all\s+--all-namespaces'
265
+ reason: kubectl delete across all namespaces
266
+
267
+ - pattern: '\bhelm\s+uninstall\b'
268
+ reason: helm uninstall (removes release)
269
+
270
+ # ---------------------------------------------------------------------------
271
+ # DATABASE CLI DESTRUCTIVE OPERATIONS
272
+ # ---------------------------------------------------------------------------
273
+ - pattern: '\bredis-cli\s+FLUSHALL'
274
+ reason: redis-cli FLUSHALL (wipes ALL data)
275
+
276
+ - pattern: '\bredis-cli\s+FLUSHDB'
277
+ reason: redis-cli FLUSHDB (wipes database)
278
+
279
+ - pattern: '\bmongosh.*dropDatabase'
280
+ reason: MongoDB dropDatabase
281
+
282
+ - pattern: '\bmongo.*dropDatabase'
283
+ reason: MongoDB dropDatabase
284
+
285
+ - pattern: '\bdropdb\b'
286
+ reason: PostgreSQL dropdb
287
+
288
+ - pattern: '\bmysqladmin\s+drop\b'
289
+ reason: MySQL drop database
290
+
291
+ # ---------------------------------------------------------------------------
292
+ # INFRASTRUCTURE AS CODE DESTRUCTIVE OPERATIONS
293
+ # ---------------------------------------------------------------------------
294
+ - pattern: '\bterraform\s+destroy\b'
295
+ reason: terraform destroy (destroys all infrastructure)
296
+
297
+ - pattern: '\bpulumi\s+destroy\b'
298
+ reason: pulumi destroy (destroys all resources)
299
+
300
+ - pattern: '\bserverless\s+remove\b'
301
+ reason: serverless remove (removes stack)
302
+
303
+ - pattern: '\bsls\s+remove\b'
304
+ reason: sls remove (removes stack)
305
+
306
+ - pattern: '\bsam\s+delete\b'
307
+ reason: sam delete (deletes SAM application)
308
+
309
+ # ---------------------------------------------------------------------------
310
+ # HEROKU DESTRUCTIVE OPERATIONS
311
+ # ---------------------------------------------------------------------------
312
+ - pattern: '\bheroku\s+apps:destroy\b'
313
+ reason: heroku apps:destroy
314
+
315
+ - pattern: '\bheroku\s+pg:reset\b'
316
+ reason: heroku pg:reset (resets database)
317
+
318
+ # ---------------------------------------------------------------------------
319
+ # OTHER CLOUD PLATFORMS DESTRUCTIVE OPERATIONS
320
+ # ---------------------------------------------------------------------------
321
+ - pattern: '\bfly\s+apps\s+destroy\b'
322
+ reason: fly apps destroy (Fly.io)
323
+
324
+ - pattern: '\bfly\s+destroy\b'
325
+ reason: fly destroy (Fly.io)
326
+
327
+ - pattern: '\bdoctl\s+compute\s+droplet\s+delete\b'
328
+ reason: doctl droplet delete (DigitalOcean)
329
+
330
+ - pattern: '\bdoctl\s+databases\s+delete\b'
331
+ reason: doctl databases delete (DigitalOcean)
332
+
333
+ - pattern: '\bsupabase\s+db\s+reset\b'
334
+ reason: supabase db reset
335
+
336
+ # ---------------------------------------------------------------------------
337
+ # GITHUB CLI DESTRUCTIVE OPERATIONS
338
+ # ---------------------------------------------------------------------------
339
+ - pattern: '\bgh\s+repo\s+delete\b'
340
+ reason: gh repo delete (deletes repository)
341
+
342
+ # ---------------------------------------------------------------------------
343
+ # PACKAGE REGISTRY DESTRUCTIVE OPERATIONS
344
+ # ---------------------------------------------------------------------------
345
+ - pattern: '\bnpm\s+unpublish\b'
346
+ reason: npm unpublish (removes package from registry)
347
+
348
+ # ---------------------------------------------------------------------------
349
+ # SQL DESTRUCTIVE OPERATIONS (catastrophic - no WHERE clause)
350
+ # ---------------------------------------------------------------------------
351
+ - pattern: 'DELETE\s+FROM\s+\w+\s*;'
352
+ reason: DELETE without WHERE clause (will delete ALL rows)
353
+
354
+ - pattern: 'DELETE\s+FROM\s+\w+\s*$'
355
+ reason: DELETE without WHERE clause (will delete ALL rows)
356
+
357
+ - pattern: 'DELETE\s+\*\s+FROM'
358
+ reason: DELETE * (will delete ALL rows)
359
+
360
+ - pattern: '\bTRUNCATE\s+TABLE\b'
361
+ reason: TRUNCATE TABLE (will delete ALL rows)
362
+
363
+ - pattern: '\bDROP\s+TABLE\b'
364
+ reason: DROP TABLE
365
+
366
+ - pattern: '\bDROP\s+DATABASE\b'
367
+ reason: DROP DATABASE
368
+
369
+ # ---------------------------------------------------------------------------
370
+ # SQL OPERATIONS REQUIRING CONFIRMATION (ask: true)
371
+ # ---------------------------------------------------------------------------
372
+ - pattern: '\bDELETE\s+FROM\s+\w+\s+WHERE\b.*\bid\s*='
373
+ reason: SQL DELETE with specific ID
374
+ ask: true
375
+
376
+ # ---------------------------------------------------------------------------
377
+ # ZERO ACCESS PATHS - No read, write, or any access allowed
378
+ # ---------------------------------------------------------------------------
379
+ # These contain secrets/credentials - block ALL operations including reads
380
+ # Enforced by: Bash, Edit, Write tools
381
+ # Supports glob patterns: *.pem, .env*, *-credentials.json
382
+ zeroAccessPaths:
383
+ # ---------------------------------------------------------------------------
384
+ # ENVIRONMENT FILES (HIGH RISK - contain secrets)
385
+ # Uses path-separator prefix to avoid false positives on substrings
386
+ # like "process.env", "pi-envman", "@artale/pi-env"
387
+ # ---------------------------------------------------------------------------
388
+ - "/.env"
389
+ - "/.env."
390
+ - "/.env.local"
391
+
392
+ # ---------------------------------------------------------------------------
393
+ # SSH KEYS AND CONFIG
394
+ # ---------------------------------------------------------------------------
395
+ - "~/.ssh/"
396
+
397
+ # ---------------------------------------------------------------------------
398
+ # GPG KEYS
399
+ # ---------------------------------------------------------------------------
400
+ - "~/.gnupg/"
401
+
402
+ # ---------------------------------------------------------------------------
403
+ # CLOUD PROVIDER CREDENTIALS
404
+ # ---------------------------------------------------------------------------
405
+ # AWS
406
+ - "~/.aws/"
407
+
408
+ # GCP
409
+ - "~/.config/gcloud/"
410
+ - "*-credentials.json"
411
+ - "*serviceAccount*.json"
412
+ - "*service-account*.json"
413
+
414
+ # Azure
415
+ - "~/.azure/"
416
+
417
+ # Kubernetes
418
+ - "~/.kube/"
419
+ - "kubeconfig"
420
+ - "*-secret.yaml"
421
+ - "secrets.yaml"
422
+
423
+ # Docker
424
+ - "~/.docker/"
425
+
426
+ # ---------------------------------------------------------------------------
427
+ # SSL/TLS CERTIFICATES AND PRIVATE KEYS
428
+ # ---------------------------------------------------------------------------
429
+ - "*.pem"
430
+ - "*.key"
431
+ - "*.p12"
432
+ - "*.pfx"
433
+
434
+ # ---------------------------------------------------------------------------
435
+ # TERRAFORM STATE (contains secrets in plaintext!)
436
+ # ---------------------------------------------------------------------------
437
+ - "*.tfstate"
438
+ - "*.tfstate.backup"
439
+ - ".terraform/"
440
+
441
+ # ---------------------------------------------------------------------------
442
+ # PLATFORM TOKENS (Vercel, Netlify, etc.)
443
+ # ---------------------------------------------------------------------------
444
+ - ".vercel/"
445
+ - ".netlify/"
446
+
447
+ # ---------------------------------------------------------------------------
448
+ # FIREBASE/SUPABASE
449
+ # ---------------------------------------------------------------------------
450
+ - "firebase-adminsdk*.json"
451
+ - "serviceAccountKey.json"
452
+ - ".supabase/"
453
+
454
+ # ---------------------------------------------------------------------------
455
+ # PACKAGE MANAGER AUTH & CREDENTIALS
456
+ # ---------------------------------------------------------------------------
457
+ - "~/.netrc"
458
+ - "~/.npmrc"
459
+ - "~/.pypirc"
460
+ - "~/.git-credentials"
461
+ - ".git-credentials"
462
+
463
+ # ---------------------------------------------------------------------------
464
+ # DATABASE DUMPS (may contain production data)
465
+ # ---------------------------------------------------------------------------
466
+ - "dump.sql"
467
+ - "backup.sql"
468
+ - "*.dump"
469
+
470
+ # ---------------------------------------------------------------------------
471
+ # READ-ONLY PATHS - Can read, but not write/edit/delete
472
+ # ---------------------------------------------------------------------------
473
+ # Safe to read but should never be modified by AI
474
+ # Enforced by: Bash, Edit, Write tools
475
+ # Supports glob patterns: *.lock, *.min.js
476
+ readOnlyPaths:
477
+ # ---------------------------------------------------------------------------
478
+ # SYSTEM DIRECTORIES
479
+ # ---------------------------------------------------------------------------
480
+ - /etc/
481
+ - /usr/
482
+ - /bin/
483
+ - /sbin/
484
+ - /boot/
485
+ - /root/
486
+
487
+ # ---------------------------------------------------------------------------
488
+ # SHELL HISTORY FILES
489
+ # ---------------------------------------------------------------------------
490
+ - ~/.bash_history
491
+ - ~/.zsh_history
492
+ - ~/.node_repl_history
493
+
494
+ # ---------------------------------------------------------------------------
495
+ # SHELL CONFIG FILES
496
+ # ---------------------------------------------------------------------------
497
+ - ~/.bashrc
498
+ - ~/.zshrc
499
+ - ~/.profile
500
+ - ~/.bash_profile
501
+
502
+ # ---------------------------------------------------------------------------
503
+ # LOCK FILES - Never manually edit, use package managers
504
+ # ---------------------------------------------------------------------------
505
+ - "package-lock.json"
506
+ - "yarn.lock"
507
+ - "pnpm-lock.yaml"
508
+ - "Gemfile.lock"
509
+ - "poetry.lock"
510
+ - "Pipfile.lock"
511
+ - "composer.lock"
512
+ - "Cargo.lock"
513
+ - "go.sum"
514
+ - "flake.lock"
515
+ - "bun.lockb"
516
+ - "uv.lock"
517
+ - "npm-shrinkwrap.json"
518
+ - "*.lock"
519
+ - "*.lockb"
520
+
521
+ # ---------------------------------------------------------------------------
522
+ # MINIFIED/COMPILED FILES - Generated, don't edit
523
+ # ---------------------------------------------------------------------------
524
+ - "*.min.js"
525
+ - "*.min.css"
526
+ - "*.bundle.js"
527
+ - "*.chunk.js"
528
+
529
+ # ---------------------------------------------------------------------------
530
+ # BUILD ARTIFACTS - Generated directories, don't edit
531
+ # ---------------------------------------------------------------------------
532
+ - dist/
533
+ - build/
534
+ - out/
535
+ - .next/
536
+ - .nuxt/
537
+ - .output/
538
+ - node_modules/
539
+ - __pycache__/
540
+ - .venv/
541
+ - venv/
542
+ - target/
543
+
544
+ # ---------------------------------------------------------------------------
545
+ # NO-DELETE PATHS - Can read/write/edit, but not delete
546
+ # ---------------------------------------------------------------------------
547
+ # Protect important files from accidental deletion
548
+ # Enforced by: Bash tool only (Edit/Write don't delete files)
549
+ # Supports glob patterns: *.md, LICENSE*
550
+ noDeletePaths:
551
+ # ---------------------------------------------------------------------------
552
+ # CLAUDE CODE CONFIGURATION
553
+ # ---------------------------------------------------------------------------
554
+ - ~/.claude/
555
+ - CLAUDE.md
556
+
557
+ # ---------------------------------------------------------------------------
558
+ # LICENSE AND LEGAL FILES
559
+ # ---------------------------------------------------------------------------
560
+ - "LICENSE"
561
+ - "LICENSE.*"
562
+ - "COPYING"
563
+ - "COPYING.*"
564
+ - "NOTICE"
565
+ - "PATENTS"
566
+
567
+ # ---------------------------------------------------------------------------
568
+ # PROJECT DOCUMENTATION
569
+ # ---------------------------------------------------------------------------
570
+ - "README.md"
571
+ - "README.*"
572
+ - "CONTRIBUTING.md"
573
+ - "CHANGELOG.md"
574
+ - "CODE_OF_CONDUCT.md"
575
+ - "SECURITY.md"
576
+
577
+ # ---------------------------------------------------------------------------
578
+ # GIT DIRECTORY
579
+ # ---------------------------------------------------------------------------
580
+ - .git/
581
+ - .gitignore
582
+ - .gitattributes
583
+ - .gitmodules
584
+
585
+ # ---------------------------------------------------------------------------
586
+ # CI/CD CONFIGURATION
587
+ # ---------------------------------------------------------------------------
588
+ - .github/
589
+ - .gitlab-ci.yml
590
+ - .circleci/
591
+ - Jenkinsfile
592
+ - .travis.yml
593
+ - azure-pipelines.yml
594
+
595
+ # ---------------------------------------------------------------------------
596
+ # DOCKER CONFIGURATION
597
+ # ---------------------------------------------------------------------------
598
+ - Dockerfile
599
+ - "Dockerfile.*"
600
+ - docker-compose.yml
601
+ - "docker-compose.*.yml"
602
+ - .dockerignore
603
+
604
+ # ---------------------------------------------------------------------------
605
+ # COMMON PROJECT DIRECTORIES (uncomment to enable)
606
+ # ---------------------------------------------------------------------------
607
+ # - src/
608
+ # - lib/
609
+ # - app/
610
+ # - tests/
611
+ # - docs/
@@ -0,0 +1,43 @@
1
+ {
2
+ "providers": {
3
+ "_comment": "Configure your model providers here. Examples below — uncomment and fill in the ones you use.",
4
+
5
+ "_example_ollama": {
6
+ "type": "ollama",
7
+ "baseUrl": "http://localhost:11434",
8
+ "models": {
9
+ "default": "llama3.1:70b",
10
+ "fast": "llama3.1:8b",
11
+ "thinking": "qwen2.5:72b"
12
+ }
13
+ },
14
+
15
+ "_example_openai_compatible": {
16
+ "type": "openai",
17
+ "baseUrl": "http://localhost:1234/v1",
18
+ "apiKey": "your-api-key-here",
19
+ "models": {
20
+ "default": "your-model-name"
21
+ }
22
+ },
23
+
24
+ "_example_anthropic": {
25
+ "type": "anthropic",
26
+ "apiKey": "your-api-key-here",
27
+ "models": {
28
+ "default": "claude-sonnet-4-6",
29
+ "thinking": "claude-opus-4-6"
30
+ }
31
+ },
32
+
33
+ "_example_openrouter": {
34
+ "type": "openai",
35
+ "baseUrl": "https://openrouter.ai/api/v1",
36
+ "apiKey": "your-openrouter-key",
37
+ "models": {
38
+ "default": "anthropic/claude-sonnet-4-6",
39
+ "fast": "anthropic/claude-haiku-4-5"
40
+ }
41
+ }
42
+ }
43
+ }