@askexenow/exe-os 0.9.99 → 0.9.100
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bin/cli.js +29 -10
- package/dist/bin/exe-boot.js +29 -10
- package/dist/bin/exe-cloud.js +29 -10
- package/dist/bin/exe-doctor.js +29 -10
- package/dist/bin/setup.js +29 -10
- package/dist/hooks/summary-worker.js +29 -10
- package/dist/lib/cloud-sync.js +29 -10
- package/dist/lib/exe-daemon.js +29 -10
- package/dist/lib/keychain.js +29 -10
- package/dist/mcp/server.js +29 -10
- package/dist/tui/App.js +29 -10
- package/package.json +1 -1
- package/src/commands/exe/setup.md +1 -1
package/dist/bin/cli.js
CHANGED
|
@@ -2896,20 +2896,39 @@ async function getKeyStorageInfo() {
|
|
|
2896
2896
|
}
|
|
2897
2897
|
async function setMasterKey(key) {
|
|
2898
2898
|
const b64 = key.toString("base64");
|
|
2899
|
-
|
|
2900
|
-
|
|
2899
|
+
let keychainOk = false;
|
|
2900
|
+
if (macKeychainSet(b64)) {
|
|
2901
|
+
const readBack = macKeychainGet();
|
|
2902
|
+
if (readBack === b64) {
|
|
2903
|
+
keychainOk = true;
|
|
2904
|
+
} else {
|
|
2905
|
+
process.stderr.write(
|
|
2906
|
+
"[keychain] macOS Keychain write appeared to succeed but read-back failed.\n This can happen on macOS Tahoe with new permission patterns.\n"
|
|
2907
|
+
);
|
|
2908
|
+
}
|
|
2909
|
+
} else if (linuxSecretSet(b64)) {
|
|
2910
|
+
const readBack = linuxSecretGet();
|
|
2911
|
+
if (readBack === b64) {
|
|
2912
|
+
keychainOk = true;
|
|
2913
|
+
} else {
|
|
2914
|
+
process.stderr.write("[keychain] Linux secret-tool write appeared to succeed but read-back failed.\n");
|
|
2915
|
+
}
|
|
2901
2916
|
}
|
|
2902
|
-
|
|
2903
|
-
|
|
2904
|
-
|
|
2905
|
-
|
|
2906
|
-
|
|
2907
|
-
|
|
2917
|
+
if (!keychainOk) {
|
|
2918
|
+
const keytar = await tryKeytar();
|
|
2919
|
+
if (keytar) {
|
|
2920
|
+
try {
|
|
2921
|
+
await keytar.setPassword(SERVICE, ACCOUNT, b64);
|
|
2922
|
+
keychainOk = true;
|
|
2923
|
+
} catch {
|
|
2924
|
+
}
|
|
2908
2925
|
}
|
|
2909
2926
|
}
|
|
2910
2927
|
const fallback = await writeMachineBoundFileFallback(b64);
|
|
2911
|
-
if (
|
|
2912
|
-
process.stderr.write("[keychain] Key stored
|
|
2928
|
+
if (keychainOk) {
|
|
2929
|
+
process.stderr.write("[keychain] Key stored in OS keychain (file backup also written).\n");
|
|
2930
|
+
} else if (fallback === "encrypted") {
|
|
2931
|
+
process.stderr.write("[keychain] Key stored encrypted (machine-bound file fallback).\n");
|
|
2913
2932
|
} else {
|
|
2914
2933
|
process.stderr.write(
|
|
2915
2934
|
"[keychain] WARNING: Key stored in plaintext file \u2014 no OS keychain available.\n"
|
package/dist/bin/exe-boot.js
CHANGED
|
@@ -3942,20 +3942,39 @@ async function getKeyStorageInfo() {
|
|
|
3942
3942
|
}
|
|
3943
3943
|
async function setMasterKey(key) {
|
|
3944
3944
|
const b64 = key.toString("base64");
|
|
3945
|
-
|
|
3946
|
-
|
|
3945
|
+
let keychainOk = false;
|
|
3946
|
+
if (macKeychainSet(b64)) {
|
|
3947
|
+
const readBack = macKeychainGet();
|
|
3948
|
+
if (readBack === b64) {
|
|
3949
|
+
keychainOk = true;
|
|
3950
|
+
} else {
|
|
3951
|
+
process.stderr.write(
|
|
3952
|
+
"[keychain] macOS Keychain write appeared to succeed but read-back failed.\n This can happen on macOS Tahoe with new permission patterns.\n"
|
|
3953
|
+
);
|
|
3954
|
+
}
|
|
3955
|
+
} else if (linuxSecretSet(b64)) {
|
|
3956
|
+
const readBack = linuxSecretGet();
|
|
3957
|
+
if (readBack === b64) {
|
|
3958
|
+
keychainOk = true;
|
|
3959
|
+
} else {
|
|
3960
|
+
process.stderr.write("[keychain] Linux secret-tool write appeared to succeed but read-back failed.\n");
|
|
3961
|
+
}
|
|
3947
3962
|
}
|
|
3948
|
-
|
|
3949
|
-
|
|
3950
|
-
|
|
3951
|
-
|
|
3952
|
-
|
|
3953
|
-
|
|
3963
|
+
if (!keychainOk) {
|
|
3964
|
+
const keytar = await tryKeytar();
|
|
3965
|
+
if (keytar) {
|
|
3966
|
+
try {
|
|
3967
|
+
await keytar.setPassword(SERVICE, ACCOUNT, b64);
|
|
3968
|
+
keychainOk = true;
|
|
3969
|
+
} catch {
|
|
3970
|
+
}
|
|
3954
3971
|
}
|
|
3955
3972
|
}
|
|
3956
3973
|
const fallback = await writeMachineBoundFileFallback(b64);
|
|
3957
|
-
if (
|
|
3958
|
-
process.stderr.write("[keychain] Key stored
|
|
3974
|
+
if (keychainOk) {
|
|
3975
|
+
process.stderr.write("[keychain] Key stored in OS keychain (file backup also written).\n");
|
|
3976
|
+
} else if (fallback === "encrypted") {
|
|
3977
|
+
process.stderr.write("[keychain] Key stored encrypted (machine-bound file fallback).\n");
|
|
3959
3978
|
} else {
|
|
3960
3979
|
process.stderr.write(
|
|
3961
3980
|
"[keychain] WARNING: Key stored in plaintext file \u2014 no OS keychain available.\n"
|
package/dist/bin/exe-cloud.js
CHANGED
|
@@ -413,20 +413,39 @@ async function getKeyStorageInfo() {
|
|
|
413
413
|
}
|
|
414
414
|
async function setMasterKey(key) {
|
|
415
415
|
const b64 = key.toString("base64");
|
|
416
|
-
|
|
417
|
-
|
|
416
|
+
let keychainOk = false;
|
|
417
|
+
if (macKeychainSet(b64)) {
|
|
418
|
+
const readBack = macKeychainGet();
|
|
419
|
+
if (readBack === b64) {
|
|
420
|
+
keychainOk = true;
|
|
421
|
+
} else {
|
|
422
|
+
process.stderr.write(
|
|
423
|
+
"[keychain] macOS Keychain write appeared to succeed but read-back failed.\n This can happen on macOS Tahoe with new permission patterns.\n"
|
|
424
|
+
);
|
|
425
|
+
}
|
|
426
|
+
} else if (linuxSecretSet(b64)) {
|
|
427
|
+
const readBack = linuxSecretGet();
|
|
428
|
+
if (readBack === b64) {
|
|
429
|
+
keychainOk = true;
|
|
430
|
+
} else {
|
|
431
|
+
process.stderr.write("[keychain] Linux secret-tool write appeared to succeed but read-back failed.\n");
|
|
432
|
+
}
|
|
418
433
|
}
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
|
|
434
|
+
if (!keychainOk) {
|
|
435
|
+
const keytar = await tryKeytar();
|
|
436
|
+
if (keytar) {
|
|
437
|
+
try {
|
|
438
|
+
await keytar.setPassword(SERVICE, ACCOUNT, b64);
|
|
439
|
+
keychainOk = true;
|
|
440
|
+
} catch {
|
|
441
|
+
}
|
|
425
442
|
}
|
|
426
443
|
}
|
|
427
444
|
const fallback = await writeMachineBoundFileFallback(b64);
|
|
428
|
-
if (
|
|
429
|
-
process.stderr.write("[keychain] Key stored
|
|
445
|
+
if (keychainOk) {
|
|
446
|
+
process.stderr.write("[keychain] Key stored in OS keychain (file backup also written).\n");
|
|
447
|
+
} else if (fallback === "encrypted") {
|
|
448
|
+
process.stderr.write("[keychain] Key stored encrypted (machine-bound file fallback).\n");
|
|
430
449
|
} else {
|
|
431
450
|
process.stderr.write(
|
|
432
451
|
"[keychain] WARNING: Key stored in plaintext file \u2014 no OS keychain available.\n"
|
package/dist/bin/exe-doctor.js
CHANGED
|
@@ -1068,20 +1068,39 @@ async function getKeyStorageInfo() {
|
|
|
1068
1068
|
}
|
|
1069
1069
|
async function setMasterKey(key) {
|
|
1070
1070
|
const b64 = key.toString("base64");
|
|
1071
|
-
|
|
1072
|
-
|
|
1071
|
+
let keychainOk = false;
|
|
1072
|
+
if (macKeychainSet(b64)) {
|
|
1073
|
+
const readBack = macKeychainGet();
|
|
1074
|
+
if (readBack === b64) {
|
|
1075
|
+
keychainOk = true;
|
|
1076
|
+
} else {
|
|
1077
|
+
process.stderr.write(
|
|
1078
|
+
"[keychain] macOS Keychain write appeared to succeed but read-back failed.\n This can happen on macOS Tahoe with new permission patterns.\n"
|
|
1079
|
+
);
|
|
1080
|
+
}
|
|
1081
|
+
} else if (linuxSecretSet(b64)) {
|
|
1082
|
+
const readBack = linuxSecretGet();
|
|
1083
|
+
if (readBack === b64) {
|
|
1084
|
+
keychainOk = true;
|
|
1085
|
+
} else {
|
|
1086
|
+
process.stderr.write("[keychain] Linux secret-tool write appeared to succeed but read-back failed.\n");
|
|
1087
|
+
}
|
|
1073
1088
|
}
|
|
1074
|
-
|
|
1075
|
-
|
|
1076
|
-
|
|
1077
|
-
|
|
1078
|
-
|
|
1079
|
-
|
|
1089
|
+
if (!keychainOk) {
|
|
1090
|
+
const keytar = await tryKeytar();
|
|
1091
|
+
if (keytar) {
|
|
1092
|
+
try {
|
|
1093
|
+
await keytar.setPassword(SERVICE, ACCOUNT, b64);
|
|
1094
|
+
keychainOk = true;
|
|
1095
|
+
} catch {
|
|
1096
|
+
}
|
|
1080
1097
|
}
|
|
1081
1098
|
}
|
|
1082
1099
|
const fallback = await writeMachineBoundFileFallback(b64);
|
|
1083
|
-
if (
|
|
1084
|
-
process.stderr.write("[keychain] Key stored
|
|
1100
|
+
if (keychainOk) {
|
|
1101
|
+
process.stderr.write("[keychain] Key stored in OS keychain (file backup also written).\n");
|
|
1102
|
+
} else if (fallback === "encrypted") {
|
|
1103
|
+
process.stderr.write("[keychain] Key stored encrypted (machine-bound file fallback).\n");
|
|
1085
1104
|
} else {
|
|
1086
1105
|
process.stderr.write(
|
|
1087
1106
|
"[keychain] WARNING: Key stored in plaintext file \u2014 no OS keychain available.\n"
|
package/dist/bin/setup.js
CHANGED
|
@@ -718,20 +718,39 @@ async function getKeyStorageInfo() {
|
|
|
718
718
|
}
|
|
719
719
|
async function setMasterKey(key) {
|
|
720
720
|
const b64 = key.toString("base64");
|
|
721
|
-
|
|
722
|
-
|
|
721
|
+
let keychainOk = false;
|
|
722
|
+
if (macKeychainSet(b64)) {
|
|
723
|
+
const readBack = macKeychainGet();
|
|
724
|
+
if (readBack === b64) {
|
|
725
|
+
keychainOk = true;
|
|
726
|
+
} else {
|
|
727
|
+
process.stderr.write(
|
|
728
|
+
"[keychain] macOS Keychain write appeared to succeed but read-back failed.\n This can happen on macOS Tahoe with new permission patterns.\n"
|
|
729
|
+
);
|
|
730
|
+
}
|
|
731
|
+
} else if (linuxSecretSet(b64)) {
|
|
732
|
+
const readBack = linuxSecretGet();
|
|
733
|
+
if (readBack === b64) {
|
|
734
|
+
keychainOk = true;
|
|
735
|
+
} else {
|
|
736
|
+
process.stderr.write("[keychain] Linux secret-tool write appeared to succeed but read-back failed.\n");
|
|
737
|
+
}
|
|
723
738
|
}
|
|
724
|
-
|
|
725
|
-
|
|
726
|
-
|
|
727
|
-
|
|
728
|
-
|
|
729
|
-
|
|
739
|
+
if (!keychainOk) {
|
|
740
|
+
const keytar = await tryKeytar();
|
|
741
|
+
if (keytar) {
|
|
742
|
+
try {
|
|
743
|
+
await keytar.setPassword(SERVICE, ACCOUNT, b64);
|
|
744
|
+
keychainOk = true;
|
|
745
|
+
} catch {
|
|
746
|
+
}
|
|
730
747
|
}
|
|
731
748
|
}
|
|
732
749
|
const fallback = await writeMachineBoundFileFallback(b64);
|
|
733
|
-
if (
|
|
734
|
-
process.stderr.write("[keychain] Key stored
|
|
750
|
+
if (keychainOk) {
|
|
751
|
+
process.stderr.write("[keychain] Key stored in OS keychain (file backup also written).\n");
|
|
752
|
+
} else if (fallback === "encrypted") {
|
|
753
|
+
process.stderr.write("[keychain] Key stored encrypted (machine-bound file fallback).\n");
|
|
735
754
|
} else {
|
|
736
755
|
process.stderr.write(
|
|
737
756
|
"[keychain] WARNING: Key stored in plaintext file \u2014 no OS keychain available.\n"
|
|
@@ -3587,20 +3587,39 @@ async function getKeyStorageInfo() {
|
|
|
3587
3587
|
}
|
|
3588
3588
|
async function setMasterKey(key) {
|
|
3589
3589
|
const b64 = key.toString("base64");
|
|
3590
|
-
|
|
3591
|
-
|
|
3590
|
+
let keychainOk = false;
|
|
3591
|
+
if (macKeychainSet(b64)) {
|
|
3592
|
+
const readBack = macKeychainGet();
|
|
3593
|
+
if (readBack === b64) {
|
|
3594
|
+
keychainOk = true;
|
|
3595
|
+
} else {
|
|
3596
|
+
process.stderr.write(
|
|
3597
|
+
"[keychain] macOS Keychain write appeared to succeed but read-back failed.\n This can happen on macOS Tahoe with new permission patterns.\n"
|
|
3598
|
+
);
|
|
3599
|
+
}
|
|
3600
|
+
} else if (linuxSecretSet(b64)) {
|
|
3601
|
+
const readBack = linuxSecretGet();
|
|
3602
|
+
if (readBack === b64) {
|
|
3603
|
+
keychainOk = true;
|
|
3604
|
+
} else {
|
|
3605
|
+
process.stderr.write("[keychain] Linux secret-tool write appeared to succeed but read-back failed.\n");
|
|
3606
|
+
}
|
|
3592
3607
|
}
|
|
3593
|
-
|
|
3594
|
-
|
|
3595
|
-
|
|
3596
|
-
|
|
3597
|
-
|
|
3598
|
-
|
|
3608
|
+
if (!keychainOk) {
|
|
3609
|
+
const keytar = await tryKeytar();
|
|
3610
|
+
if (keytar) {
|
|
3611
|
+
try {
|
|
3612
|
+
await keytar.setPassword(SERVICE, ACCOUNT, b64);
|
|
3613
|
+
keychainOk = true;
|
|
3614
|
+
} catch {
|
|
3615
|
+
}
|
|
3599
3616
|
}
|
|
3600
3617
|
}
|
|
3601
3618
|
const fallback = await writeMachineBoundFileFallback(b64);
|
|
3602
|
-
if (
|
|
3603
|
-
process.stderr.write("[keychain] Key stored
|
|
3619
|
+
if (keychainOk) {
|
|
3620
|
+
process.stderr.write("[keychain] Key stored in OS keychain (file backup also written).\n");
|
|
3621
|
+
} else if (fallback === "encrypted") {
|
|
3622
|
+
process.stderr.write("[keychain] Key stored encrypted (machine-bound file fallback).\n");
|
|
3604
3623
|
} else {
|
|
3605
3624
|
process.stderr.write(
|
|
3606
3625
|
"[keychain] WARNING: Key stored in plaintext file \u2014 no OS keychain available.\n"
|
package/dist/lib/cloud-sync.js
CHANGED
|
@@ -3480,20 +3480,39 @@ async function getKeyStorageInfo() {
|
|
|
3480
3480
|
}
|
|
3481
3481
|
async function setMasterKey(key) {
|
|
3482
3482
|
const b64 = key.toString("base64");
|
|
3483
|
-
|
|
3484
|
-
|
|
3483
|
+
let keychainOk = false;
|
|
3484
|
+
if (macKeychainSet(b64)) {
|
|
3485
|
+
const readBack = macKeychainGet();
|
|
3486
|
+
if (readBack === b64) {
|
|
3487
|
+
keychainOk = true;
|
|
3488
|
+
} else {
|
|
3489
|
+
process.stderr.write(
|
|
3490
|
+
"[keychain] macOS Keychain write appeared to succeed but read-back failed.\n This can happen on macOS Tahoe with new permission patterns.\n"
|
|
3491
|
+
);
|
|
3492
|
+
}
|
|
3493
|
+
} else if (linuxSecretSet(b64)) {
|
|
3494
|
+
const readBack = linuxSecretGet();
|
|
3495
|
+
if (readBack === b64) {
|
|
3496
|
+
keychainOk = true;
|
|
3497
|
+
} else {
|
|
3498
|
+
process.stderr.write("[keychain] Linux secret-tool write appeared to succeed but read-back failed.\n");
|
|
3499
|
+
}
|
|
3485
3500
|
}
|
|
3486
|
-
|
|
3487
|
-
|
|
3488
|
-
|
|
3489
|
-
|
|
3490
|
-
|
|
3491
|
-
|
|
3501
|
+
if (!keychainOk) {
|
|
3502
|
+
const keytar = await tryKeytar();
|
|
3503
|
+
if (keytar) {
|
|
3504
|
+
try {
|
|
3505
|
+
await keytar.setPassword(SERVICE, ACCOUNT, b64);
|
|
3506
|
+
keychainOk = true;
|
|
3507
|
+
} catch {
|
|
3508
|
+
}
|
|
3492
3509
|
}
|
|
3493
3510
|
}
|
|
3494
3511
|
const fallback = await writeMachineBoundFileFallback(b64);
|
|
3495
|
-
if (
|
|
3496
|
-
process.stderr.write("[keychain] Key stored
|
|
3512
|
+
if (keychainOk) {
|
|
3513
|
+
process.stderr.write("[keychain] Key stored in OS keychain (file backup also written).\n");
|
|
3514
|
+
} else if (fallback === "encrypted") {
|
|
3515
|
+
process.stderr.write("[keychain] Key stored encrypted (machine-bound file fallback).\n");
|
|
3497
3516
|
} else {
|
|
3498
3517
|
process.stderr.write(
|
|
3499
3518
|
"[keychain] WARNING: Key stored in plaintext file \u2014 no OS keychain available.\n"
|
package/dist/lib/exe-daemon.js
CHANGED
|
@@ -5637,20 +5637,39 @@ async function getKeyStorageInfo() {
|
|
|
5637
5637
|
}
|
|
5638
5638
|
async function setMasterKey(key) {
|
|
5639
5639
|
const b64 = key.toString("base64");
|
|
5640
|
-
|
|
5641
|
-
|
|
5640
|
+
let keychainOk = false;
|
|
5641
|
+
if (macKeychainSet(b64)) {
|
|
5642
|
+
const readBack = macKeychainGet();
|
|
5643
|
+
if (readBack === b64) {
|
|
5644
|
+
keychainOk = true;
|
|
5645
|
+
} else {
|
|
5646
|
+
process.stderr.write(
|
|
5647
|
+
"[keychain] macOS Keychain write appeared to succeed but read-back failed.\n This can happen on macOS Tahoe with new permission patterns.\n"
|
|
5648
|
+
);
|
|
5649
|
+
}
|
|
5650
|
+
} else if (linuxSecretSet(b64)) {
|
|
5651
|
+
const readBack = linuxSecretGet();
|
|
5652
|
+
if (readBack === b64) {
|
|
5653
|
+
keychainOk = true;
|
|
5654
|
+
} else {
|
|
5655
|
+
process.stderr.write("[keychain] Linux secret-tool write appeared to succeed but read-back failed.\n");
|
|
5656
|
+
}
|
|
5642
5657
|
}
|
|
5643
|
-
|
|
5644
|
-
|
|
5645
|
-
|
|
5646
|
-
|
|
5647
|
-
|
|
5648
|
-
|
|
5658
|
+
if (!keychainOk) {
|
|
5659
|
+
const keytar = await tryKeytar();
|
|
5660
|
+
if (keytar) {
|
|
5661
|
+
try {
|
|
5662
|
+
await keytar.setPassword(SERVICE, ACCOUNT, b64);
|
|
5663
|
+
keychainOk = true;
|
|
5664
|
+
} catch {
|
|
5665
|
+
}
|
|
5649
5666
|
}
|
|
5650
5667
|
}
|
|
5651
5668
|
const fallback = await writeMachineBoundFileFallback(b64);
|
|
5652
|
-
if (
|
|
5653
|
-
process.stderr.write("[keychain] Key stored
|
|
5669
|
+
if (keychainOk) {
|
|
5670
|
+
process.stderr.write("[keychain] Key stored in OS keychain (file backup also written).\n");
|
|
5671
|
+
} else if (fallback === "encrypted") {
|
|
5672
|
+
process.stderr.write("[keychain] Key stored encrypted (machine-bound file fallback).\n");
|
|
5654
5673
|
} else {
|
|
5655
5674
|
process.stderr.write(
|
|
5656
5675
|
"[keychain] WARNING: Key stored in plaintext file \u2014 no OS keychain available.\n"
|
package/dist/lib/keychain.js
CHANGED
|
@@ -399,20 +399,39 @@ async function getKeyStorageInfo() {
|
|
|
399
399
|
}
|
|
400
400
|
async function setMasterKey(key) {
|
|
401
401
|
const b64 = key.toString("base64");
|
|
402
|
-
|
|
403
|
-
|
|
402
|
+
let keychainOk = false;
|
|
403
|
+
if (macKeychainSet(b64)) {
|
|
404
|
+
const readBack = macKeychainGet();
|
|
405
|
+
if (readBack === b64) {
|
|
406
|
+
keychainOk = true;
|
|
407
|
+
} else {
|
|
408
|
+
process.stderr.write(
|
|
409
|
+
"[keychain] macOS Keychain write appeared to succeed but read-back failed.\n This can happen on macOS Tahoe with new permission patterns.\n"
|
|
410
|
+
);
|
|
411
|
+
}
|
|
412
|
+
} else if (linuxSecretSet(b64)) {
|
|
413
|
+
const readBack = linuxSecretGet();
|
|
414
|
+
if (readBack === b64) {
|
|
415
|
+
keychainOk = true;
|
|
416
|
+
} else {
|
|
417
|
+
process.stderr.write("[keychain] Linux secret-tool write appeared to succeed but read-back failed.\n");
|
|
418
|
+
}
|
|
404
419
|
}
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
|
|
410
|
-
|
|
420
|
+
if (!keychainOk) {
|
|
421
|
+
const keytar = await tryKeytar();
|
|
422
|
+
if (keytar) {
|
|
423
|
+
try {
|
|
424
|
+
await keytar.setPassword(SERVICE, ACCOUNT, b64);
|
|
425
|
+
keychainOk = true;
|
|
426
|
+
} catch {
|
|
427
|
+
}
|
|
411
428
|
}
|
|
412
429
|
}
|
|
413
430
|
const fallback = await writeMachineBoundFileFallback(b64);
|
|
414
|
-
if (
|
|
415
|
-
process.stderr.write("[keychain] Key stored
|
|
431
|
+
if (keychainOk) {
|
|
432
|
+
process.stderr.write("[keychain] Key stored in OS keychain (file backup also written).\n");
|
|
433
|
+
} else if (fallback === "encrypted") {
|
|
434
|
+
process.stderr.write("[keychain] Key stored encrypted (machine-bound file fallback).\n");
|
|
416
435
|
} else {
|
|
417
436
|
process.stderr.write(
|
|
418
437
|
"[keychain] WARNING: Key stored in plaintext file \u2014 no OS keychain available.\n"
|
package/dist/mcp/server.js
CHANGED
|
@@ -3994,20 +3994,39 @@ async function getKeyStorageInfo() {
|
|
|
3994
3994
|
}
|
|
3995
3995
|
async function setMasterKey(key) {
|
|
3996
3996
|
const b64 = key.toString("base64");
|
|
3997
|
-
|
|
3998
|
-
|
|
3997
|
+
let keychainOk = false;
|
|
3998
|
+
if (macKeychainSet(b64)) {
|
|
3999
|
+
const readBack = macKeychainGet();
|
|
4000
|
+
if (readBack === b64) {
|
|
4001
|
+
keychainOk = true;
|
|
4002
|
+
} else {
|
|
4003
|
+
process.stderr.write(
|
|
4004
|
+
"[keychain] macOS Keychain write appeared to succeed but read-back failed.\n This can happen on macOS Tahoe with new permission patterns.\n"
|
|
4005
|
+
);
|
|
4006
|
+
}
|
|
4007
|
+
} else if (linuxSecretSet(b64)) {
|
|
4008
|
+
const readBack = linuxSecretGet();
|
|
4009
|
+
if (readBack === b64) {
|
|
4010
|
+
keychainOk = true;
|
|
4011
|
+
} else {
|
|
4012
|
+
process.stderr.write("[keychain] Linux secret-tool write appeared to succeed but read-back failed.\n");
|
|
4013
|
+
}
|
|
3999
4014
|
}
|
|
4000
|
-
|
|
4001
|
-
|
|
4002
|
-
|
|
4003
|
-
|
|
4004
|
-
|
|
4005
|
-
|
|
4015
|
+
if (!keychainOk) {
|
|
4016
|
+
const keytar = await tryKeytar();
|
|
4017
|
+
if (keytar) {
|
|
4018
|
+
try {
|
|
4019
|
+
await keytar.setPassword(SERVICE, ACCOUNT, b64);
|
|
4020
|
+
keychainOk = true;
|
|
4021
|
+
} catch {
|
|
4022
|
+
}
|
|
4006
4023
|
}
|
|
4007
4024
|
}
|
|
4008
4025
|
const fallback = await writeMachineBoundFileFallback(b64);
|
|
4009
|
-
if (
|
|
4010
|
-
process.stderr.write("[keychain] Key stored
|
|
4026
|
+
if (keychainOk) {
|
|
4027
|
+
process.stderr.write("[keychain] Key stored in OS keychain (file backup also written).\n");
|
|
4028
|
+
} else if (fallback === "encrypted") {
|
|
4029
|
+
process.stderr.write("[keychain] Key stored encrypted (machine-bound file fallback).\n");
|
|
4011
4030
|
} else {
|
|
4012
4031
|
process.stderr.write(
|
|
4013
4032
|
"[keychain] WARNING: Key stored in plaintext file \u2014 no OS keychain available.\n"
|
package/dist/tui/App.js
CHANGED
|
@@ -11333,20 +11333,39 @@ async function getKeyStorageInfo() {
|
|
|
11333
11333
|
}
|
|
11334
11334
|
async function setMasterKey(key) {
|
|
11335
11335
|
const b64 = key.toString("base64");
|
|
11336
|
-
|
|
11337
|
-
|
|
11336
|
+
let keychainOk = false;
|
|
11337
|
+
if (macKeychainSet(b64)) {
|
|
11338
|
+
const readBack = macKeychainGet();
|
|
11339
|
+
if (readBack === b64) {
|
|
11340
|
+
keychainOk = true;
|
|
11341
|
+
} else {
|
|
11342
|
+
process.stderr.write(
|
|
11343
|
+
"[keychain] macOS Keychain write appeared to succeed but read-back failed.\n This can happen on macOS Tahoe with new permission patterns.\n"
|
|
11344
|
+
);
|
|
11345
|
+
}
|
|
11346
|
+
} else if (linuxSecretSet(b64)) {
|
|
11347
|
+
const readBack = linuxSecretGet();
|
|
11348
|
+
if (readBack === b64) {
|
|
11349
|
+
keychainOk = true;
|
|
11350
|
+
} else {
|
|
11351
|
+
process.stderr.write("[keychain] Linux secret-tool write appeared to succeed but read-back failed.\n");
|
|
11352
|
+
}
|
|
11338
11353
|
}
|
|
11339
|
-
|
|
11340
|
-
|
|
11341
|
-
|
|
11342
|
-
|
|
11343
|
-
|
|
11344
|
-
|
|
11354
|
+
if (!keychainOk) {
|
|
11355
|
+
const keytar = await tryKeytar();
|
|
11356
|
+
if (keytar) {
|
|
11357
|
+
try {
|
|
11358
|
+
await keytar.setPassword(SERVICE, ACCOUNT, b64);
|
|
11359
|
+
keychainOk = true;
|
|
11360
|
+
} catch {
|
|
11361
|
+
}
|
|
11345
11362
|
}
|
|
11346
11363
|
}
|
|
11347
11364
|
const fallback = await writeMachineBoundFileFallback(b64);
|
|
11348
|
-
if (
|
|
11349
|
-
process.stderr.write("[keychain] Key stored
|
|
11365
|
+
if (keychainOk) {
|
|
11366
|
+
process.stderr.write("[keychain] Key stored in OS keychain (file backup also written).\n");
|
|
11367
|
+
} else if (fallback === "encrypted") {
|
|
11368
|
+
process.stderr.write("[keychain] Key stored encrypted (machine-bound file fallback).\n");
|
|
11350
11369
|
} else {
|
|
11351
11370
|
process.stderr.write(
|
|
11352
11371
|
"[keychain] WARNING: Key stored in plaintext file \u2014 no OS keychain available.\n"
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@askexenow/exe-os",
|
|
3
|
-
"version": "0.9.
|
|
3
|
+
"version": "0.9.100",
|
|
4
4
|
"description": "AI employee operating system — persistent memory, task management, and multi-agent coordination for Claude Code.",
|
|
5
5
|
"license": "SEE LICENSE IN LICENSE",
|
|
6
6
|
"type": "module",
|
|
@@ -68,7 +68,7 @@ Use AskUserQuestion to ask for their Exe Cloud API key (exe_sk_...).
|
|
|
68
68
|
|
|
69
69
|
Validate the key:
|
|
70
70
|
```bash
|
|
71
|
-
curl -s "https://askexe.com/
|
|
71
|
+
curl -s "https://cloud.askexe.com/auth/verify" \
|
|
72
72
|
-H "Authorization: Bearer USER_API_KEY" | cat
|
|
73
73
|
```
|
|
74
74
|
|