@controlvector/cv-agent 1.9.1 → 1.9.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bundle.cjs +68 -1
- package/dist/bundle.cjs.map +3 -3
- package/dist/commands/agent.d.ts.map +1 -1
- package/dist/commands/agent.js +24 -0
- package/dist/commands/agent.js.map +1 -1
- package/dist/commands/setup.d.ts.map +1 -1
- package/dist/commands/setup.js +40 -0
- package/dist/commands/setup.js.map +1 -1
- package/package.json +1 -1
package/dist/bundle.cjs
CHANGED
|
@@ -3929,6 +3929,41 @@ async function runSetup() {
|
|
|
3929
3929
|
} else {
|
|
3930
3930
|
console.log(source_default.green(" \u2713") + " CLAUDE.md present");
|
|
3931
3931
|
}
|
|
3932
|
+
const gitignorePath = (0, import_node_path.join)(cwd, ".gitignore");
|
|
3933
|
+
const CREDENTIAL_PATTERNS = [
|
|
3934
|
+
"# Credentials and secrets (auto-added by cv-agent)",
|
|
3935
|
+
".env",
|
|
3936
|
+
".env.*",
|
|
3937
|
+
".claude/",
|
|
3938
|
+
".claude.json",
|
|
3939
|
+
".credentials*",
|
|
3940
|
+
"*.pem",
|
|
3941
|
+
"*.key",
|
|
3942
|
+
".ssh/",
|
|
3943
|
+
".gnupg/",
|
|
3944
|
+
".npm/",
|
|
3945
|
+
".config/",
|
|
3946
|
+
".zsh_history",
|
|
3947
|
+
".bash_history",
|
|
3948
|
+
".zsh_sessions/",
|
|
3949
|
+
"node_modules/",
|
|
3950
|
+
".DS_Store"
|
|
3951
|
+
];
|
|
3952
|
+
try {
|
|
3953
|
+
let gitignoreContent = "";
|
|
3954
|
+
if ((0, import_node_fs.existsSync)(gitignorePath)) {
|
|
3955
|
+
gitignoreContent = (0, import_node_fs.readFileSync)(gitignorePath, "utf-8");
|
|
3956
|
+
}
|
|
3957
|
+
const missing = CREDENTIAL_PATTERNS.filter((p) => !gitignoreContent.includes(p));
|
|
3958
|
+
if (missing.length > 0) {
|
|
3959
|
+
const addition = (gitignoreContent && !gitignoreContent.endsWith("\n") ? "\n" : "") + missing.join("\n") + "\n";
|
|
3960
|
+
(0, import_node_fs.writeFileSync)(gitignorePath, gitignoreContent + addition);
|
|
3961
|
+
console.log(source_default.green(" \u2713") + " .gitignore updated with credential protection");
|
|
3962
|
+
} else {
|
|
3963
|
+
console.log(source_default.green(" \u2713") + " .gitignore has credential protection");
|
|
3964
|
+
}
|
|
3965
|
+
} catch {
|
|
3966
|
+
}
|
|
3932
3967
|
if (!hasCVDir) {
|
|
3933
3968
|
(0, import_node_fs.mkdirSync)((0, import_node_path.join)(cwd, ".cv"), { recursive: true });
|
|
3934
3969
|
}
|
|
@@ -5057,6 +5092,22 @@ Target repository: ${task.owner}/${task.repo}
|
|
|
5057
5092
|
`;
|
|
5058
5093
|
prompt += `
|
|
5059
5094
|
|
|
5095
|
+
## Security \u2014 NEVER Commit Secrets
|
|
5096
|
+
`;
|
|
5097
|
+
prompt += `Do NOT add, commit, or push any of the following:
|
|
5098
|
+
`;
|
|
5099
|
+
prompt += `- API keys, tokens, passwords, or credentials
|
|
5100
|
+
`;
|
|
5101
|
+
prompt += `- .env files, .credentials files, .claude/ directory
|
|
5102
|
+
`;
|
|
5103
|
+
prompt += `- SSH keys (.ssh/), GPG keys (.gnupg/)
|
|
5104
|
+
`;
|
|
5105
|
+
prompt += `- Shell history (.zsh_history, .bash_history)
|
|
5106
|
+
`;
|
|
5107
|
+
prompt += `If you need to reference an API key, use an environment variable placeholder.
|
|
5108
|
+
`;
|
|
5109
|
+
prompt += `
|
|
5110
|
+
|
|
5060
5111
|
---
|
|
5061
5112
|
`;
|
|
5062
5113
|
prompt += `When complete, provide a brief summary of what you accomplished.
|
|
@@ -5674,6 +5725,22 @@ async function runAgent(options) {
|
|
|
5674
5725
|
} catch {
|
|
5675
5726
|
}
|
|
5676
5727
|
}
|
|
5728
|
+
const gitignorePath = require("path").join(workingDir, ".gitignore");
|
|
5729
|
+
try {
|
|
5730
|
+
const fs3 = require("fs");
|
|
5731
|
+
const credPatterns = ".env\n.env.*\n.claude/\n.claude.json\n.credentials*\n*.pem\n*.key\n.ssh/\n.gnupg/\n.npm/\n.config/\n.zsh_history\n.bash_history\nnode_modules/\n.DS_Store\n";
|
|
5732
|
+
let existing = "";
|
|
5733
|
+
try {
|
|
5734
|
+
existing = fs3.readFileSync(gitignorePath, "utf-8");
|
|
5735
|
+
} catch {
|
|
5736
|
+
}
|
|
5737
|
+
if (!existing.includes(".claude/")) {
|
|
5738
|
+
const prefix = existing && !existing.endsWith("\n") ? "\n" : "";
|
|
5739
|
+
fs3.writeFileSync(gitignorePath, existing + prefix + "# Credentials (auto-added by cv-agent)\n" + credPatterns);
|
|
5740
|
+
console.log(source_default.gray(" Bootstrap: .gitignore credential protection added"));
|
|
5741
|
+
}
|
|
5742
|
+
} catch {
|
|
5743
|
+
}
|
|
5677
5744
|
const cvDir = require("path").join(workingDir, ".cv");
|
|
5678
5745
|
if (!require("fs").existsSync(cvDir)) {
|
|
5679
5746
|
try {
|
|
@@ -6448,7 +6515,7 @@ function statusCommand() {
|
|
|
6448
6515
|
|
|
6449
6516
|
// src/index.ts
|
|
6450
6517
|
var program2 = new Command();
|
|
6451
|
-
program2.name("cva").description('CV-Hub Agent \u2014 bridges Claude Code with CV-Hub task dispatch.\n\nRun "cva setup" to get started.').version(true ? "1.9.
|
|
6518
|
+
program2.name("cva").description('CV-Hub Agent \u2014 bridges Claude Code with CV-Hub task dispatch.\n\nRun "cva setup" to get started.').version(true ? "1.9.2" : "1.6.0");
|
|
6452
6519
|
program2.addCommand(setupCommand());
|
|
6453
6520
|
program2.addCommand(agentCommand());
|
|
6454
6521
|
program2.addCommand(authCommand());
|