@idapt/cli 1.8.1 → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.cjs CHANGED
@@ -536,7 +536,10 @@ var listCodeRunsRequestSchema = zod.z.object({
536
536
  var executeCodeRequestSchema = zod.z.object({
537
537
  file_id: zod.z.string(),
538
538
  timeout_seconds: zod.z.number().int().min(1).max(300).default(30),
539
- env: zod.z.record(zod.z.string(), zod.z.string()).optional()
539
+ env: zod.z.record(zod.z.string(), zod.z.string()).optional(),
540
+ // Names of workspace secrets to inject as env vars (resolved server-side; the
541
+ // values never appear in the response and are redacted from stdout/stderr).
542
+ secrets: zod.z.array(zod.z.string()).max(50).optional()
540
543
  });
541
544
  var emptyCodeRequestSchema = zod.z.object({});
542
545
  var RUN_COLUMNS = [
@@ -600,7 +603,7 @@ var codeCommands = [
600
603
  async: true,
601
604
  tags: ["Code Runs"],
602
605
  summary: "Execute a code file (js/ts/py/sh) in a sandbox; returns the run.",
603
- description: "Execute a code file (.js, .ts, .py, .sh) in a sandboxed Lambda environment. Returns stdout, stderr, exit code, and timing.",
606
+ description: "Execute a code file (.js, .ts, .py, .sh) in a sandboxed Lambda environment. Returns stdout, stderr, exit code, and timing. Pass `secrets` (workspace secret names) to inject them as env vars \u2014 resolved server-side, never returned, and redacted from output.",
604
607
  errors: [403, 404, 429],
605
608
  columns: RUN_COLUMNS
606
609
  }),
@@ -817,7 +820,11 @@ var updateComputerRequestSchema = zod.z.object({
817
820
  var computerExecRequestSchema = zod.z.object({
818
821
  command: zod.z.string().min(1).max(8192).describe("Shell command to run."),
819
822
  timeout_seconds: zod.z.number().int().min(1).max(900).optional(),
820
- user: zod.z.string().regex(usernamePattern).optional().describe("Unix user to run the command as.")
823
+ user: zod.z.string().regex(usernamePattern).optional().describe("Unix user to run the command as."),
824
+ secrets: zod.z.array(zod.z.string()).max(50).optional().describe(
825
+ "Names of workspace secrets to inject. Resolved server-side, mounted by the daemon, never returned, and redacted from output."
826
+ ),
827
+ secret_mount_mode: zod.z.enum(["env", "file"]).optional().describe("env (default) exports vars; file writes /run/idapt-secrets/.")
821
828
  });
822
829
  var computerTmuxRequestSchema = zod.z.object({
823
830
  op: zod.z.enum(["list", "run", "capture", "send", "kill"]).describe("Operation discriminator; the response shape depends on `op`."),
@@ -1736,7 +1743,6 @@ var agentResponseSchema = zod.z.object({
1736
1743
  workspace_id: zod.z.string().nullish(),
1737
1744
  type: zod.z.string().nullish(),
1738
1745
  permissions: zod.z.array(zod.z.record(zod.z.string(), zod.z.unknown())).nullish(),
1739
- confirmation_required: zod.z.array(zod.z.string()).optional(),
1740
1746
  compaction_preset: zod.z.enum(["minimal", "normal", "detailed"]).nullish(),
1741
1747
  compaction_summary_percent: zod.z.number().nullish(),
1742
1748
  compaction_summary_max_tokens: zod.z.number().nullish(),
@@ -2069,7 +2075,6 @@ var createAgentRequestSchema = zod.z.object({
2069
2075
  authorization: zod.z.record(zod.z.string(), zod.z.unknown()).nullish().describe(
2070
2076
  "Agent authorization policy. Null clears explicit policy; omitted uses the default workspace-write policy."
2071
2077
  ),
2072
- confirmation_required: zod.z.array(zod.z.string()).max(200).optional(),
2073
2078
  ...agentCompactionFields,
2074
2079
  type: zod.z.enum(["user", "generated"]).optional().describe("Agent type."),
2075
2080
  memory_folder: zod.z.string().max(500).nullish(),
@@ -2084,7 +2089,6 @@ var updateAgentRequestSchema = zod.z.object({
2084
2089
  description: zod.z.string().max(2e3).nullish(),
2085
2090
  system_prompt: zod.z.string().max(131072).nullish(),
2086
2091
  authorization: zod.z.record(zod.z.string(), zod.z.unknown()).nullish().describe("Agent authorization policy. Null clears explicit policy."),
2087
- confirmation_required: zod.z.array(zod.z.string()).max(200).optional(),
2088
2092
  ...agentCompactionFields,
2089
2093
  type: zod.z.enum(["user", "generated"]).optional(),
2090
2094
  memory_folder: zod.z.string().max(500).nullish(),
@@ -5192,6 +5196,10 @@ var secretResponseSchema = zod.z.object({
5192
5196
  type: zod.z.string().nullish(),
5193
5197
  /** Masked last-4 preview — never reconstructs the value. */
5194
5198
  value_preview: zod.z.string().nullish(),
5199
+ /** ISO-8601 expiry instant, or null. Past expiry blocks injection. */
5200
+ expires_at: zod.z.string().nullish(),
5201
+ /** ISO-8601 of the last reveal/inject, or null if never used. */
5202
+ last_used_at: zod.z.string().nullish(),
5195
5203
  created_at: zod.z.string(),
5196
5204
  updated_at: zod.z.string()
5197
5205
  }).meta({ id: "Secret" });
@@ -5214,11 +5222,14 @@ var createSecretRequestSchema = zod.z.object({
5214
5222
  "ssh_private_key",
5215
5223
  "ssh_public_key"
5216
5224
  ]).optional(),
5225
+ /** ISO-8601 expiry instant; null/omitted = never expires. */
5226
+ expires_at: zod.z.string().datetime({ offset: true }).nullish(),
5217
5227
  workspace_id: zod.z.string().max(64).optional()
5218
5228
  });
5219
5229
  var updateSecretRequestSchema = zod.z.object({
5220
5230
  value: zod.z.string().min(1).optional(),
5221
- description: zod.z.string().max(1e3).nullish()
5231
+ description: zod.z.string().max(1e3).nullish(),
5232
+ expires_at: zod.z.string().datetime({ offset: true }).nullish()
5222
5233
  });
5223
5234
  var secretsCommands = [
5224
5235
  cmd({
@@ -5322,11 +5333,20 @@ var secretsPlaybook = {
5322
5333
  " contents. Don't ask the user to paste a secret into the chat.",
5323
5334
  "",
5324
5335
  "- `create --name OPENAI_API_KEY --value <v>`: prefer ALL_CAPS names (they map",
5325
- " cleanly to env vars). Names are unique per workspace.",
5336
+ " cleanly to env vars). Optional `--expires-at <ISO-8601>`. Unique per workspace.",
5326
5337
  "- `update` ROTATES: the old value is destroyed immediately and anything using",
5327
5338
  " it breaks until re-pointed. There is no rename \u2014 create a new one.",
5328
5339
  "- `delete` is immediate and irreversible.",
5329
5340
  "",
5341
+ "Using a secret at run time (pass the NAME, never the value):",
5342
+ "- `code execute --secrets '[\"GITHUB_TOKEN\"]'` \u2192 the script sees it as the env",
5343
+ " var `GITHUB_TOKEN`; `bash --secrets [...]` and `computer exec --secrets [...]`",
5344
+ " work the same. The value is injected server-side and redacted from output.",
5345
+ // biome-ignore lint/suspicious/noTemplateCurlyInString: literal ${secret:NAME} reference syntax, not a template placeholder
5346
+ "- Or embed `${secret:NAME}` inside a free-form `env` value (e.g.",
5347
+ // biome-ignore lint/suspicious/noTemplateCurlyInString: literal example of the ${secret:NAME} syntax
5348
+ " `DATABASE_URL=postgres://app:${secret:DB_PASSWORD}@db`).",
5349
+ "",
5330
5350
  "Anti-patterns: never print, log, or repeat a secret value the user gives you \u2014",
5331
5351
  "create it and move on. Secrets live here, not as Drive files and not in chat."
5332
5352
  ].join("\n")
@@ -5683,6 +5703,7 @@ function parseIdaptCommand(cmd2) {
5683
5703
  args: parsedFlags.args,
5684
5704
  timeoutSeconds,
5685
5705
  background: parsedFlags.args.background === true,
5706
+ requiresConfirmation: parsedFlags.args.requiresConfirmation === true || parsedFlags.args["requires-confirmation"] === true || parsedFlags.args.requires_confirmation === true,
5686
5707
  help: parsedFlags.args.help === true,
5687
5708
  instructions: parsedFlags.args.instructions === true
5688
5709
  }
@@ -5960,6 +5981,8 @@ var VERB_OVERRIDES = {
5960
5981
  "trigger read": "trigger get",
5961
5982
  "trigger edit": "trigger update",
5962
5983
  "trigger fire": "trigger test-fire",
5984
+ // secrets — `edit` is the natural verb; the contract op is `update` (rotate).
5985
+ "secret edit": "secret update",
5963
5986
  // utility → catalog
5964
5987
  "utility search-llm-models": "models search",
5965
5988
  "utility search-image-models": "image search",