@integrity-labs/agt-cli 0.27.69 → 0.27.71
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bin/agt.js +5 -29
- package/dist/bin/agt.js.map +1 -1
- package/dist/{chunk-HAM7MGCF.js → chunk-EWWJUVDY.js} +270 -32
- package/dist/chunk-EWWJUVDY.js.map +1 -0
- package/dist/{chunk-DA3KY3D2.js → chunk-H4AZSFJX.js} +2 -1
- package/dist/{claude-pair-runtime-6GSA5KRH.js → claude-pair-runtime-DKWME5OD.js} +2 -2
- package/dist/lib/manager-worker.js +13 -17
- package/dist/lib/manager-worker.js.map +1 -1
- package/dist/{persistent-session-2WJIWIMQ.js → persistent-session-EGNKRWVB.js} +2 -2
- package/dist/{responsiveness-probe-RAWYP7LQ.js → responsiveness-probe-MW7CR63L.js} +2 -2
- package/package.json +1 -1
- package/dist/chunk-HAM7MGCF.js.map +0 -1
- /package/dist/{chunk-DA3KY3D2.js.map → chunk-H4AZSFJX.js.map} +0 -0
- /package/dist/{claude-pair-runtime-6GSA5KRH.js.map → claude-pair-runtime-DKWME5OD.js.map} +0 -0
- /package/dist/{persistent-session-2WJIWIMQ.js.map → persistent-session-EGNKRWVB.js.map} +0 -0
- /package/dist/{responsiveness-probe-RAWYP7LQ.js.map → responsiveness-probe-MW7CR63L.js.map} +0 -0
package/dist/bin/agt.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
import {
|
|
3
3
|
ApiError,
|
|
4
|
+
LITERAL_SECRET_PATTERNS,
|
|
4
5
|
PROD_AGT_HOST,
|
|
5
6
|
api,
|
|
6
7
|
error,
|
|
@@ -27,7 +28,7 @@ import {
|
|
|
27
28
|
success,
|
|
28
29
|
table,
|
|
29
30
|
warn
|
|
30
|
-
} from "../chunk-
|
|
31
|
+
} from "../chunk-EWWJUVDY.js";
|
|
31
32
|
import {
|
|
32
33
|
CHANNEL_REGISTRY,
|
|
33
34
|
DEPLOYMENT_TEMPLATES,
|
|
@@ -2148,7 +2149,7 @@ function rewriteServerEntry(serverName, raw, ctx) {
|
|
|
2148
2149
|
}
|
|
2149
2150
|
function fillIfEmpty(env, key, value) {
|
|
2150
2151
|
const current = env[key];
|
|
2151
|
-
if (typeof current !== "string" || current.length === 0) {
|
|
2152
|
+
if (typeof current !== "string" || current.length === 0 || current === `\${${key}}`) {
|
|
2152
2153
|
env[key] = value;
|
|
2153
2154
|
}
|
|
2154
2155
|
}
|
|
@@ -4929,7 +4930,7 @@ import { execFileSync, execSync } from "child_process";
|
|
|
4929
4930
|
import { existsSync as existsSync10, realpathSync as realpathSync2 } from "fs";
|
|
4930
4931
|
import chalk18 from "chalk";
|
|
4931
4932
|
import ora16 from "ora";
|
|
4932
|
-
var cliVersion = true ? "0.27.
|
|
4933
|
+
var cliVersion = true ? "0.27.71" : "dev";
|
|
4933
4934
|
async function fetchLatestVersion() {
|
|
4934
4935
|
const host2 = getHost();
|
|
4935
4936
|
if (!host2) return null;
|
|
@@ -5413,31 +5414,6 @@ import { join as join19 } from "path";
|
|
|
5413
5414
|
// src/lib/secret-leak-audit.ts
|
|
5414
5415
|
import { readdirSync as readdirSync6, readFileSync as readFileSync11, statSync as statSync4 } from "fs";
|
|
5415
5416
|
import { join as join18 } from "path";
|
|
5416
|
-
|
|
5417
|
-
// ../../packages/core/dist/provisioning/mcp-secret-lint.js
|
|
5418
|
-
var LITERAL_SECRET_PATTERNS = [
|
|
5419
|
-
// Slack bot token — `xoxb-<workspace>-<...>`
|
|
5420
|
-
{ name: "slack_bot_token", re: /^xoxb-/ },
|
|
5421
|
-
// Slack app-level token (Socket Mode) — `xapp-<...>`
|
|
5422
|
-
{ name: "slack_app_token", re: /^xapp-/ },
|
|
5423
|
-
// AGT host API key — `tlk_<...>` (see claudecode-plugin-augmented README).
|
|
5424
|
-
{ name: "agt_host_api_key", re: /^tlk_/ },
|
|
5425
|
-
// Composio / generic api-key prefix — `ak_<...>`
|
|
5426
|
-
{ name: "composio_api_key", re: /^ak_/ },
|
|
5427
|
-
// Telegram bot token — `<10-digit bot id>:AAE<...>` (BotFather format).
|
|
5428
|
-
{ name: "telegram_bot_token", re: /^\d{10}:AAE/ },
|
|
5429
|
-
// ENG-5901 extension beyond the original AC's five patterns: a literal
|
|
5430
|
-
// JWT (`eyJ...`) is the shape of a leaked AGT_API_KEY, which the
|
|
5431
|
-
// value-prefix patterns above would otherwise miss. Header values often
|
|
5432
|
-
// carry it behind `Bearer ` (or a copy-pasted `Authorization: Bearer `),
|
|
5433
|
-
// so those prefixes are optionally consumed (CodeRabbit #1731).
|
|
5434
|
-
// Templates (`Bearer ${AGT_API_KEY}`) and concrete non-secret values
|
|
5435
|
-
// (UUIDs, hosts) never put `eyJ` after the prefix, so this stays
|
|
5436
|
-
// false-positive-safe inside .mcp.json.
|
|
5437
|
-
{ name: "jwt_agt_api_key", re: /^(?:authorization:\s*)?(?:bearer\s+)?eyJ[A-Za-z0-9_-]+\./i }
|
|
5438
|
-
];
|
|
5439
|
-
|
|
5440
|
-
// src/lib/secret-leak-audit.ts
|
|
5441
5417
|
var SECRET_KEY_NAME_RE = /TOKEN|KEY|SECRET|BEARER|PASSWORD/i;
|
|
5442
5418
|
function isTemplated(value) {
|
|
5443
5419
|
return value.includes("${");
|
|
@@ -5877,7 +5853,7 @@ function handleError(err) {
|
|
|
5877
5853
|
}
|
|
5878
5854
|
|
|
5879
5855
|
// src/bin/agt.ts
|
|
5880
|
-
var cliVersion2 = true ? "0.27.
|
|
5856
|
+
var cliVersion2 = true ? "0.27.71" : "dev";
|
|
5881
5857
|
var program = new Command();
|
|
5882
5858
|
program.name("agt").description("Augmented CLI \u2014 agent provisioning and management").version(cliVersion2).option("--json", "Emit machine-readable JSON output (suppress spinners and colors)").option("--skip-update-check", "Skip the automatic update check on startup");
|
|
5883
5859
|
program.hook("preAction", async (thisCommand, actionCommand) => {
|