@keygraph/shannon 1.7.0 → 2.0.0-beta.2

package/dist/index.mjs

@@ -236,7 +236,6 @@ function spawnWorker(opts) {
 	if (opts.promptsDir) args.push("-v", `${opts.promptsDir}:/app/apps/worker/prompts:ro`);
 	if (opts.config) args.push("-v", `${opts.config.hostPath}:${opts.config.containerPath}:ro`);
 	if (opts.outputDir) args.push("-v", `${opts.outputDir}:/app/output`);
-	if (opts.credentials) args.push("-v", `${opts.credentials}:/app/credentials/google-sa-key.json:ro`);
 	args.push(...opts.envFlags);
 	args.push("--shm-size", "2gb", "--security-opt", "seccomp=unconfined");
 	args.push(getWorkerImage(opts.version));
@@ -334,7 +333,7 @@ function build(noCache) {
 /**
 * Shannon state directory management.
 *
-* Local mode (cloned repo): uses ./workspaces/, ./credentials/
+* Local mode (cloned repo): uses ./workspaces/
 * NPX mode: uses ~/.shannon/workspaces/, ~/.shannon/
 */
 const SHANNON_HOME$2 = path.join(os.homedir(), ".shannon");
@@ -345,27 +344,13 @@ function getWorkspacesDir() {
 	return getMode() === "local" ? path.resolve("workspaces") : path.join(SHANNON_HOME$2, "workspaces");
 }
 /**
-* Resolve the Vertex credentials file path.
-*
-* Checks GOOGLE_APPLICATION_CREDENTIALS env var first (may be set by TOML resolver),
-* then falls back to mode-appropriate default location.
-*/
-function getCredentialsPath() {
-	const envPath = process.env.GOOGLE_APPLICATION_CREDENTIALS;
-	if (envPath && fs.existsSync(envPath)) return path.resolve(envPath);
-	if (getMode() === "local") return path.resolve("credentials", "google-sa-key.json");
-	return path.join(SHANNON_HOME$2, "google-sa-key.json");
-}
-/**
 * Initialize state directories.
-* Local mode: creates ./workspaces/ and ./credentials/
+* Local mode: creates ./workspaces/
 * NPX mode: creates ~/.shannon/workspaces/
 */
 function initHome() {
-	if (getMode() === "local") {
-		fs.mkdirSync(path.resolve("workspaces"), { recursive: true });
-		fs.mkdirSync(path.resolve("credentials"), { recursive: true });
-	} else fs.mkdirSync(path.join(SHANNON_HOME$2, "workspaces"), { recursive: true });
+	if (getMode() === "local") fs.mkdirSync(path.resolve("workspaces"), { recursive: true });
+	else fs.mkdirSync(path.join(SHANNON_HOME$2, "workspaces"), { recursive: true });
 }
 //#endregion
 //#region src/commands/logs.ts
@@ -481,10 +466,6 @@ async function setup() {
 			{
 				value: "bedrock",
 				label: "Claude via AWS Bedrock"
-			},
-			{
-				value: "vertex",
-				label: "Claude via Google Vertex AI"
 			}
 		]
 	});
@@ -494,14 +475,13 @@ async function setup() {
 	saveConfig(config);
 	const configPath = path.join(SHANNON_HOME$1, "config.toml");
 	p.log.success(`Configuration saved to ${configPath}`);
-	p.outro("Run `npx @keygraph/shannon start` to begin a scan.");
+	p.outro("Run `npx @keygraph/shannon@beta start` to begin a scan.");
 }
 async function setupProvider(provider) {
 	switch (provider) {
 		case "anthropic": return setupAnthropic();
 		case "custom_base_url": return setupCustomBaseUrl();
 		case "bedrock": return setupBedrock();
-		case "vertex": return setupVertex();
 	}
 }
 async function setupAnthropic() {
@@ -640,65 +620,6 @@ async function setupBedrock() {
 		}
 	};
 }
-async function setupVertex() {
-	const region = await p.text({
-		message: "Google Cloud region",
-		placeholder: "us-east5",
-		validate: required("Region is required")
-	});
-	if (p.isCancel(region)) return cancelAndExit();
-	const projectId = await p.text({
-		message: "GCP Project ID",
-		validate: required("Project ID is required")
-	});
-	if (p.isCancel(projectId)) return cancelAndExit();
-	p.log.info("Select the path to your GCP Service Account JSON key file.");
-	const keySourcePath = await p.path({
-		message: "Service Account JSON key file",
-		validate: (value) => {
-			if (!value) return "Path is required";
-			if (!fs.existsSync(value)) return "File not found";
-			if (!value.endsWith(".json")) return "Must be a .json file";
-		}
-	});
-	if (p.isCancel(keySourcePath)) return cancelAndExit();
-	const destPath = path.join(SHANNON_HOME$1, "google-sa-key.json");
-	fs.mkdirSync(SHANNON_HOME$1, { recursive: true });
-	fs.copyFileSync(keySourcePath, destPath);
-	fs.chmodSync(destPath, 384);
-	p.log.success(`Key copied to ${destPath} (permissions: 0600)`);
-	const models = await p.group({
-		small: () => p.text({
-			message: "Small model ID",
-			placeholder: "claude-haiku-4-5@20251001",
-			validate: required("Small model ID is required")
-		}),
-		medium: () => p.text({
-			message: "Medium model ID",
-			placeholder: "claude-sonnet-4-6",
-			validate: required("Medium model ID is required")
-		}),
-		large: () => p.text({
-			message: "Large model ID",
-			placeholder: "claude-opus-4-8",
-			validate: required("Large model ID is required")
-		})
-	});
-	if (p.isCancel(models)) return cancelAndExit();
-	return {
-		vertex: {
-			use: true,
-			region,
-			project_id: projectId,
-			key_path: destPath
-		},
-		models: {
-			small: models.small,
-			medium: models.medium,
-			large: models.large
-		}
-	};
-}
 async function maybePromptAdaptiveThinking(config) {
 	const m = config.models;
 	if (!(!m || [
@@ -743,11 +664,6 @@ function cancelAndExit() {
 */
 /** Maps every supported env var to its TOML path (section.key) and expected type. */
 const CONFIG_MAP = [
-	{
-		env: "CLAUDE_CODE_MAX_OUTPUT_TOKENS",
-		toml: "core.max_tokens",
-		type: "number"
-	},
 	{
 		env: "CLAUDE_ADAPTIVE_THINKING",
 		toml: "core.adaptive_thinking",
@@ -779,26 +695,6 @@ const CONFIG_MAP = [
 		toml: "bedrock.token",
 		type: "string"
 	},
-	{
-		env: "CLAUDE_CODE_USE_VERTEX",
-		toml: "vertex.use",
-		type: "boolean"
-	},
-	{
-		env: "CLOUD_ML_REGION",
-		toml: "vertex.region",
-		type: "string"
-	},
-	{
-		env: "ANTHROPIC_VERTEX_PROJECT_ID",
-		toml: "vertex.project_id",
-		type: "string"
-	},
-	{
-		env: "GOOGLE_APPLICATION_CREDENTIALS",
-		toml: "vertex.key_path",
-		type: "string"
-	},
 	{
 		env: "ANTHROPIC_BASE_URL",
 		toml: "custom_base_url.base_url",
@@ -856,7 +752,7 @@ function loadTOML() {
 	} catch (err) {
 		const message = err instanceof Error ? err.message : String(err);
 		console.error(`\nFailed to parse ${configPath}: ${message}`);
-		console.error(`\nRun 'npx @keygraph/shannon setup' to reconfigure.\n`);
+		console.error(`\nRun 'npx @keygraph/shannon@beta setup' to reconfigure.\n`);
 		process.exit(1);
 	}
 }
@@ -899,20 +795,9 @@ function validateProviderFields(config, provider, errors) {
 			validateModelTiers(config, "bedrock", errors);
 			break;
 		}
-		case "vertex": {
-			const missing = [
-				"use",
-				"region",
-				"project_id",
-				"key_path"
-			].filter((k) => !keys.includes(k));
-			if (missing.length > 0) errors.push(`[vertex] missing required keys: ${missing.join(", ")}`);
-			validateModelTiers(config, "vertex", errors);
-			break;
-		}
 	}
 }
-/** Bedrock and Vertex require a [models] section with all three tiers. */
+/** Bedrock requires a [models] section with all three tiers. */
 function validateModelTiers(config, provider, errors) {
 	const models = config.models;
 	if (!models || typeof models !== "object") {
@@ -961,8 +846,7 @@ function validateConfig(config) {
 	const present = [
 		"anthropic",
 		"custom_base_url",
-		"bedrock",
-		"vertex"
+		"bedrock"
 	].filter((s) => {
 		const section = config[s];
 		return section && typeof section === "object" && Object.keys(section).length > 0;
@@ -1014,14 +898,9 @@ const FORWARD_VARS = [
 	"CLAUDE_CODE_USE_BEDROCK",
 	"AWS_REGION",
 	"AWS_BEARER_TOKEN_BEDROCK",
-	"CLAUDE_CODE_USE_VERTEX",
-	"CLOUD_ML_REGION",
-	"ANTHROPIC_VERTEX_PROJECT_ID",
-	"GOOGLE_APPLICATION_CREDENTIALS",
 	"ANTHROPIC_SMALL_MODEL",
 	"ANTHROPIC_MEDIUM_MODEL",
 	"ANTHROPIC_LARGE_MODEL",
-	"CLAUDE_CODE_MAX_OUTPUT_TOKENS",
 	"CLAUDE_ADAPTIVE_THINKING"
 ];
 /**
@@ -1059,7 +938,6 @@ function detectProviders() {
 	if (process.env.CLAUDE_CODE_OAUTH_TOKEN) providers.push("Anthropic OAuth");
 	if (isCustomBaseUrlConfigured()) providers.push("Custom Base URL");
 	if (process.env.CLAUDE_CODE_USE_BEDROCK === "1") providers.push("AWS Bedrock");
-	if (process.env.CLAUDE_CODE_USE_VERTEX === "1") providers.push("Google Vertex");
 	return providers;
 }
 /**
@@ -1101,32 +979,10 @@ function validateCredentials() {
 			mode: "bedrock"
 		};
 	}
-	if (process.env.CLAUDE_CODE_USE_VERTEX === "1") {
-		const missing = [];
-		if (!process.env.CLOUD_ML_REGION) missing.push("CLOUD_ML_REGION");
-		if (!process.env.ANTHROPIC_VERTEX_PROJECT_ID) missing.push("ANTHROPIC_VERTEX_PROJECT_ID");
-		if (!process.env.ANTHROPIC_SMALL_MODEL) missing.push("ANTHROPIC_SMALL_MODEL");
-		if (!process.env.ANTHROPIC_MEDIUM_MODEL) missing.push("ANTHROPIC_MEDIUM_MODEL");
-		if (!process.env.ANTHROPIC_LARGE_MODEL) missing.push("ANTHROPIC_LARGE_MODEL");
-		if (missing.length > 0) return {
-			valid: false,
-			mode: "vertex",
-			error: `Vertex AI mode requires: ${missing.join(", ")}`
-		};
-		if (!process.env.GOOGLE_APPLICATION_CREDENTIALS) return {
-			valid: false,
-			mode: "vertex",
-			error: "Vertex AI mode requires GOOGLE_APPLICATION_CREDENTIALS"
-		};
-		return {
-			valid: true,
-			mode: "vertex"
-		};
-	}
 	return {
 		valid: false,
 		mode: "api-key",
-		error: getMode() === "local" ? `No credentials found. Set ANTHROPIC_API_KEY in .env or export it.` : `Authentication not configured. Export variables or run 'npx @keygraph/shannon setup'.`
+		error: getMode() === "local" ? `No credentials found. Set ANTHROPIC_API_KEY in .env or export it.` : `Authentication not configured. Export variables or run 'npx @keygraph/shannon@beta setup'.`
 	};
 }
 //#endregion
@@ -1273,9 +1129,6 @@ async function start(args) {
 		".playwright-cli"
 	]) fs.mkdirSync(path.join(shannonDir, dir), { recursive: true });
 	fs.mkdirSync(path.join(repo.hostPath, ".playwright"), { recursive: true });
-	const credentialsPath = getCredentialsPath();
-	const hasCredentials = fs.existsSync(credentialsPath);
-	if (hasCredentials) process.env.GOOGLE_APPLICATION_CREDENTIALS = "/app/credentials/google-sa-key.json";
 	const outputDir = args.output ? path.resolve(args.output) : void 0;
 	if (outputDir) fs.mkdirSync(outputDir, { recursive: true });
 	const promptsDir = isLocal() ? path.resolve("apps/worker/prompts") : void 0;
@@ -1289,7 +1142,6 @@ async function start(args) {
 		containerName,
 		envFlags: buildEnvFlags(),
 		...config && { config },
-		...hasCredentials && { credentials: credentialsPath },
 		...promptsDir && { promptsDir },
 		...outputDir && { outputDir },
 		workspace,
@@ -1364,7 +1216,7 @@ function printDebugHint(containerName) {
 	console.log("");
 }
 function printInfo(args, workspace, workflowId, repoPath, workspacesDir) {
-	const logsCmd = isLocal() ? `./shannon logs ${workspace}` : `npx @keygraph/shannon logs ${workspace}`;
+	const logsCmd = isLocal() ? `./shannon logs ${workspace}` : `npx @keygraph/shannon@beta logs ${workspace}`;
 	const reportsPath = path.join(workspacesDir, workspace);
 	console.log(`  Target:     ${args.url}`);
 	console.log(`  Repository: ${repoPath}`);
@@ -1448,7 +1300,7 @@ async function uninstall() {
 		force: true
 	});
 	p.log.success("All Shannon data has been removed.");
-	p.outro("Shannon has been uninstalled. Run `npx @keygraph/shannon setup` to start fresh.");
+	p.outro("Shannon has been uninstalled. Run `npx @keygraph/shannon@beta setup` to start fresh.");
 }
 //#endregion
 //#region src/commands/workspaces.ts
@@ -1522,7 +1374,7 @@ function getVersion() {
 }
 function showHelp() {
 	const mode = getMode();
-	const prefix = mode === "local" ? "./shannon" : "npx @keygraph/shannon";
+	const prefix = mode === "local" ? "./shannon" : "npx @keygraph/shannon@beta";
 	console.log(`
 Shannon - AI Penetration Testing Framework
 
@@ -1613,13 +1465,13 @@ function parseStartArgs(argv) {
 				break;
 			default:
 				console.error(`Unknown option: ${arg}`);
-				console.error(`Run "${getMode() === "local" ? "./shannon" : "npx @keygraph/shannon"} help" for usage`);
+				console.error(`Run "${getMode() === "local" ? "./shannon" : "npx @keygraph/shannon@beta"} help" for usage`);
 				process.exit(1);
 		}
 	}
 	if (!url || !repo) {
 		console.error("ERROR: --url and --repo are required");
-		console.error(`Usage: ${getMode() === "local" ? "./shannon" : "npx @keygraph/shannon"} start -u <url> -r <path>`);
+		console.error(`Usage: ${getMode() === "local" ? "./shannon" : "npx @keygraph/shannon@beta"} start -u <url> -r <path>`);
 		process.exit(1);
 	}
 	return {
@@ -1649,7 +1501,7 @@ switch (command) {
 		const workspaceId = args[1];
 		if (!workspaceId) {
 			console.error("ERROR: Workspace ID is required");
-			console.error(`Usage: ${getMode() === "local" ? "./shannon" : "npx @keygraph/shannon"} logs <workspace>`);
+			console.error(`Usage: ${getMode() === "local" ? "./shannon" : "npx @keygraph/shannon@beta"} logs <workspace>`);
 			process.exit(1);
 		}
 		logs(workspaceId);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@keygraph/shannon",
-  "version": "1.7.0",
+  "version": "2.0.0-beta.2",
   "description": "Shannon - Autonomous white-box AI pentester for web applications and APIs by Keygraph",
   "type": "module",
   "main": "dist/index.mjs",