npm - @rubytech/create-realagent - Versions diffs - 1.0.860 → 1.0.862 - Mend

@rubytech/create-realagent 1.0.860 → 1.0.862

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@rubytech/create-realagent",
-  "version": "1.0.860",
+  "version": "1.0.862",
   "description": "Install Real Agent — Built for agents. By agents.",
   "bin": {
     "create-realagent": "./dist/index.js"

package/payload/platform/plugins/cloudflare/PLUGIN.md CHANGED Viewed

@@ -51,7 +51,7 @@ The agent loads these references on demand via `plugin-read` as the conversation
 ### UI contract
-`cloudflare-setup-form` (rendered via `render-component`) invokes `useDeviceUrlActions().onShowVnc()` immediately after a successful POST to `/api/admin/cloudflare/setup`. This auto-surfaces the brand-VNC overlay before `ActionLogPanel` shows the OAuth URL inside it, so the operator never has to open the menu manually. The `[browser-viewer] event=mount surface="overlay"` line must appear within 5 s of `[cloudflare-setup] phase=action-launched`; absence is a regression.
+VNC surfacing is post-navigation, never on form submit. Two sites call `useDeviceUrlActions().onShowVnc()` and both fire only after a successful CDP nav: `DeviceUrlBlock` (tool-output URL clicks) and `ActionLogPanel.handleOauthRespawn` (the "Re-open on Pi browser" button rendered when an OAuth URL appears in the action log). The form (`cloudflare-setup-form`) must NOT call `onShowVnc()` on POST resolve — pre-warming the fullscreen overlay before the OAuth URL is on the brand chromium hides the form, the ActionLogPanel, and the very button operators must click. The `[browser-viewer] event=mount surface="overlay"` line must appear within 5 s of `[device-url:click] navigateResult=ok`, never before.
 ## Identity model

package/payload/platform/scripts/redact-install-logs.sh CHANGED Viewed

@@ -2,18 +2,20 @@
 # Existing-pi install-log redaction (Task 744).
 #
 # Idempotent one-shot remediation for Pis that completed installation BEFORE
-# the install-log redaction landed at index.ts:152 / setup.sh:94. Scans every
-# `install-*.log` in the configured logs directory and replaces every literal
-# `set-initial-password ...<secret>` payload with `set-initial-password
-# [REDACTED]`. Re-running the script is safe — already-redacted lines do not
-# match the source pattern, so no further edits occur.
+# the install-log redaction landed at packages/create-maxy/src/index.ts:152.
+# Scans every `install-*.log` in the configured logs directory and replaces
+# every literal `set-initial-password ...<secret>` payload with
+# `set-initial-password [REDACTED]`. Re-running the script is safe —
+# already-redacted lines do not match the source pattern, so no further
+# edits occur.
 #
 # Source patterns covered:
 #   1. TS installer (packages/create-maxy/src/index.ts:152) — "[ISO] > sudo
 #      neo4j-admin dbms set-initial-password -- <secret>" or any args after
 #      "set-initial-password" (positional or "--" delimited).
-#   2. Shell installer (platform/scripts/setup.sh, pre-fix variant) — "+ sudo
-#      neo4j-admin dbms set-initial-password <secret>" if bash -x had been on.
+#   2. Legacy bash installer (removed) — "+ sudo neo4j-admin dbms
+#      set-initial-password <secret>" if bash -x had been on. Pattern kept
+#      for historical install logs from before the bash installer's removal.
 #
 # A trailing marker line `[redact-install-logs] redacted=<n> file=<path>` is
 # appended to each modified log so subsequent reads can identify which logs