claude-cac 1.2.0 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +8 -8
  2. package/cac +4 -1
  3. package/package.json +1 -1
package/README.md CHANGED
@@ -112,7 +112,7 @@ cac ls # = cac env ls
112
112
  | `cac self update` | 更新 cac 自身 |
113
113
  | **其他** | |
114
114
  | `cac ls` | 列出环境(= `cac env ls`) |
115
- | `cac check` | 检查当前环境 |
115
+ | `cac check` | 检查当前环境(`-d` 显示详情) |
116
116
  | `cac relay on\|off\|status` | 本地中转(绕过 TUN) |
117
117
  | `cac stop` / `cac resume` | 暂停 / 恢复保护 |
118
118
  | `cac delete` | 卸载 cac |
@@ -134,7 +134,7 @@ socks5://u:p@host:port 指定协议
134
134
  | 主机名 / MAC 隔离 | Shell shim + Node.js `os.hostname()` / `os.networkInterfaces()` hook |
135
135
  | Node.js 指纹钩子 | `fingerprint-hook.js` 通过 `NODE_OPTIONS --require` 注入 |
136
136
  | 遥测阻断 | DNS guard + 12 层环境变量 + fetch 拦截 + HOSTALIASES |
137
- | 健康检查 bypass | 本地 HTTPS server + `/etc/hosts` + `NO_PROXY` |
137
+ | 健康检查 bypass | 进程内 Node.js 拦截(无需 /etc/hosts root) |
138
138
  | mTLS 客户端证书 | 自签 CA + 每环境独立客户端证书 |
139
139
  | `.claude` 配置隔离 | 每个环境独立的 `CLAUDE_CONFIG_DIR` |
140
140
 
@@ -145,7 +145,7 @@ socks5://u:p@host:port 指定协议
145
145
  ┌──────────────────────────────────────────┐
146
146
  claude ────►│ CLAUDE_CONFIG_DIR → 隔离配置目录 │
147
147
  │ 版本解析 → ~/.cac/versions/<ver>/claude │
148
- │ 健康检查 bypass(本地 HTTPS server)
148
+ │ 健康检查 bypass(进程内拦截)
149
149
  │ 12 层遥测环境变量保护 │──► 代理 ──► Anthropic API
150
150
  │ NODE_OPTIONS: DNS guard + 指纹钩子 │
151
151
  │ PATH: 设备指纹 shim │
@@ -191,7 +191,7 @@ cac docker port 6287 # 端口转发
191
191
  ### 注意事项
192
192
 
193
193
  - **首次登录**:启动 `claude` 后,输入 `/login` 完成 OAuth 授权
194
- - **TUN 冲突**:使用 `cac relay on` 或在 TUN 软件中为代理 IP 添加 DIRECT 规则
194
+ - **TUN 冲突**:自动中继会自动绕过,也可手动 `cac relay on` 或在 TUN 软件中添加 DIRECT 规则
195
195
  - **IPv6**:建议系统级关闭,防止真实地址泄露
196
196
 
197
197
  ---
@@ -288,7 +288,7 @@ Each environment is fully isolated:
288
288
  | `cac self update` | Update cac itself |
289
289
  | **Other** | |
290
290
  | `cac ls` | List environments (= `cac env ls`) |
291
- | `cac check` | Verify current environment |
291
+ | `cac check` | Verify current environment (`-d` for details) |
292
292
  | `cac relay on\|off\|status` | Local relay (bypass TUN) |
293
293
  | `cac stop` / `cac resume` | Pause / resume protection |
294
294
  | `cac delete` | Uninstall cac |
@@ -302,7 +302,7 @@ Each environment is fully isolated:
302
302
  | Hostname / MAC isolation | Shell shim + Node.js `os.hostname()` / `os.networkInterfaces()` hook |
303
303
  | Node.js fingerprint hook | `fingerprint-hook.js` via `NODE_OPTIONS --require` |
304
304
  | Telemetry blocking | DNS guard + 12 env vars + fetch interception + HOSTALIASES |
305
- | Health check bypass | Local HTTPS server + `/etc/hosts` + `NO_PROXY` |
305
+ | Health check bypass | In-process Node.js interception (no `/etc/hosts`, no root) |
306
306
  | mTLS client certificates | Self-signed CA + per-profile client certs |
307
307
  | `.claude` config isolation | Per-environment `CLAUDE_CONFIG_DIR` |
308
308
 
@@ -313,7 +313,7 @@ Each environment is fully isolated:
313
313
  ┌──────────────────────────────────────────┐
314
314
  claude ────►│ CLAUDE_CONFIG_DIR → isolated config dir │
315
315
  │ Version resolve → ~/.cac/versions/<ver> │
316
- │ Health check bypass (local HTTPS server)
316
+ │ Health check bypass (in-process intercept)
317
317
  │ Env vars: 12-layer telemetry kill │──► Proxy ──► Anthropic API
318
318
  │ NODE_OPTIONS: DNS guard + fingerprint │
319
319
  │ PATH: device fingerprint shims │
@@ -359,7 +359,7 @@ Proxy formats: `ip:port:user:pass` (SOCKS5), `ss://...`, `vmess://...`, `vless:/
359
359
  ### Notes
360
360
 
361
361
  - **First login**: Run `claude`, then type `/login`. Health check is automatically bypassed.
362
- - **TUN conflicts**: Use `cac relay on` or add DIRECT rule in your TUN software.
362
+ - **TUN conflicts**: Auto-relay bypasses TUN automatically. You can also use `cac relay on` or add a DIRECT rule in your TUN software.
363
363
  - **IPv6**: Recommend disabling system-wide to prevent real address exposure.
364
364
 
365
365
  ---
package/cac CHANGED
@@ -10,7 +10,7 @@ VERSIONS_DIR="$CAC_DIR/versions"
10
10
  # ━━━ utils.sh ━━━
11
11
  # ── utils: 颜色、读写、UUID、proxy 解析 ───────────────────────
12
12
 
13
- CAC_VERSION="1.2.0"
13
+ CAC_VERSION="1.2.1"
14
14
 
15
15
  _read() { [[ -f "$1" ]] && tr -d '[:space:]' < "$1" || echo "${2:-}"; }
16
16
  _die() { printf '%b\n' "$(_red "error:") $*" >&2; exit 1; }
@@ -906,6 +906,8 @@ _env_dir="$ENVS_DIR/$_name"
906
906
  # Isolated .claude config directory
907
907
  if [[ -d "$_env_dir/.claude" ]]; then
908
908
  export CLAUDE_CONFIG_DIR="$_env_dir/.claude"
909
+ # 确保 settings.json 存在,阻止 Claude Code fallback 到 ~/.claude/settings.json
910
+ [[ -f "$_env_dir/.claude/settings.json" ]] || echo '{}' > "$_env_dir/.claude/settings.json"
909
911
  fi
910
912
 
911
913
  # Proxy — optional: only if proxy file exists and is non-empty
@@ -1362,6 +1364,7 @@ _env_cmd_create() {
1362
1364
  [[ -n "$claude_ver" ]] && echo "$claude_ver" > "$env_dir/version"
1363
1365
  echo "$env_type" > "$env_dir/type"
1364
1366
  mkdir -p "$env_dir/.claude"
1367
+ echo '{}' > "$env_dir/.claude/settings.json"
1365
1368
 
1366
1369
  _generate_client_cert "$name" >/dev/null 2>&1 || true
1367
1370
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "claude-cac",
3
- "version": "1.2.0",
3
+ "version": "1.2.1",
4
4
  "description": "Isolate, protect, and manage your Claude Code — versions, environments, identity, and proxy.",
5
5
  "bin": {
6
6
  "cac": "cac"