claude-nomad 0.22.0 → 0.22.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.gitleaks.toml +24 -0
- package/CHANGELOG.md +14 -0
- package/package.json +1 -1
package/.gitleaks.toml
CHANGED
|
@@ -14,3 +14,27 @@ regexes = [
|
|
|
14
14
|
'''"id"\s*:\s*"[a-f0-9]{40,64}"''',
|
|
15
15
|
'''key=[a-f0-9]{8,} [\w./-]+\.\w+:\d+''',
|
|
16
16
|
]
|
|
17
|
+
|
|
18
|
+
# Path-scoped: the documented test-fixture github-pat literal AND the three
|
|
19
|
+
# entropy-variant placeholders (zero-suffix, alphabet, repeat-A) accumulate
|
|
20
|
+
# in Claude Code session transcripts whenever a conversation touches the
|
|
21
|
+
# Pitfall 4 docs, this allowlist itself, or a session-scrub discussion that
|
|
22
|
+
# names one of the variants. Live sessions cannot be safely sed-scrubbed
|
|
23
|
+
# (sed -i renames out from under the running CLI's open file descriptor
|
|
24
|
+
# and silently drops post-rename writes), so the only sustainable
|
|
25
|
+
# false-positive handler is a narrow allowlist scoped to synced session
|
|
26
|
+
# paths. `condition = "AND"` requires BOTH a known literal AND a
|
|
27
|
+
# `shared/projects/<logical>/.../*.jsonl` path; a real PAT in the same
|
|
28
|
+
# file (different 36-char body) still fires.
|
|
29
|
+
[[allowlists]]
|
|
30
|
+
description = "claude-nomad: documented test-fixture github-pat literals + scrub placeholders in synced session transcripts"
|
|
31
|
+
regexes = [
|
|
32
|
+
'''ghp_xJZbT3qfV2nLpKR8mYwH4dGtCsW9aE1uF6oA''',
|
|
33
|
+
'''ghp_xJZbT3qfV2nLpKR8mYwH4dGtCs0000000000''',
|
|
34
|
+
'''ghp_ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789''',
|
|
35
|
+
'''ghp_AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA''',
|
|
36
|
+
]
|
|
37
|
+
paths = [
|
|
38
|
+
'''^shared/projects/[^/]+/.*\.jsonl$''',
|
|
39
|
+
]
|
|
40
|
+
condition = "AND"
|
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,19 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [0.22.2](https://github.com/funkadelic/claude-nomad/compare/v0.22.1...v0.22.2) (2026-05-23)
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
### Fixed
|
|
7
|
+
|
|
8
|
+
* **gitleaks:** allowlist entropy-variant placeholders alongside the canonical PAT literal ([#107](https://github.com/funkadelic/claude-nomad/issues/107)) ([cb3bd59](https://github.com/funkadelic/claude-nomad/commit/cb3bd5923669aaf758d37afb5ed8f82261472d3a))
|
|
9
|
+
|
|
10
|
+
## [0.22.1](https://github.com/funkadelic/claude-nomad/compare/v0.22.0...v0.22.1) (2026-05-23)
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
### Fixed
|
|
14
|
+
|
|
15
|
+
* **gitignore:** anchor .planning/ to source repo root ([#105](https://github.com/funkadelic/claude-nomad/issues/105)) ([50c403d](https://github.com/funkadelic/claude-nomad/commit/50c403d7223f79f30fa28b99ce6e5b2dcc350356))
|
|
16
|
+
|
|
3
17
|
## [0.22.0](https://github.com/funkadelic/claude-nomad/compare/v0.21.0...v0.22.0) (2026-05-23)
|
|
4
18
|
|
|
5
19
|
|
package/package.json
CHANGED