npm - create-walle - Versions diffs - 0.4.4 → 0.4.5 - Mend

create-walle 0.4.4 → 0.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -1
package/template/claude-task-manager/server.js +35 -27

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "create-walle",
-  "version": "0.4.4",
+  "version": "0.4.5",
   "description": "Set up Wall-E — your personal digital twin",
   "bin": {
     "create-walle": "bin/create-walle.js"

package/template/claude-task-manager/server.js CHANGED Viewed

@@ -208,40 +208,52 @@ function handleApi(req, res, url) {
     return;
   }
   if (url.pathname === '/api/setup/detect-key' && req.method === 'GET') {
+    // Detect API credentials from external sources (NOT .env — that's what we're trying to populate).
+    // Priority: 1) devbox auth file, 2) shell environment, 3) Claude Code keychain
+    const { execFileSync } = require('child_process');
     let key = '';
     let source = '';
-    let gateway = null; // For corporate/Portkey gateway setups
-    // 1. Check for corporate gateway setup (Portkey, cybertron, etc.)
-    if (process.env.ANTHROPIC_BASE_URL && process.env.ANTHROPIC_CUSTOM_HEADERS_B64) {
-      gateway = {
-        base_url: process.env.ANTHROPIC_BASE_URL,
-        auth_token: process.env.ANTHROPIC_AUTH_TOKEN || 'sk-ant-api03-unused',
-        custom_headers_b64: process.env.ANTHROPIC_CUSTOM_HEADERS_B64,
-      };
-      source = 'Claude Code gateway (' + process.env.ANTHROPIC_BASE_URL.replace(/https?:\/\//, '').split('/')[0] + ')';
-    }
+    let gateway = null;
-    // 2. Check for direct API key in process.env
-    if (!gateway && process.env.ANTHROPIC_API_KEY && process.env.ANTHROPIC_API_KEY.startsWith('sk-ant-')) {
-      key = process.env.ANTHROPIC_API_KEY;
-      source = 'environment variable';
+    // 1. Devbox corporate gateway (reads auth headers file directly)
+    if (process.platform === 'darwin') {
+      try {
+        const authFile = path.join(process.env.HOME, '.devbox', 'secrets', 'claude', 'auth_headers');
+        const headers = fs.readFileSync(authFile, 'utf8').trim();
+        if (headers) {
+          let baseUrl = '';
+          try {
+            const claudeScript = fs.readFileSync(path.join(process.env.HOME, '.devbox', 'ai', 'claude', 'claude'), 'utf8');
+            const m = claudeScript.match(/VPN_CHECK_URL="(https?:\/\/[^"]+)"/);
+            if (m) baseUrl = m[1] + '/v1';
+          } catch {}
+          if (baseUrl) {
+            gateway = {
+              base_url: baseUrl,
+              auth_token: 'sk-ant-api03-unused',
+              custom_headers_b64: Buffer.from(headers).toString('base64'),
+            };
+            source = 'Claude Code devbox (' + baseUrl.replace(/https?:\/\//, '').split('/')[0] + ')';
+          }
+        }
+      } catch {}
     }
-    // 3. Try shell profile for direct API key
+    // 2. Shell environment (fresh from login shell, not inherited .env)
     if (!gateway && !key) {
       try {
-        const { execFileSync } = require('child_process');
         const shell = process.env.SHELL || '/bin/zsh';
-        const result = execFileSync(shell, ['-ilc', 'echo $ANTHROPIC_API_KEY'], { encoding: 'utf8', timeout: 3000 }).trim();
-        if (result && result.startsWith('sk-ant-')) { key = result; source = 'shell profile'; }
+        const result = execFileSync(shell, ['-ilc', 'echo "$ANTHROPIC_API_KEY"'], { encoding: 'utf8', timeout: 5000 }).trim();
+        if (result && result.length > 5 && result !== 'sk-ant-api03-unused') {
+          key = result;
+          source = 'shell environment';
+        }
       } catch {}
     }
-    // 4. Try Claude Code OAuth token from macOS Keychain
+    // 3. Claude Code OAuth token from macOS Keychain
     if (!gateway && !key && process.platform === 'darwin') {
       try {
-        const { execFileSync } = require('child_process');
         const credJson = execFileSync('security', ['find-generic-password', '-s', 'Claude Code-credentials', '-w'], { encoding: 'utf8', timeout: 3000 }).trim();
         if (credJson) {
           const cred = JSON.parse(credJson);
@@ -253,11 +265,7 @@ function handleApi(req, res, url) {
               source = 'Claude Code (OAuth)';
             } else {
               res.writeHead(200, { 'Content-Type': 'application/json' });
-              res.end(JSON.stringify({
-                found: false,
-                claude_code_expired: true,
-                hint: 'Found Claude Code, but the OAuth token has expired. Run "claude" in your terminal once to refresh it, then click Detect again.'
-              }));
+              res.end(JSON.stringify({ found: false, claude_code_expired: true, hint: 'Found Claude Code, but the OAuth token has expired. Run "claude" in your terminal once to refresh it, then click Detect again.' }));
               return;
             }
           }
@@ -271,7 +279,7 @@ function handleApi(req, res, url) {
     } else if (key) {
       res.end(JSON.stringify({ found: true, key, source }));
     } else {
-      res.end(JSON.stringify({ found: false, hint: 'No API key found. Checked: environment variables, shell profile, Claude Code keychain. You can get a key at console.anthropic.com' }));
+      res.end(JSON.stringify({ found: false, hint: 'No API key found. Checked: devbox auth, shell environment, Claude Code keychain. Enter your key manually or get one at console.anthropic.com' }));
     }
     return;
   }