gitarsenal-cli 1.2.3 → 1.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
package/python/README.md
CHANGED
|
@@ -20,10 +20,11 @@ For enhanced security, GitArsenal CLI now automatically cleans up Modal tokens a
|
|
|
20
20
|
The cleanup process:
|
|
21
21
|
1. Removes Modal token environment variables (MODAL_TOKEN_ID, MODAL_TOKEN, MODAL_TOKEN_SECRET)
|
|
22
22
|
2. Deletes Modal token files (.modal/token.json, .modal/token_alt.json, .modalconfig)
|
|
23
|
-
3.
|
|
24
|
-
4. Runs
|
|
23
|
+
3. Invalidates Modal sessions by removing session files and directories
|
|
24
|
+
4. Runs automatically after SSH container creation
|
|
25
|
+
5. Runs on service shutdown via signal handlers
|
|
25
26
|
|
|
26
|
-
This prevents potential token leakage when containers are shared or when the service is stopped.
|
|
27
|
+
This prevents potential token leakage when containers are shared or when the service is stopped, and ensures that users cannot continue to use Modal CLI commands after the container is created.
|
|
27
28
|
|
|
28
29
|
## Usage
|
|
29
30
|
|
|
Binary file
|
|
@@ -250,6 +250,32 @@ def cleanup_modal_token():
|
|
|
250
250
|
modalconfig_file.unlink()
|
|
251
251
|
logger.info(f"✅ Deleted .modalconfig file at {modalconfig_file}")
|
|
252
252
|
|
|
253
|
+
# Try to invalidate Modal sessions
|
|
254
|
+
try:
|
|
255
|
+
logger.info("🔑 Invalidating Modal sessions...")
|
|
256
|
+
|
|
257
|
+
# Try to directly modify Modal's session files
|
|
258
|
+
try:
|
|
259
|
+
# Check for session files in .modal directory
|
|
260
|
+
session_dir = modal_dir / "sessions"
|
|
261
|
+
if session_dir.exists():
|
|
262
|
+
import shutil
|
|
263
|
+
shutil.rmtree(session_dir)
|
|
264
|
+
logger.info(f"✅ Removed Modal sessions directory at {session_dir}")
|
|
265
|
+
|
|
266
|
+
# Also check for any other potential session files
|
|
267
|
+
for file in os.listdir(modal_dir) if modal_dir.exists() else []:
|
|
268
|
+
if "session" in file.lower() or "auth" in file.lower():
|
|
269
|
+
file_path = modal_dir / file
|
|
270
|
+
if file_path.is_file():
|
|
271
|
+
file_path.unlink()
|
|
272
|
+
logger.info(f"✅ Removed Modal session file: {file_path}")
|
|
273
|
+
except Exception as e:
|
|
274
|
+
logger.warning(f"⚠️ Error removing Modal sessions: {e}")
|
|
275
|
+
|
|
276
|
+
except Exception as e:
|
|
277
|
+
logger.warning(f"⚠️ Error during Modal session invalidation: {e}")
|
|
278
|
+
|
|
253
279
|
logger.info("✅ Modal token cleanup completed successfully")
|
|
254
280
|
except Exception as e:
|
|
255
281
|
logger.error(f"❌ Error during Modal token cleanup: {e}")
|
|
@@ -3332,6 +3332,32 @@ def cleanup_modal_token():
|
|
|
3332
3332
|
if os.path.exists(modalconfig_file):
|
|
3333
3333
|
os.remove(modalconfig_file)
|
|
3334
3334
|
print(f"✅ Deleted .modalconfig file at {modalconfig_file}")
|
|
3335
|
+
|
|
3336
|
+
# Try to invalidate Modal sessions
|
|
3337
|
+
try:
|
|
3338
|
+
print("🔑 Invalidating Modal sessions...")
|
|
3339
|
+
|
|
3340
|
+
# As a last resort, try to directly modify Modal's session files
|
|
3341
|
+
try:
|
|
3342
|
+
# Check for session files in .modal directory
|
|
3343
|
+
session_dir = os.path.join(modal_dir, "sessions")
|
|
3344
|
+
if os.path.exists(session_dir):
|
|
3345
|
+
import shutil
|
|
3346
|
+
shutil.rmtree(session_dir)
|
|
3347
|
+
print(f"✅ Removed Modal sessions directory at {session_dir}")
|
|
3348
|
+
|
|
3349
|
+
# Also check for any other potential session files
|
|
3350
|
+
for file in os.listdir(modal_dir) if os.path.exists(modal_dir) else []:
|
|
3351
|
+
if "session" in file.lower() or "auth" in file.lower():
|
|
3352
|
+
file_path = os.path.join(modal_dir, file)
|
|
3353
|
+
if os.path.isfile(file_path):
|
|
3354
|
+
os.remove(file_path)
|
|
3355
|
+
print(f"✅ Removed Modal session file: {file_path}")
|
|
3356
|
+
except Exception as e:
|
|
3357
|
+
print(f"⚠️ Error removing Modal sessions: {e}")
|
|
3358
|
+
|
|
3359
|
+
except Exception as e:
|
|
3360
|
+
print(f"⚠️ Error during Modal session invalidation: {e}")
|
|
3335
3361
|
|
|
3336
3362
|
print("✅ Modal token cleanup completed successfully")
|
|
3337
3363
|
except Exception as e:
|
|
@@ -142,6 +142,34 @@ def verify_token_cleaned_up():
|
|
|
142
142
|
print(f"❌ .modalconfig file still exists at {modalconfig_file}")
|
|
143
143
|
return False
|
|
144
144
|
|
|
145
|
+
# Check if Modal sessions directory exists
|
|
146
|
+
session_dir = modal_dir / "sessions"
|
|
147
|
+
if session_dir.exists():
|
|
148
|
+
print(f"❌ Modal sessions directory still exists at {session_dir}")
|
|
149
|
+
return False
|
|
150
|
+
|
|
151
|
+
# Check for any other session or auth files
|
|
152
|
+
if modal_dir.exists():
|
|
153
|
+
for file in os.listdir(modal_dir):
|
|
154
|
+
if "session" in file.lower() or "auth" in file.lower():
|
|
155
|
+
print(f"❌ Modal session/auth file still exists: {modal_dir / file}")
|
|
156
|
+
return False
|
|
157
|
+
|
|
158
|
+
# Check if Modal CLI is still able to access tokens
|
|
159
|
+
try:
|
|
160
|
+
import subprocess
|
|
161
|
+
result = subprocess.run(
|
|
162
|
+
["modal", "token", "current"],
|
|
163
|
+
capture_output=True,
|
|
164
|
+
text=True
|
|
165
|
+
)
|
|
166
|
+
if result.returncode == 0 and "No token found" not in result.stdout and "No token found" not in result.stderr:
|
|
167
|
+
print("❌ Modal CLI is still able to access tokens")
|
|
168
|
+
print(f"Output: {result.stdout}")
|
|
169
|
+
return False
|
|
170
|
+
except Exception as e:
|
|
171
|
+
print(f"⚠️ Error checking Modal CLI token status: {e}")
|
|
172
|
+
|
|
145
173
|
print("✅ Token has been cleaned up successfully")
|
|
146
174
|
return True
|
|
147
175
|
|