npm - gsd-pi - Versions diffs - 2.70.1-dev.3e19108 → 2.70.1-dev.ec24142 - Mend

gsd-pi 2.70.1-dev.3e19108 → 2.70.1-dev.ec24142

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (77) hide show

package/src/resources/extensions/claude-code-cli/tests/stream-adapter.test.ts CHANGED Viewed

@@ -11,6 +11,7 @@ import {
 	extractToolResultsFromSdkUserMessage,
 	getClaudeLookupCommand,
 	parseAskUserQuestionsElicitation,
+	parseTextInputElicitation,
 	parseClaudeLookupOutput,
 	roundResultToElicitationContent,
 } from "../stream-adapter.ts";
@@ -514,6 +515,117 @@ describe("stream-adapter — MCP elicitation bridge", () => {
 			},
 		});
 	});
+	test("parseTextInputElicitation recognizes secure free-text MCP forms", () => {
+		const request = {
+			serverName: "gsd-workflow",
+			message: "Enter values for environment variables.",
+			mode: "form" as const,
+			requestedSchema: {
+				type: "object" as const,
+				properties: {
+					TEST_PASSWORD: {
+						type: "string",
+						title: "TEST_PASSWORD",
+						description: "Format: min 8 characters\nLeave empty to skip.",
+					},
+					PROJECT_NAME: {
+						type: "string",
+						title: "PROJECT_NAME",
+						description: "Human-readable project name.",
+					},
+				},
+			},
+		};
+		const parsed = parseTextInputElicitation(request as any);
+		assert.deepEqual(parsed, [
+			{
+				id: "TEST_PASSWORD",
+				title: "TEST_PASSWORD",
+				description: "Format: min 8 characters\nLeave empty to skip.",
+				required: false,
+				secure: true,
+			},
+			{
+				id: "PROJECT_NAME",
+				title: "PROJECT_NAME",
+				description: "Human-readable project name.",
+				required: false,
+				secure: false,
+			},
+		]);
+	});
+	test("parseTextInputElicitation accepts legacy keys schema and skips unsupported fields", () => {
+		const request = {
+			serverName: "gsd-workflow",
+			message: "Enter secure values",
+			mode: "form" as const,
+			requestedSchema: {
+				type: "object" as const,
+				keys: {
+					API_TOKEN: {
+						type: "string",
+						title: "API_TOKEN",
+						description: "Leave empty to skip.",
+					},
+					META: {
+						type: "object",
+						title: "metadata",
+					},
+				},
+			},
+		};
+		const parsed = parseTextInputElicitation(request as any);
+		assert.deepEqual(parsed, [
+			{
+				id: "API_TOKEN",
+				title: "API_TOKEN",
+				description: "Leave empty to skip.",
+				required: false,
+				secure: true,
+			},
+		]);
+	});
+	test("createClaudeCodeElicitationHandler collects secure_env_collect fields through input dialogs", async () => {
+		const secureRequest = {
+			serverName: "gsd-workflow",
+			message: "Enter values for environment variables.",
+			mode: "form" as const,
+			requestedSchema: {
+				type: "object" as const,
+				properties: {
+					TEST_PASSWORD: {
+						type: "string",
+						title: "TEST_PASSWORD",
+						description: "Format: Your secure testing password\nLeave empty to skip.",
+					},
+				},
+			},
+		};
+		const inputCalls: Array<{ opts?: { secure?: boolean } }> = [];
+		const handler = createClaudeCodeElicitationHandler({
+			input: async (_title: string, _placeholder?: string, opts?: { secure?: boolean }) => {
+				inputCalls.push({ opts });
+				return "super-secret";
+			},
+		} as any);
+		assert.ok(handler);
+		const result = await handler!(secureRequest as any, { signal: new AbortController().signal });
+		assert.deepEqual(result, {
+			action: "accept",
+			content: {
+				TEST_PASSWORD: "super-secret",
+			},
+		});
+		assert.equal(inputCalls.length, 1);
+		assert.equal(inputCalls[0]?.opts?.secure, true, "secure_env_collect fields should request secure input");
+	});
 });
 describe("stream-adapter — Windows Claude path lookup (#3770)", () => {

package/src/resources/extensions/get-secrets-from-user.ts CHANGED Viewed

@@ -126,7 +126,7 @@ async function collectOneSecret(
 ): Promise<string | null> {
 	if (!ctx.hasUI) return null;
-	return ctx.ui.custom((tui: any, theme: any, _kb: any, done: (r: string | null) => void) => {
+	const customResult = await ctx.ui.custom((tui: any, theme: any, _kb: any, done: (r: string | null) => void) => {
 		let value = "";
 		let cachedLines: string[] | undefined;
@@ -223,6 +223,29 @@ async function collectOneSecret(
 			handleInput,
 		};
 	});
+	// RPC/web surfaces may not implement ctx.ui.custom(). Fall back to a
+	// standard input prompt so users can still provide the secret.
+	if (customResult !== undefined) {
+		return customResult;
+	}
+	if (typeof ctx.ui?.input !== "function") {
+		return null;
+	}
+	const inputTitle = `Secure value for ${keyName} (${pageIndex + 1}/${totalPages})`;
+	const inputPlaceholder = hint || "Enter secret value";
+	const inputResult = await ctx.ui.input(
+		inputTitle,
+		inputPlaceholder,
+		{ secure: true },
+	);
+	if (typeof inputResult !== "string") {
+		return null;
+	}
+	const trimmed = inputResult.trim();
+	return trimmed.length > 0 ? trimmed : null;
 }
 /**

package/src/resources/extensions/gsd/tests/secure-env-collect.test.ts CHANGED Viewed

@@ -317,3 +317,48 @@ test("secure_env_collect #2997: null from ctx.ui.custom() is still treated as sk
 		"Key returning null must NOT be in applied list",
 	);
 });
+test("secure_env_collect: falls back to secure input prompt when custom UI is unavailable", async (t) => {
+	const { collectSecretsFromManifest } = await loadOrchestrator();
+	const tmp = makeTempDir("sec-input-fallback-test");
+	t.after(() => {
+		rmSync(tmp, { recursive: true, force: true });
+	});
+	const manifest = makeManifest([
+		{ key: "SECRET_FROM_INPUT_FALLBACK", status: "pending", formatHint: "starts with sk-" },
+	]);
+	await writeManifestFile(tmp, manifest);
+	let callIndex = 0;
+	const inputCalls: Array<{ title: string; placeholder?: string; opts?: { secure?: boolean } }> = [];
+	const mockCtx = {
+		cwd: tmp,
+		hasUI: true,
+		ui: {
+			custom: async (_factory: any) => {
+				callIndex++;
+				if (callIndex <= 1) return null; // summary screen dismiss
+				return undefined; // collect screen unavailable on this surface
+			},
+			input: async (title: string, placeholder?: string, opts?: { secure?: boolean }) => {
+				inputCalls.push({ title, placeholder, opts });
+				return "  sk-test-fallback-value  ";
+			},
+		},
+	};
+	const result = await collectSecretsFromManifest(tmp, "M001", mockCtx as any);
+	assert.ok(
+		result.applied.includes("SECRET_FROM_INPUT_FALLBACK"),
+		"Fallback input should collect and apply the key",
+	);
+	assert.ok(
+		!result.skipped.includes("SECRET_FROM_INPUT_FALLBACK"),
+		"Fallback input should not mark the key as skipped",
+	);
+	assert.equal(inputCalls.length, 1, "Fallback input should be requested once");
+	assert.equal(inputCalls[0]?.opts?.secure, true, "Fallback input should request secure entry when supported");
+});

/package/dist/web/standalone/.next/static/{cHCEWiRJM5bXJa9HkP1QU → 20e8bFnNjxQJflHNodEve}/_buildManifest.js RENAMED Viewed

File without changes

/package/dist/web/standalone/.next/static/{cHCEWiRJM5bXJa9HkP1QU → 20e8bFnNjxQJflHNodEve}/_ssgManifest.js RENAMED Viewed

File without changes