i-repo 2.3.0 → 2.5.0

package/dist/commands/auth.js

@@ -6,19 +6,24 @@
 import { Command } from "commander";
 import { input, password as passwordPrompt, select, confirm } from "@inquirer/prompts";
 import { IReporterClient } from "../sdk/index.js";
-import { getConfig, getConfigWithSource, setConfig, deleteConfig, } from "../config/store.js";
-import { getUserConfigPath, getProjectConfigPath, getLocalConfigPath, getConfigPath, findProjectRoot, } from "../config/scoped-store.js";
+import { getConfig, getConfigWithSource, clearStoredCredentials, } from "../config/store.js";
+import { getUserConfigPath, getProjectConfigPath, getLocalConfigPath, findProjectRoot, } from "../config/scoped-store.js";
+import { assertEndpointAllowed, persistCredentials } from "../config/client.js";
 import { logHttp } from "../core/logger.js";
 import { printSuccess, printError, printWarning, printInfo, printDetails, printInteractionHint, withSpinner, t, } from "../ui/index.js";
 import { t as tr } from "../i18n/index.js";
 function saveCredentials(endpoint, user, password, scope, savePassword) {
-    setConfig("endpoint", endpoint, scope);
-    setConfig("user", user, scope);
-    if (savePassword) {
-        setConfig("password", password, scope);
-    }
-    const savedPath = getConfigPath(scope);
+    const { savedPath, redirectedToUser, userPath } = persistCredentials({
+        endpoint,
+        user,
+        password,
+        scope,
+        savePassword,
+    });
     printInfo(tr("auth.savedTo", { path: savedPath }));
+    if (redirectedToUser) {
+        printInfo(tr("auth.userOnlyRedirected", { path: userPath }));
+    }
     if (!savePassword) {
         printInfo(tr("auth.passwordNotStored"));
     }
@@ -47,7 +52,15 @@ authCommand
         if (!endpoint) {
             endpoint = await input({
                 message: tr("auth.endpoint"),
-                validate: (v) => v.startsWith("http") || tr("auth.validUrl"),
+                validate: (v) => {
+                    try {
+                        const u = new URL(v);
+                        return u.protocol === "https:" || u.protocol === "http:" || tr("auth.validUrl");
+                    }
+                    catch {
+                        return tr("auth.validUrl");
+                    }
+                },
             });
         }
         if (!user) {
@@ -63,6 +76,8 @@ authCommand
                 validate: (v) => v.length > 0 || tr("auth.passwordRequired"),
             });
         }
+        // Block plain-http / non-https endpoints before sending credentials.
+        assertEndpointAllowed(endpoint);
         // Authenticate via login() and verify with a lightweight API call
         await withSpinner("authenticating", async () => {
             const client = new IReporterClient({
@@ -124,7 +139,9 @@ authCommand
     .description("Clear stored credentials")
     .action(() => {
     try {
-        deleteConfig("user");
+        // Remove BOTH user and password from every scope (shared with the Ink
+        // logout executor so the two surfaces never diverge).
+        clearStoredCredentials();
         printSuccess(tr("auth.logoutSuccess"));
     }
     catch (error) {

package/dist/commands/config.js

@@ -6,7 +6,7 @@
 import { Command } from "commander";
 import { getConfigWithSource, setConfig, resetConfig, validKeys, isValidKey, } from "../config/store.js";
 import { parseDisabledCommands, isConfigPath } from "../config/command-gate.js";
-import { getAllConfigPaths, } from "../config/scoped-store.js";
+import { getAllConfigPaths, USER_ONLY_KEYS, } from "../config/scoped-store.js";
 import { setLocale, t as tr } from "../i18n/index.js";
 import { printSuccess, printError, printWarning, printDetails, printInfo, out, t, } from "../ui/index.js";
 const validScopes = ["user", "project", "local"];
@@ -82,6 +82,11 @@ configCommand
         if (key === "password") {
             printWarning(tr("config.passwordWarning"));
         }
+        // A user-only key written to project/local is silently ignored at
+        // runtime (see USER_ONLY_KEYS) — warn so the value isn't trusted to apply.
+        if (USER_ONLY_KEYS.has(key) && opts.scope !== "user") {
+            printWarning(tr("config.userOnlyScopeWarning", { key, scope: opts.scope }));
+        }
         const coerced = coerceValue(key, value);
         if (coerced === null) {
             process.exitCode = 1;

package/dist/commands/plugin.js

@@ -91,13 +91,26 @@ pluginCommand
         const row = buildDescribeRow(PLUGIN_PREFIX + name, bin, declared);
         // 人間面 (table/csv) では params を読める1行に整形 (ndjson/json は宣言そのまま —
         // render と同じ「ラベル化は人間面のみ」の流儀)
-        if ((format === "table" || format === "csv") && Array.isArray(row.params)) {
-            row.params = row.params
-                .map((p) => {
-                const choices = Array.isArray(p.choices) ? `:${p.choices.join("|")}` : "";
-                return `${String(p.name)} <${String(p.type)}${choices}>${p.required ? " (required)" : ""}`;
-            })
-                .join(", ");
+        if (format === "table" || format === "csv") {
+            if (Array.isArray(row.params)) {
+                // label は GUI の関心事 — CLI は実フラグ名を見せる
+                row.params = row.params
+                    .map((p) => {
+                    const choices = Array.isArray(p.choices) ? `:${p.choices.join("|")}` : "";
+                    const markers = `${p.required ? " (required)" : ""}${p.secret ? " (secret)" : ""}` +
+                        `${typeof p.subcommand === "string" ? ` [${p.subcommand}]` : ""}`;
+                    return `${String(p.name)} <${String(p.type)}${choices}>${markers}`;
+                })
+                    .join(", ");
+            }
+            if (Array.isArray(row.platforms)) {
+                row.platforms = row.platforms.join(", ");
+            }
+            if (Array.isArray(row.subcommands)) {
+                row.subcommands = row.subcommands
+                    .map((s) => (s.description ? `${String(s.name)} (${String(s.description)})` : String(s.name)))
+                    .join(", ");
+            }
         }
         formatOutput(row, {
             format,

package/dist/config/client.d.ts

@@ -13,11 +13,64 @@
  *   6. TTY prompt:     interactive password input (if terminal is attached)
  */
 import { IReporterClient } from "../sdk/index.js";
+import type { ConfigScope } from "./scoped-store.js";
 export interface CreateClientOptions {
     endpoint?: string;
     user?: string;
     password?: string;
 }
+/** Env var that opts in to plain-http on ANY host (including public ones). */
+export declare const INSECURE_ENV = "IREPO_ALLOW_INSECURE";
+/** Whether the user has explicitly opted in to insecure (plain http) endpoints. */
+export declare function isInsecureAllowed(): boolean;
+/**
+ * Whether a host is on the local machine or a private/internal network, where
+ * plain http is the common (and far lower risk) reality for on-prem i-Reporter
+ * servers. Covers loopback, RFC1918 private IPv4, link-local, IPv6
+ * loopback/unique-local/link-local, *.local (mDNS), *.localhost, and bare
+ * single-label intranet hostnames (which can't be reached from the public
+ * internet without a search domain).
+ */
+export declare function isPrivateOrLocalHost(hostname: string): boolean;
+/**
+ * Validate that an endpoint is safe to send credentials to.
+ *
+ * Plain http sends the Login user/password and the session cookie in clear
+ * text, readable by any passive eavesdropper on the path. Policy:
+ *   - https            → always allowed.
+ *   - http to a local/private host (loopback, RFC1918, *.local, intranet name)
+ *                      → allowed with a warning. On-prem i-Reporter servers
+ *                        commonly run plain http on the internal LAN.
+ *   - http to a public host → rejected, unless IREPO_ALLOW_INSECURE=1 (warned).
+ *   - any other scheme (file:, data:, ...) → always rejected.
+ * Throws ConfigError so the failure is classified (config-error exit code).
+ */
+export declare function assertEndpointAllowed(endpoint: string): void;
+export interface PersistCredentialsResult {
+    /** Path of the requested scope, where the shareable `user` was written. */
+    savedPath: string | undefined;
+    /** endpoint/password were forced to the user scope (requested scope ≠ user). */
+    redirectedToUser: boolean;
+    /** The user-scope config path (where endpoint/password actually live). */
+    userPath: string;
+}
+/**
+ * Persist login credentials, honoring USER_ONLY_KEYS. `endpoint` and `password`
+ * only take effect from the user scope at runtime, so they are ALWAYS written
+ * there — writing them to project/local would create config that silently does
+ * nothing, and a project-scoped password would risk a plaintext VCS leak. Only
+ * the shareable, non-sensitive `user` goes to the requested scope.
+ *
+ * Shared by the CLI `auth login` and the Ink AuthLoginScreen so both surfaces
+ * apply the same trust policy.
+ */
+export declare function persistCredentials(args: {
+    endpoint: string;
+    user: string;
+    password: string;
+    scope: ConfigScope;
+    savePassword: boolean;
+}): PersistCredentialsResult;
 /**
  * Create an IReporterClient, resolving credentials from
  * CLI flags -> environment variables -> config store (scoped) -> interactive prompt.

package/dist/config/client.js

@@ -16,7 +16,120 @@ import { IReporterClient } from "../sdk/index.js";
 import { password as passwordPrompt } from "@inquirer/prompts";
 import { logHttp } from "../core/logger.js";
 import { ConfigError } from "../core/errors.js";
-import { getConfig } from "./store.js";
+import { getConfig, setConfig } from "./store.js";
+import { getConfigPath, getUserConfigPath } from "./scoped-store.js";
+/** Env var that opts in to plain-http on ANY host (including public ones). */
+export const INSECURE_ENV = "IREPO_ALLOW_INSECURE";
+/** Whether the user has explicitly opted in to insecure (plain http) endpoints. */
+export function isInsecureAllowed() {
+    const v = process.env[INSECURE_ENV];
+    return v === "1" || v?.toLowerCase() === "true";
+}
+/**
+ * Whether a host is on the local machine or a private/internal network, where
+ * plain http is the common (and far lower risk) reality for on-prem i-Reporter
+ * servers. Covers loopback, RFC1918 private IPv4, link-local, IPv6
+ * loopback/unique-local/link-local, *.local (mDNS), *.localhost, and bare
+ * single-label intranet hostnames (which can't be reached from the public
+ * internet without a search domain).
+ */
+export function isPrivateOrLocalHost(hostname) {
+    const h = hostname.toLowerCase().replace(/^\[|\]$/g, ""); // strip IPv6 [] brackets
+    if (h === "localhost" || h.endsWith(".localhost"))
+        return true;
+    if (h.endsWith(".local"))
+        return true;
+    // bare single-label hostname (no dots) — an intranet name, not a public FQDN
+    if (!h.includes(".") && !h.includes(":"))
+        return true;
+    if (h === "::1")
+        return true; // IPv6 loopback
+    if (/^f[cd][0-9a-f]{2}:/.test(h))
+        return true; // IPv6 unique-local fc00::/7
+    if (h.startsWith("fe80:"))
+        return true; // IPv6 link-local
+    const m = h.match(/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/);
+    if (m) {
+        const a = Number(m[1]);
+        const b = Number(m[2]);
+        if (a === 127)
+            return true; // loopback 127/8
+        if (a === 10)
+            return true; // 10/8
+        if (a === 192 && b === 168)
+            return true; // 192.168/16
+        if (a === 172 && b >= 16 && b <= 31)
+            return true; // 172.16/12
+        if (a === 169 && b === 254)
+            return true; // link-local 169.254/16
+    }
+    return false;
+}
+/**
+ * Validate that an endpoint is safe to send credentials to.
+ *
+ * Plain http sends the Login user/password and the session cookie in clear
+ * text, readable by any passive eavesdropper on the path. Policy:
+ *   - https            → always allowed.
+ *   - http to a local/private host (loopback, RFC1918, *.local, intranet name)
+ *                      → allowed with a warning. On-prem i-Reporter servers
+ *                        commonly run plain http on the internal LAN.
+ *   - http to a public host → rejected, unless IREPO_ALLOW_INSECURE=1 (warned).
+ *   - any other scheme (file:, data:, ...) → always rejected.
+ * Throws ConfigError so the failure is classified (config-error exit code).
+ */
+export function assertEndpointAllowed(endpoint) {
+    let url;
+    try {
+        url = new URL(endpoint);
+    }
+    catch {
+        throw new ConfigError(`Invalid API endpoint URL: ${endpoint}\n` +
+            "  Expected an absolute URL, e.g. https://host/ConMasAPI/Rests/APIExecute.aspx");
+    }
+    if (url.protocol === "https:")
+        return;
+    if (url.protocol === "http:") {
+        if (isPrivateOrLocalHost(url.hostname)) {
+            process.stderr.write(`Warning: using plain HTTP to ${url.origin} — credentials are not encrypted. ` +
+                "Acceptable on a trusted local/private network; prefer https where available.\n");
+            return;
+        }
+        if (isInsecureAllowed()) {
+            process.stderr.write(`Warning: sending credentials over plain HTTP to the public host ${url.origin} ` +
+                `(${INSECURE_ENV} is set). Traffic can be intercepted on the network.\n`);
+            return;
+        }
+        throw new ConfigError(`Refusing to send credentials over plain http to a public host: ${endpoint}\n` +
+            "  They would be transmitted in clear text and can be intercepted.\n" +
+            "  Use an https:// endpoint. Local/private hosts (localhost, 10.x, 192.168.x, *.local)\n" +
+            `  are allowed over http; for a public http host set ${INSECURE_ENV}=1 to override (not recommended).`);
+    }
+    throw new ConfigError(`Unsupported endpoint scheme "${url.protocol}": ${endpoint}\n` +
+        `  Only https:// (or http:// to a local/private host) is allowed.`);
+}
+/**
+ * Persist login credentials, honoring USER_ONLY_KEYS. `endpoint` and `password`
+ * only take effect from the user scope at runtime, so they are ALWAYS written
+ * there — writing them to project/local would create config that silently does
+ * nothing, and a project-scoped password would risk a plaintext VCS leak. Only
+ * the shareable, non-sensitive `user` goes to the requested scope.
+ *
+ * Shared by the CLI `auth login` and the Ink AuthLoginScreen so both surfaces
+ * apply the same trust policy.
+ */
+export function persistCredentials(args) {
+    setConfig("user", args.user, args.scope);
+    setConfig("endpoint", args.endpoint, "user");
+    if (args.savePassword) {
+        setConfig("password", args.password, "user");
+    }
+    return {
+        savedPath: getConfigPath(args.scope),
+        redirectedToUser: args.scope !== "user",
+        userPath: getUserConfigPath(),
+    };
+}
 // In-memory password cache for the CLI session lifetime.
 let cachedPassword;
 /**
@@ -34,6 +147,8 @@ export async function createClient(opts = {}) {
             '  Run "i-repo config set endpoint <url>"\n' +
             "  or set IREPO_ENDPOINT environment variable.");
     }
+    // Block plain-http / non-https endpoints before any credential is sent.
+    assertEndpointAllowed(endpoint);
     if (!user) {
         throw new ConfigError("User is not configured.\n" +
             '  Run "i-repo config set user <name>"\n' +

package/dist/config/scoped-store.d.ts

@@ -5,6 +5,18 @@ export interface ConfigWithSource<K extends keyof IRepoConfig = keyof IRepoConfi
     source: ConfigScope | undefined;
     path: string | undefined;
 }
+/**
+ * Keys that route credentials or relax safety gates. These are read ONLY from
+ * the user scope (plus env vars / CLI flags handled at call sites). A
+ * checked-out repository's project/local config must NOT be able to silently:
+ *   - redirect credentials to another endpoint (`endpoint`)
+ *   - ship a shared plaintext password (`password`)
+ *   - forward extra parent-env vars to plugin processes (`pluginPassEnv`)
+ *   - loosen the destructive-delete gate (`allowDelete`)
+ * `disabledCommands` is intentionally NOT here: it can only ADD restrictions
+ * (never loosen), and team-shared command hiding is a legitimate use.
+ */
+export declare const USER_ONLY_KEYS: ReadonlySet<keyof IRepoConfig>;
 /** ~/.i-repo/i-repo.json */
 export declare function getUserConfigPath(): string;
 /** ~/.i-repo/ */
@@ -34,6 +46,8 @@ export declare function writeScopedConfig(scope: ConfigScope, data: Partial<IRep
  * Priority: local > project > user
  */
 export declare function getMergedConfig(): Partial<IRepoConfig>;
+/** Test seam: reset the per-process shadow-warning memo. */
+export declare function __resetUserOnlyShadowMemo(): void;
 /**
  * Get a config value with source information.
  * Checks scopes from highest to lowest priority.

package/dist/config/scoped-store.js

@@ -11,6 +11,23 @@
 import { readFileSync, writeFileSync, mkdirSync, existsSync, chmodSync, renameSync, unlinkSync } from "node:fs";
 import { join, dirname, resolve } from "node:path";
 import { homedir } from "node:os";
+/**
+ * Keys that route credentials or relax safety gates. These are read ONLY from
+ * the user scope (plus env vars / CLI flags handled at call sites). A
+ * checked-out repository's project/local config must NOT be able to silently:
+ *   - redirect credentials to another endpoint (`endpoint`)
+ *   - ship a shared plaintext password (`password`)
+ *   - forward extra parent-env vars to plugin processes (`pluginPassEnv`)
+ *   - loosen the destructive-delete gate (`allowDelete`)
+ * `disabledCommands` is intentionally NOT here: it can only ADD restrictions
+ * (never loosen), and team-shared command hiding is a legitimate use.
+ */
+export const USER_ONLY_KEYS = new Set([
+    "endpoint",
+    "password",
+    "pluginPassEnv",
+    "allowDelete",
+]);
 // ── Paths ────────────────────────────────────────────────────
 const CONFIG_DIR_NAME = ".i-repo";
 const CONFIG_FILE_NAME = "i-repo.json";
@@ -191,13 +208,60 @@ export function getMergedConfig() {
     const user = readScopedConfig("user");
     const project = readScopedConfig("project");
     const local = readScopedConfig("local");
-    return { ...user, ...project, ...local };
+    const merged = { ...user, ...project, ...local };
+    // user-only keys: the effective value is the user-scope value alone, so the
+    // merged view (config list) reflects what actually takes effect at runtime.
+    for (const key of USER_ONLY_KEYS) {
+        if (key in user && user[key] !== undefined) {
+            merged[key] = user[key];
+        }
+        else {
+            delete merged[key];
+        }
+    }
+    return merged;
+}
+// A user-only key shadowed by project/local is reported once per key per
+// process (getConfigWithSource is called many times per command).
+const userOnlyShadowChecked = new Set();
+/** Resolve a user-only key from the user scope alone, warning if a lower-trust
+ *  scope tried (and failed) to set it. */
+function getUserScopeOnly(key) {
+    if (!userOnlyShadowChecked.has(key)) {
+        userOnlyShadowChecked.add(key);
+        for (const scope of ["project", "local"]) {
+            const p = getConfigPath(scope);
+            if (!p)
+                continue;
+            const c = readJsonFile(p);
+            if (key in c && c[key] !== undefined) {
+                console.error(`Warning: ignoring "${key}" from ${scope} config (${p}) — for security this ` +
+                    `key is only honored from your user config. A checked-out repository must not ` +
+                    `redirect credentials or relax safety gates. ` +
+                    `Set it with: i-repo config set ${key} <value> --scope user`);
+            }
+        }
+    }
+    const userPath = getUserConfigPath();
+    const user = readJsonFile(userPath);
+    if (key in user && user[key] !== undefined) {
+        return { value: user[key], source: "user", path: userPath };
+    }
+    return { value: undefined, source: undefined, path: undefined };
+}
+/** Test seam: reset the per-process shadow-warning memo. */
+export function __resetUserOnlyShadowMemo() {
+    userOnlyShadowChecked.clear();
 }
 /**
  * Get a config value with source information.
  * Checks scopes from highest to lowest priority.
  */
 export function getConfigWithSource(key) {
+    // Credential-routing / safety-gate keys: user scope only (ignore project/local).
+    if (USER_ONLY_KEYS.has(key)) {
+        return getUserScopeOnly(key);
+    }
     // Check local first (highest priority)
     const localPath = getLocalConfigPath();
     if (localPath) {

package/dist/config/store.d.ts

@@ -31,6 +31,13 @@ export declare function getConfigWithSource<K extends keyof IRepoConfig>(key: K)
 export declare function setConfig<K extends keyof IRepoConfig>(key: K, value: IRepoConfig[K], scope?: ConfigScope): void;
 export declare function deleteConfig<K extends keyof IRepoConfig>(key: K, scope?: ConfigScope): void;
 export declare function resetConfig(scope?: ConfigScope): void;
+/**
+ * Clear stored credentials (user AND password) from every scope that has a
+ * config file. Shared by the CLI `auth logout` and the Ink logout executor so
+ * both surfaces behave identically — leaving the password behind while
+ * reporting a successful logout is misleading and a credential-removal gap.
+ */
+export declare function clearStoredCredentials(): void;
 export declare function getAllConfig(): Partial<IRepoConfig>;
 export declare const validKeys: (keyof IRepoConfig)[];
 export declare function isValidKey(key: string): key is keyof IRepoConfig;

package/dist/config/store.js

@@ -6,7 +6,8 @@
  *   < Project (<repo>/.i-repo/i-repo.json)
  *   < Local (<repo>/.i-repo/i-repo.local.json)
  */
-import { getMergedConfig, getConfigWithSource as scopedGetConfigWithSource, setScopedConfig, deleteScopedConfig, resetScopedConfig, } from "./scoped-store.js";
+import { existsSync } from "node:fs";
+import { getMergedConfig, getConfigWithSource as scopedGetConfigWithSource, setScopedConfig, deleteScopedConfig, resetScopedConfig, getAllConfigPaths, } from "./scoped-store.js";
 export function getConfig(key) {
     return scopedGetConfigWithSource(key).value;
 }
@@ -22,6 +23,20 @@ export function deleteConfig(key, scope = "user") {
 export function resetConfig(scope = "user") {
     resetScopedConfig(scope);
 }
+/**
+ * Clear stored credentials (user AND password) from every scope that has a
+ * config file. Shared by the CLI `auth logout` and the Ink logout executor so
+ * both surfaces behave identically — leaving the password behind while
+ * reporting a successful logout is misleading and a credential-removal gap.
+ */
+export function clearStoredCredentials() {
+    for (const { scope, path } of getAllConfigPaths()) {
+        if (!path || !existsSync(path))
+            continue;
+        deleteScopedConfig("user", scope);
+        deleteScopedConfig("password", scope);
+    }
+}
 export function getAllConfig() {
     return getMergedConfig();
 }

package/dist/core/logger.js

@@ -10,6 +10,7 @@
 import { appendFileSync, chmodSync, mkdirSync, existsSync, readdirSync, unlinkSync } from "node:fs";
 import { join } from "node:path";
 import { getUserConfigDir } from "../config/scoped-store.js";
+import { sanitizeForLog } from "../ui/width.js";
 const LOG_DIR_NAME = "logs";
 const MAX_LOG_FILES = 7;
 /** Get the log directory path: ~/.i-repo/logs/ */
@@ -63,7 +64,11 @@ function appendLines(lines) {
     try {
         ensureLogDir();
         const logPath = getLogFilePath();
-        appendFileSync(logPath, lines.join("\n") + "\n", {
+        // Neutralize terminal escapes centrally so EVERY entry type (HTTP/ERROR/…),
+        // including server-derived messages/remarks/statusText/stacks, is inert when
+        // the log is viewed later. Keeps \n/\t so the log stays readable.
+        const safeLines = lines.map((line) => sanitizeForLog(line));
+        appendFileSync(logPath, safeLines.join("\n") + "\n", {
             encoding: "utf-8",
             mode: 0o600,
         });

package/dist/i18n/locales/en.js

@@ -54,7 +54,10 @@ export const en = {
         passwordRequired: "Password is required",
         authenticatedSuccessfully: "Authenticated successfully",
         authenticationFailed: "Authentication failed",
-        logoutSuccess: "Logged out successfully. Stored user cleared.",
+        logoutSuccess: "Logged out successfully. Stored user and password cleared.",
+        userOnlyRedirected: "Note: endpoint and password were saved to your user config ({path}).\n" +
+            "  For security they only take effect from the user scope (a checked-out\n" +
+            "  repository must not redirect credentials), so they are not written to project/local.",
         statusTitle: "Connection Info",
         notConfigured: 'Not configured. Run "i-repo auth login" to get started.',
         notConfiguredInk: "Not configured. Run auth login to get started.",
@@ -159,6 +162,8 @@ export const en = {
         invalidFormat: "Invalid format. Must be one of: table, json, csv, ndjson",
         invalidTimeout: "Invalid timeout. Must be a positive number (seconds).",
         invalidBoolean: "Invalid value for {key}. Must be true or false.",
+        userOnlyScopeWarning: '"{key}" is only read from the user scope for security; a value in {scope} ' +
+            "scope is ignored at runtime. Use --scope user to make it take effect.",
         keyNotSet: "{key} is not set",
         configTitle: "Configuration",
         resetSuccess: "Configuration reset to defaults [{scope}]",

package/dist/i18n/locales/ja.js

@@ -54,7 +54,10 @@ export const ja = {
         passwordRequired: "パスワードは必須です",
         authenticatedSuccessfully: "認証に成功しました",
         authenticationFailed: "認証に失敗しました",
-        logoutSuccess: "ログアウトしました。保存されたユーザー情報をクリアしました。",
+        logoutSuccess: "ログアウトしました。保存されたユーザー情報とパスワードをクリアしました。",
+        userOnlyRedirected: "注意: エンドポイントとパスワードは user 設定 ({path}) に保存しました。\n" +
+            "  セキュリティ上これらは user スコープからのみ有効なため (clone したリポジトリが\n" +
+            "  認証情報をすり替えられないように)、project/local には書き込みません。",
         statusTitle: "接続情報",
         notConfigured: '未設定です。"i-repo auth login" を実行して開始してください。',
         notConfiguredInk: "未設定です。auth login を実行して開始してください。",
@@ -159,6 +162,8 @@ export const ja = {
         invalidFormat: "無効な形式です。table, json, csv, ndjson のいずれかを指定してください",
         invalidTimeout: "無効なタイムアウト値です。正の数を指定してください（秒）。",
         invalidBoolean: "{key} の値が無効です。true または false を指定してください。",
+        userOnlyScopeWarning: "セキュリティ上「{key}」は user スコープからのみ読み込まれます。{scope} スコープの値は" +
+            "実行時に無視されます。有効にするには --scope user を使用してください。",
         keyNotSet: "{key} は未設定です",
         configTitle: "設定",
         resetSuccess: "設定をデフォルトにリセットしました [{scope}]",

package/dist/i18n/types.d.ts

@@ -61,6 +61,7 @@ export interface LocaleMessages {
         authenticatedSuccessfully: string;
         authenticationFailed: string;
         logoutSuccess: string;
+        userOnlyRedirected: string;
         statusTitle: string;
         notConfigured: string;
         notConfiguredInk: string;
@@ -161,6 +162,7 @@ export interface LocaleMessages {
         invalidFormat: string;
         invalidTimeout: string;
         invalidBoolean: string;
+        userOnlyScopeWarning: string;
         keyNotSet: string;
         configTitle: string;
         resetSuccess: string;

package/dist/ink/components/DetailView.js

@@ -2,6 +2,7 @@ import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
 import { Box, Text } from "ink";
 import { colors } from "../theme.js";
 import { t as tr } from "../../i18n/index.js";
+import { sanitizeForDisplay } from "../../ui/width.js";
 export function DetailView({ data, title }) {
     const entries = Object.entries(data);
     const maxKeyLen = Math.max(...entries.map(([k]) => k.length), 0);
@@ -10,13 +11,14 @@ export function DetailView({ data, title }) {
                 const dots = dotLeaderLen - key.length;
                 const leader = dots > 2 ? " " + "\u00B7".repeat(dots - 1) + " " : "  ";
                 const isNil = value === null || value === undefined;
-                return (_jsxs(Box, { children: [_jsx(Text, { bold: true, color: colors.text, children: key }), _jsx(Text, { color: colors.border, children: leader }), isNil ? (_jsx(Text, { dimColor: true, children: tr("common.none") })) : (_jsx(Text, { color: colors.text, children: formatValue(value) }))] }, key));
+                return (_jsxs(Box, { children: [_jsx(Text, { bold: true, color: colors.text, children: sanitizeForDisplay(key) }), _jsx(Text, { color: colors.border, children: leader }), isNil ? (_jsx(Text, { dimColor: true, children: tr("common.none") })) : (_jsx(Text, { color: colors.text, children: formatValue(value) }))] }, key));
             })] }));
 }
 function formatValue(value) {
     if (value === null || value === undefined)
         return "(none)";
-    if (typeof value === "object")
-        return JSON.stringify(value);
-    return String(value);
+    const s = typeof value === "object" ? JSON.stringify(value) : String(value);
+    // Server-derived values may carry terminal escapes (title rewrite, screen
+    // clear); neutralize before rendering to the interactive TTY.
+    return sanitizeForDisplay(s);
 }

package/dist/ink/components/ErrorView.js

@@ -2,6 +2,7 @@ import { jsxs as _jsxs, jsx as _jsx } from "react/jsx-runtime";
 import { Box, Text } from "ink";
 import { colors, icons } from "../theme.js";
 import { t as tr } from "../../i18n/index.js";
+import { sanitizeForDisplay } from "../../ui/width.js";
 export function ErrorView({ message }) {
-    return (_jsxs(Box, { flexDirection: "column", marginY: 1, borderStyle: "round", borderColor: colors.error, paddingX: 2, paddingY: 1, children: [_jsx(Box, { marginBottom: 1, children: _jsxs(Text, { inverse: true, color: colors.error, bold: true, children: [" ", icons.error, " ", tr("errors.label"), " "] }) }), _jsx(Box, { marginLeft: 1, children: _jsx(Text, { color: colors.error, children: message }) })] }));
+    return (_jsxs(Box, { flexDirection: "column", marginY: 1, borderStyle: "round", borderColor: colors.error, paddingX: 2, paddingY: 1, children: [_jsx(Box, { marginBottom: 1, children: _jsxs(Text, { inverse: true, color: colors.error, bold: true, children: [" ", icons.error, " ", tr("errors.label"), " "] }) }), _jsx(Box, { marginLeft: 1, children: _jsx(Text, { color: colors.error, children: sanitizeForDisplay(message) }) })] }));
 }

package/dist/ink/components/TableView.js

@@ -3,7 +3,7 @@ import { Box, Text, useInput } from "ink";
 import { Fragment, useMemo, useState } from "react";
 import { boxChars, colors, icons } from "../theme.js";
 import { t as tr } from "../../i18n/index.js";
-import { displayWidth, truncateToWidth } from "../../ui/width.js";
+import { displayWidth, truncateToWidth, sanitizeForDisplay } from "../../ui/width.js";
 import { decodeRawNav } from "../keymap.js";
 /** 1 ページあたりの行数 (ActionBar のページ送りヒント表示判定にも使う) */
 export const TABLE_PAGE_SIZE = 20;
@@ -33,10 +33,10 @@ export function TableView({ data, columns }) {
     // Column widths by visual width (CJK-aware), cap to avoid overflow
     const widths = useMemo(() => cols.map((col) => {
         const maxData = data.reduce((max, row) => {
-            const w = displayWidth(String(row[col] ?? ""));
+            const w = displayWidth(sanitizeForDisplay(String(row[col] ?? "")));
             return w > max ? w : max;
         }, 0);
-        const headerW = displayWidth(col);
+        const headerW = displayWidth(sanitizeForDisplay(col));
         const natural = Math.min(Math.max(headerW, maxData) + 2, MAX_COL_WIDTH);
         return Math.max(natural, MIN_COL_WIDTHS[col] ?? 0);
     }), [cols, data]);
@@ -45,13 +45,13 @@ export function TableView({ data, columns }) {
         const v = boxChars.vertical;
         const sep = boxChars.leftMid +
             widths.map((w, i) => boxChars.horizontal.repeat(w) + (i < widths.length - 1 ? boxChars.midMid : boxChars.rightMid)).join("");
-        const headerCells = cols.map((col, i) => padToVisualWidth(" " + col, widths[i]));
+        const headerCells = cols.map((col, i) => padToVisualWidth(" " + sanitizeForDisplay(col), widths[i]));
         const lines = [];
         lines.push(v + headerCells.join(v) + v);
         lines.push(sep);
         for (const row of pageData) {
             const cells = cols.map((col, i) => {
-                const raw = truncateToWidth(String(row[col] ?? "─"), widths[i] - 2);
+                const raw = truncateToWidth(sanitizeForDisplay(String(row[col] ?? "─")), widths[i] - 2);
                 return padToVisualWidth(" " + raw + " ", widths[i]);
             });
             lines.push(v + cells.join(v) + v);