npm - kubeagent - Versions diffs - 0.1.15 → 0.1.17 - Mend

kubeagent 0.1.15 → 0.1.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/auth.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { readFileSync, writeFileSync, existsSync, mkdirSync, unlinkSync } from "node:fs";
+import { readFileSync, writeFileSync, existsSync, mkdirSync, unlinkSync, chmodSync } from "node:fs";
 import { join } from "node:path";
 import { createServer } from "node:http";
 import { randomBytes } from "node:crypto";
@@ -31,8 +31,18 @@ export function loadAuth() {
 export function saveAuth(auth) {
     const dir = configDir();
     if (!existsSync(dir))
-        mkdirSync(dir, { recursive: true });
-    writeFileSync(authPath(), JSON.stringify(auth, null, 2));
+        mkdirSync(dir, { recursive: true, mode: 0o700 });
+    const path = authPath();
+    // Write with mode 0600 so only the owning user can read the file.
+    // This is the fallback for platforms where a system keychain is unavailable.
+    // To use the OS keychain instead (recommended for production), install `keytar`
+    // and store auth.token and auth.apiKey there, keeping only non-secret fields here.
+    writeFileSync(path, JSON.stringify(auth, null, 2), { mode: 0o600 });
+    // Ensure permissions even if the file already existed with looser permissions.
+    try {
+        chmodSync(path, 0o600);
+    }
+    catch { /* non-POSIX platforms ignore this */ }
 }
 export function clearAuth() {
     const path = authPath();

package/dist/cli.js CHANGED Viewed

@@ -16,7 +16,6 @@ import { startMonitor } from "./monitor/index.js";
 import { handleIssues } from "./orchestrator.js";
 import { sendResolve } from "./notify/index.js";
 import { diagnose } from "./diagnoser/index.js";
-import { buildSystemPrompt } from "./kb/loader.js";
 import { join } from "node:path";
 import { loadAuth, loginBrowser, loginDevice, createApiKey, showAccount, clearAuth } from "./auth.js";
 import { fetchSlackWebhook } from "./proxy-client.js";
@@ -440,9 +439,6 @@ program
         program.help();
         return;
     }
-    const context = opts.context;
-    const kbDir = join(configDir(), "clusters", context ?? "default");
-    const systemPrompt = buildSystemPrompt(kbDir);
     const auth = loadAuth();
     if (!auth?.apiKey) {
         console.error(chalk.red("Not logged in. Run 'kubeagent login' to get started."));
@@ -450,10 +446,7 @@ program
     }
     const { proxyRequest } = await import("./proxy-client.js");
     const result = await proxyRequest(auth, {
-        model: "claude-sonnet-4-6",
         max_tokens: 16000,
-        system: systemPrompt,
-        thinking: { type: "adaptive" },
         messages: [{ role: "user", content: prompt.join(" ") }],
     });
     const response = result;

package/dist/diagnoser/index.js CHANGED Viewed

@@ -1,26 +1,10 @@
 import chalk from "chalk";
 import readline from "node:readline";
-import { buildSystemPrompt } from "../kb/loader.js";
 import { loadAuth } from "../auth.js";
 import { proxyRequest } from "../proxy-client.js";
-import { dbg } from "../debug.js";
 import { getLogs, describeResource, restartPod, rolloutRestart, scaleDeployment, getEvents, setResources, kubectlGetLogsSchema, kubectlDescribeSchema, restartPodSchema, rolloutRestartSchema, scaleDeploymentSchema, getEventsSchema, setResourcesSchema, } from "./tools.js";
 import { zodToJsonSchema } from "zod-to-json-schema";
 const MAX_TOOL_OUTPUT_CHARS = 8000;
-const HAIKU = "claude-haiku-4-5-20251001";
-const SONNET = "claude-sonnet-4-6";
-function selectModel(issues) {
-    if (issues.some((i) => i.kind === "node_not_ready" || i.kind === "node_pressure"))
-        return SONNET;
-    if (issues.length >= 3)
-        return SONNET;
-    const maxRestarts = Math.max(0, ...issues.map((i) => i.details.restartCount ?? 0));
-    if (maxRestarts > 20)
-        return SONNET;
-    if (issues.filter((i) => i.kind === "pod_oom").length >= 2)
-        return SONNET;
-    return HAIKU;
-}
 async function createMessage(params) {
     const auth = loadAuth();
     if (!auth?.apiKey) {
@@ -138,7 +122,6 @@ function makeToolExecutors(noInteractive, onQuestion) {
     };
 }
 export async function diagnose(issues, kbDir, clusterContext, options) {
-    const systemPrompt = buildSystemPrompt(kbDir);
     const tools = makeToolDefs();
     const issuesSummary = issues
         .map((i) => `[${i.severity}] ${i.kind}: ${i.message}`)
@@ -166,22 +149,14 @@ If it requires a risky action (rollback, delete, scale to zero), propose it but
         ...(options?.safeActions ?? []),
     ]);
     let appliedAction;
-    const model = selectModel(issues);
-    dbg("model", `selected ${model} for ${issues.length} issue(s): ${issues.map(i => i.kind).join(", ")}`);
-    // Agentic loop
+    // Agentic loop — model is selected server-side based on plan tier
     let lastResponse;
     for (let turn = 0; turn < 10; turn++) {
         const params = {
-            model,
             max_tokens: 16000,
-            system: systemPrompt,
             tools,
             messages,
         };
-        // adaptive thinking only supported on Sonnet+, not Haiku
-        if (model === SONNET) {
-            params.thinking = { type: "adaptive" };
-        }
         const response = await createMessage(params);
         lastResponse = response;
         if (response.stop_reason === "end_turn")

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "kubeagent",
-  "version": "0.1.15",
+  "version": "0.1.17",
   "description": "AI-powered Kubernetes management CLI",
   "license": "SEE LICENSE IN LICENSE",
   "type": "module",