kubeagent 0.1.21 → 0.1.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/auth.js +13 -10
  2. package/dist/cli.js +23 -4
  3. package/package.json +1 -1
package/dist/auth.js CHANGED
@@ -63,17 +63,20 @@ export async function loginBrowser(serverUrl, appUrl) {
63
63
  res.end();
64
64
  return;
65
65
  }
66
- // Parse credentials from POST body (hidden form submit) to avoid
67
- // leaking the JWT in URL query params, browser history, and Referer headers.
68
- const chunks = [];
69
- req.on("data", (chunk) => chunks.push(chunk));
66
+ // Parse credentials from the redirect URL query params.
67
+ // A plain HTTP redirect from the HTTPS server is not blocked as mixed content
68
+ // by modern browsers (unlike form submissions), so the flow works reliably.
69
+ // The token travels only over the loopback interface — same threat model as
70
+ // GitHub CLI, Tailscale, and other CLI OAuth tools.
71
+ const url = new URL(req.url, `http://127.0.0.1`);
72
+ const params = url.searchParams;
73
+ const receivedState = params.get("state");
74
+ const token = params.get("token");
75
+ const email = params.get("email") ?? "";
76
+ const name = params.get("name") ?? "";
77
+ // Consume any request body before replying (keeps the socket clean).
78
+ req.resume();
70
79
  req.on("end", () => {
71
- const body = Buffer.concat(chunks).toString();
72
- const params = new URLSearchParams(body);
73
- const receivedState = params.get("state");
74
- const token = params.get("token");
75
- const email = params.get("email") ?? "";
76
- const name = params.get("name") ?? "";
77
80
  res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
78
81
  res.end(`<!DOCTYPE html>
79
82
  <html lang="en">
package/dist/cli.js CHANGED
@@ -452,10 +452,29 @@ program
452
452
  process.exit(1);
453
453
  }
454
454
  const { proxyRequest } = await import("./proxy-client.js");
455
- const result = await proxyRequest(auth, {
456
- max_tokens: 16000,
457
- messages: [{ role: "user", content: prompt.join(" ") }],
458
- });
455
+ let result;
456
+ try {
457
+ result = await proxyRequest(auth, {
458
+ max_tokens: 16000,
459
+ messages: [{ role: "user", content: prompt.join(" ") }],
460
+ });
461
+ }
462
+ catch (err) {
463
+ const e = err;
464
+ if (e.status === 429) {
465
+ console.error(chalk.red("Token balance exhausted.") + " " + chalk.dim("Run: kubeagent account") + " to check your balance, then upgrade at " + chalk.cyan("https://app.kubeagent.net"));
466
+ }
467
+ else if (e.status === 401) {
468
+ console.error(chalk.red("Not authenticated.") + " " + chalk.dim("Run: kubeagent login"));
469
+ }
470
+ else if (e.status === 400) {
471
+ console.error(chalk.red("Bad request: ") + chalk.dim(e.message.replace("KubeAgent proxy: ", "")));
472
+ }
473
+ else {
474
+ console.error(chalk.red("Error: ") + e.message.replace("KubeAgent proxy: ", ""));
475
+ }
476
+ process.exit(1);
477
+ }
459
478
  const response = result;
460
479
  for (const block of response.content) {
461
480
  if (block.type === "text") {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "kubeagent",
3
- "version": "0.1.21",
3
+ "version": "0.1.23",
4
4
  "description": "AI-powered Kubernetes management CLI",
5
5
  "license": "SEE LICENSE IN LICENSE",
6
6
  "type": "module",