npm - openkitt - Versions diffs - 0.3.14 → 0.3.18 - Mend

openkitt 0.3.14 → 0.3.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -11,7 +11,7 @@ KITT is an interactive terminal interface that scaffolds full-stack monorepos, a
   _  /| | __/ /  _  /   _  /
   /_/ |_| /___/  /_/    /_/
-  KITT v0.1.0 — AI-Powered App Scaffolding CLI
+  KITT v0.3.17 — AI-Powered App Scaffolding CLI
 ```
 ---
@@ -35,12 +35,12 @@ KITT eliminates that tax. It scaffolds a production-ready monorepo in one comman
 ## Features
 - **Interactive REPL** with tab-completion and ghost text suggestions
-- **AI scaffolding** — uses your LLM key (Anthropic, OpenAI, or Gemini) to generate app code, wire integrations, and provision Railway infrastructure
+- **AI scaffolding** — uses your LLM key (Anthropic, OpenAI, Gemini, or GitHub Copilot) to generate app code, wire integrations, and provision Railway infrastructure
 - **Monorepo workspace** with `apps/` and `packages/` following convention
 - **Framework support**: TanStack Start, Next.js, Hono, Express
 - **Integration catalog**: databases, auth, payments, email, queues, caching, UI, analytics, testing
 - **Version management** — pin integration versions, check for updates, apply selectively
-- **Secret scan** — blocks deploys if `.env` files containing secrets would be committed
+- **Sandbox & secret scan** — stages LLM-generated files for review before writing to disk; blocks deploys if `.env` files containing secrets would be committed
 - **Non-interactive mode** — scriptable via `--run` flag for CI pipelines
 - **Auto update check** — notifies on new releases at startup
@@ -50,7 +50,11 @@ KITT eliminates that tax. It scaffolds a production-ready monorepo in one comman
 - Node.js ≥ 20
 - [Railway CLI](https://docs.railway.app/develop/cli) installed and authenticated
-- API key for one of: Anthropic, OpenAI, or Gemini
+- One of the following LLM providers configured:
+  - **Anthropic** — API key (claude-sonnet-4-5, claude-opus-4-5, claude-3-5-haiku)
+  - **OpenAI** — API key (gpt-4o, gpt-4o-mini, o1, o1-mini)
+  - **Gemini** — API key (gemini-2.0-flash, gemini-2.0-flash-lite, gemini-1.5-pro)
+  - **GitHub Copilot** — device OAuth flow (claude-haiku-4.5, gpt-4.1, claude-sonnet-4.6, claude-opus-4.6)
 ---
@@ -70,7 +74,7 @@ npx openkitt
 kitt > /login
 ```
-This walks you through Railway authentication (browser OAuth) and LLM provider setup (provider, model, API key). You only do this once — credentials are stored locally.
+This walks you through Railway authentication (browser OAuth) and LLM provider setup (provider, model, API key or GitHub Copilot device flow). You only do this once — credentials are stored locally.
 ### 2. Initialize a workspace
@@ -130,8 +134,9 @@ Selects the app, generates `railway.toml` if needed, scans for exposed secrets,
 |---|---|
 | `/login` | Full auth setup — Railway + LLM in one flow |
 | `/login railway` | Authenticate with Railway only |
-| `/login llm` | Configure LLM provider, model, and API key |
-| `/login model` | Switch model without re-entering your key |
+| `/login llm` | Configure LLM provider, model, and auth method |
+| `/login model` | Switch active model without re-entering your key |
+| `/login status` | Show current auth status for Railway and LLM |
 | `/logout` | Remove all stored credentials |
 ### Workspace
@@ -153,6 +158,7 @@ Selects the app, generates `railway.toml` if needed, scans for exposed secrets,
 | `/deploy:template <name>` | Provision infrastructure — `PostgreSQL`, `MySQL`, `Redis`, `MinIO` |
 | `/env:create <name>` | Create a new Railway environment |
 | `/env:vars [service]` | List environment variables for a service |
+| `/env:vars set [service] <key> <value>` | Set an environment variable |
 | `/domain [appName]` | Generate or show the Railway domain for an app |
 | `/logs [appName]` | Tail deployment logs |
 | `/status` | Show workspace status and Railway deployment health |
@@ -219,16 +225,18 @@ KITT supports scriptable execution via `--run`:
 npx openkitt --run "deploy my-app" --yes --env production
 ```
-State-changing commands (`init`, `create`, `delete`, `deploy`, `env:create`, `env:vars`, `domain`) require `--yes` in non-interactive mode.
+State-changing commands (`init`, `create`, `delete`, `deploy`, `deploy:template`, `env:create`, `env:vars`, `domain`) require `--yes` in non-interactive mode.
 ---
 ## How it works
-KITT uses an LLM (via your API key) together with Railway's [MCP server](https://github.com/railwayapp/mcp-server) to perform Railway operations — creating projects, provisioning services, setting environment variables, and deploying. The LLM orchestrates MCP tool calls; KITT acts as the secure intermediary, enforcing a project-scoped guard so operations are confined to your linked Railway project.
+KITT uses an LLM (via your API key or GitHub Copilot) together with Railway's [MCP server](https://github.com/railwayapp/mcp-server) to perform Railway operations — creating projects, provisioning services, setting environment variables, and deploying. The LLM orchestrates MCP tool calls; KITT acts as the secure intermediary, enforcing a project-scoped guard so operations are confined to your linked Railway project.
 For `hono` and `expressjs` apps, scaffolding is fully static — the LLM generates code at creation time only. For `tanstack-start` and `nextjs`, full server and client capabilities are available.
+Generated code is staged to `.kitt/staging/` for review before being written to disk. A security scanner validates files for suspicious patterns, path traversal, and restricted file types before applying changes.
 ---
 ## License