thevoidforge 21.0.13 → 21.0.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { request as httpsRequest } from 'node:https';
|
|
2
2
|
import { addRoute } from '../router.js';
|
|
3
|
-
import { vaultSet, vaultExists, vaultUnlock, vaultKeys, vaultPath, vaultLock } from '../lib/vault.js';
|
|
3
|
+
import { vaultSet, vaultGet, vaultExists, vaultUnlock, vaultKeys, vaultPath, vaultLock } from '../lib/vault.js';
|
|
4
4
|
import { parseJsonBody } from '../lib/body-parser.js';
|
|
5
5
|
import { clearModelCache } from '../lib/anthropic.js';
|
|
6
6
|
import { sendJson } from '../lib/http-helpers.js';
|
|
@@ -183,11 +183,16 @@ addRoute('POST', '/api/credentials/unlock', async (req, res) => {
|
|
|
183
183
|
clearVaultFailures(ip);
|
|
184
184
|
sessionPassword = body.password;
|
|
185
185
|
touchVaultAccess(); // SEC-R2-004: Start auto-lock timer
|
|
186
|
-
// Check what's already stored
|
|
186
|
+
// Check what's already stored + load API key into process.env for PTY sessions
|
|
187
187
|
let hasAnthropic = false;
|
|
188
188
|
try {
|
|
189
189
|
const keys = await vaultKeys(sessionPassword);
|
|
190
190
|
hasAnthropic = keys.includes('anthropic-api-key');
|
|
191
|
+
if (hasAnthropic) {
|
|
192
|
+
const storedKey = await vaultGet(sessionPassword, 'anthropic-api-key');
|
|
193
|
+
if (storedKey)
|
|
194
|
+
process.env['ANTHROPIC_API_KEY'] = storedKey;
|
|
195
|
+
}
|
|
191
196
|
}
|
|
192
197
|
catch {
|
|
193
198
|
// Fresh vault
|
|
@@ -220,6 +225,8 @@ addRoute('POST', '/api/credentials/anthropic', async (req, res) => {
|
|
|
220
225
|
return;
|
|
221
226
|
}
|
|
222
227
|
await vaultSet(sessionPassword, 'anthropic-api-key', apiKey);
|
|
228
|
+
// Make the key available to PTY sessions spawned by this server process
|
|
229
|
+
process.env['ANTHROPIC_API_KEY'] = apiKey;
|
|
223
230
|
clearModelCache();
|
|
224
231
|
sendJson(res, 200, { stored: true });
|
|
225
232
|
});
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
* Haku moves between worlds seamlessly.
|
|
7
7
|
*/
|
|
8
8
|
import { randomUUID } from 'node:crypto';
|
|
9
|
-
import { isRemoteMode } from './tower-auth.js';
|
|
9
|
+
import { isRemoteMode, isLanMode } from './tower-auth.js';
|
|
10
10
|
import { audit } from './audit-log.js';
|
|
11
11
|
// node-pty is a native module — dynamic import to handle missing installs gracefully
|
|
12
12
|
let pty = null;
|
|
@@ -34,7 +34,9 @@ const ALLOWED_INITIAL_COMMANDS = ['claude', 'claude --dangerously-skip-permissio
|
|
|
34
34
|
const BASE_SAFE_ENV_KEYS = ['PATH', 'HOME', 'SHELL', 'USER', 'LANG', 'LC_ALL', 'LC_CTYPE', 'TERM_PROGRAM', 'EDITOR', 'VISUAL', 'XDG_CONFIG_HOME', 'XDG_DATA_HOME', 'NVM_DIR', 'NVM_BIN', 'NVM_INC', 'TMPDIR', 'TEMP', 'SSH_AUTH_SOCK', 'COLORTERM'];
|
|
35
35
|
// FLOW-R2-007: Only pass ANTHROPIC_API_KEY in local mode
|
|
36
36
|
function getSafeEnvKeys() {
|
|
37
|
-
|
|
37
|
+
// Remote mode (internet-facing): exclude API key — operator's key must not leak
|
|
38
|
+
// Local + LAN mode: include API key — it's the user's own key on their network
|
|
39
|
+
if (isRemoteMode() && !isLanMode())
|
|
38
40
|
return BASE_SAFE_ENV_KEYS;
|
|
39
41
|
return [...BASE_SAFE_ENV_KEYS, 'ANTHROPIC_API_KEY'];
|
|
40
42
|
}
|
|
@@ -69,7 +71,7 @@ export async function createSession(projectDir, projectName, label, initialComma
|
|
|
69
71
|
}
|
|
70
72
|
}
|
|
71
73
|
const nodePty = await loadPty();
|
|
72
|
-
const shell = process.env['SHELL'] || '/bin/
|
|
74
|
+
const shell = process.env['SHELL'] || '/bin/bash';
|
|
73
75
|
const id = randomUUID();
|
|
74
76
|
// SEC-013: Build clean environment — no credential leakage into PTY
|
|
75
77
|
const safeEnv = {};
|