You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Fix documentation and security issues from PR #71 review
- Fix CLI version in README (0.1.0 → 0.2.0)
- Update 16 path references in AGENTS.md (.codeforge/ → defaults/codeforge/)
- Replace unsafe eval pattern with getent passwd in 9 install scripts
The eval echo "~$USERNAME" pattern could theoretically allow command
injection if username validation were removed in future changes.
Using getent passwd is safer and matches the pattern already used
in codex-cli/install.sh.
Config files deploy via `.codeforge/file-manifest.json` on every container start. Most deploy to `~/.claude/`; ccstatusline config deploys to `~/.config/ccstatusline/`. Each entry supports `overwrite`: `"if-changed"` (default, sha256), `"always"`, or `"never"`. Supported variables: `${CLAUDE_CONFIG_DIR}`, `${WORKSPACE_ROOT}`, `${HOME}`.
19
+
Config files deploy via `defaults/codeforge/file-manifest.json` on every container start. Most deploy to `~/.claude/`; ccstatusline config deploys to `~/.config/ccstatusline/`. Each entry supports `overwrite`: `"if-changed"` (default, sha256), `"always"`, or `"never"`. Supported variables: `${CLAUDE_CONFIG_DIR}`, `${WORKSPACE_ROOT}`, `${HOME}`.
20
20
21
21
## Commands
22
22
@@ -62,11 +62,11 @@ Declared in `settings.json` under `enabledPlugins`, auto-activated on start:
62
62
63
63
## Rules System
64
64
65
-
Rules in `.codeforge/config/rules/` deploy to `.claude/rules/` on every container start. They load into ALL sessions automatically.
65
+
Rules in `defaults/codeforge/config/rules/` deploy to `.claude/rules/` on every container start. They load into ALL sessions automatically.
**Adding rules:** Create `.md` in `.codeforge/config/rules/`, add a manifest entry in `.codeforge/file-manifest.json`.
69
+
**Adding rules:** Create `.md` in `defaults/codeforge/config/rules/`, add a manifest entry in `defaults/codeforge/file-manifest.json`.
70
70
71
71
## Authentication & Persistence
72
72
@@ -76,19 +76,19 @@ The `~/.claude/` directory is backed by a Docker named volume (`codeforge-claude
76
76
77
77
Codex CLI credentials (`~/.codex/`) are backed by a separate Docker named volume (`codeforge-codex-config-${devcontainerId}`). Set `OPENAI_API_KEY` in `.devcontainer/.secrets` (or as a Codespaces secret) for automatic API key injection, or run `codex` interactively for browser-based ChatGPT OAuth.
78
78
79
-
**Claude Code Router:** Set provider API keys (`ANTHROPIC_API_KEY`, `DEEPSEEK_API_KEY`, `GEMINI_API_KEY`, `OPENROUTER_API_KEY`) in `.devcontainer/.secrets`. Keys are exported as env vars on container start and read at runtime by the router's `$ENV_VAR` interpolation in `~/.claude-code-router/config.json`. Edit routing rules in `.codeforge/config/claude-code-router.json` and run `ccr-apply` to redeploy.
79
+
**Claude Code Router:** Set provider API keys (`ANTHROPIC_API_KEY`, `DEEPSEEK_API_KEY`, `GEMINI_API_KEY`, `OPENROUTER_API_KEY`) in `.devcontainer/.secrets`. Keys are exported as env vars on container start and read at runtime by the router's `$ENV_VAR` interpolation in `~/.claude-code-router/config.json`. Edit routing rules in `defaults/codeforge/config/claude-code-router.json` and run `ccr-apply` to redeploy.
80
80
81
81
## Modifying Behavior
82
82
83
-
1.**Change model**: Edit `.codeforge/config/settings.json` → `"model"` field
84
-
2.**Change system prompt**: Edit `.codeforge/config/main-system-prompt.md`
85
-
3.**Add config file**: Place in `.codeforge/config/`, add entry to `.codeforge/file-manifest.json`
83
+
1.**Change model**: Edit `defaults/codeforge/config/settings.json` → `"model"` field
84
+
2.**Change system prompt**: Edit `defaults/codeforge/config/main-system-prompt.md`
85
+
3.**Add config file**: Place in `defaults/codeforge/config/`, add entry to `defaults/codeforge/file-manifest.json`
86
86
4.**Add features**: Add to `"features"` in `devcontainer.json`
87
87
5.**Disable features**: Set `"version": "none"` in the feature's config
88
88
6.**Disable setup steps**: Set flags to `false` in `.env`
89
-
7.**Customize status bar**: Edit `.codeforge/config/ccstatusline-settings.json`
89
+
7.**Customize status bar**: Edit `defaults/codeforge/config/ccstatusline-settings.json`
90
90
8.**Lock Claude Code version**: Set `CLAUDE_VERSION_LOCK=2.1.80` in `.env` — the update script installs that exact version on container start instead of updating to latest. Unset to resume auto-updates.
91
-
9.**Disable individual hooks**: Add script name (without `.py`) to `disabled` array in `.codeforge/config/disabled-hooks.json` — takes effect immediately, no restart needed
91
+
9.**Disable individual hooks**: Add script name (without `.py`) to `disabled` array in `defaults/codeforge/config/disabled-hooks.json` — takes effect immediately, no restart needed
0 commit comments