feat(cli): keychain storage, encrypted offline cache, secret refs, watch, AI-agent guards#731
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
|
Thank you for following the naming conventions! 🙏 |
…nt guard Make shelve run the default secret-injection path so .env files don't need to live on disk where AI agents will read them. - Store CLI credentials in the OS keychain via @napi-rs/keyring with an XDG-compliant 0600 file fallback. Migrate the legacy ~/.shelve file silently on first read. Switch from rc9.readUser/writeUser to readUserConfig/writeUserConfig (the previous helpers are deprecated). - Encrypt the offline cache with AES-256-GCM at ~/.shelve/cache/<sha256(team:project:env)>.json.enc. The key is derived from the API token via HKDF, so revoking the token also kills cached copies. Add --offline, --no-cache, --cache-ttl flags and a transparent cache fallback when the API is unreachable. - Resolve shelve://<team>/<project>/<env>/<KEY> references from --template .env.template files; literal values pass through untouched so the template can be safely committed. - --watch polls Shelve for variable changes and sends SIGHUP to the child (let Vite/Nuxt/Next reload), or use --restart-on-change to kill and respawn the child. - shelve init writes .cursorignore / .aiderignore / .codeiumignore / .continueignore and a shelve-managed block in .gitignore. shelve pull detects AI-agent env (CURSOR_TRACE_ID, AIDER_VERSION, CLAUDECODE, ...) and prompts before writing plaintext secrets.
- spawnChild is now sync (matches cli-subprocess); update WatchOpts type and watch loop accordingly. - Bail with handleCancel when no env can be resolved (was passing string | undefined into typed APIs). - Add explicit return type on the keyring factory closure. - Auto-fixed quote style in secret-refs.
HugoRCD
force-pushed
the
feat/v5-cli-runtime-ux
branch
from
211cc18 to
a7b849e
Compare
commit: |
Drop our hand-rolled `utils/agent.ts` (8 envvar heuristics + brittle TERM_PROGRAM checks) in favor of `std-env` which already detects 11 agents (cursor, claude, devin, replit, gemini, codex, auggie, opencode, kiro, goose, pi), is maintained by unjs, ships in our transitive deps anyway, and supports `AI_AGENT=<name>` for explicit override in tests/CI.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Make `shelve run` the default secret-injection path so `.env` files no longer need to live on disk, then close every UX gap that previously made `run` painful.
OS keychain storage
/.config/.shelve`, mode `0600`) and the legacy `/.shelve` is migrated automatically on first read.Encrypted offline cache
Secret references
Watch mode
AI-agent guards
Direct response to the Infisical post on AI agents siphoning `.env` files.
Test plan
/.shelve` users: silent migration to `/.config/.shelve`, original file removed.