cexll/myclaude
1
0
Fork 0
mirror of https://github.com/cexll/myclaude.git synced 2026-02-05 02:30:26 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
4d69c8aef174ba79b6ed50456abb2435cec6791a
myclaude/codeagent-wrapper
History
ben 4d69c8aef1 fix: allow claude backend to read env from setting.json while preventing recursion (#92) 
* fix: allow claude backend to read env from setting.json while preventing recursion

Fixes #89

Problem:
- --setting-sources "" prevents claude from reading ~/.claude/setting.json env
- Removing it causes infinite recursion via skills/commands/agents loading

Solution:
- Keep --setting-sources "" to block all config sources
- Add loadMinimalEnvSettings() to extract only env from setting.json
- Pass env explicitly via --settings parameter
- Update tests to validate dynamic --settings parameter

Benefits:
- Claude backend can access ANTHROPIC_API_KEY and other env vars
- Skills/commands/agents remain blocked, preventing recursion
- Graceful degradation if setting.json doesn't exist

Generated with SWE-Agent.ai

Co-Authored-By: SWE-Agent.ai <noreply@swe-agent.ai>

* security: pass env via process environment instead of command line

Critical security fix for issue #89:
- Prevents ANTHROPIC_API_KEY leakage in process command line (ps)
- Prevents sensitive values from being logged in wrapper logs

Changes:
1. executor.go:
   - Add SetEnv() method to commandRunner interface
   - realCmd merges env with os.Environ() and sets to cmd.Env
   - All test mocks implement SetEnv()

2. backend.go:
   - Change loadMinimalEnvSettings() to return map[string]string
   - Use os.UserHomeDir() instead of os.Getenv("HOME")
   - Add 1MB file size limit check
   - Only accept string values in env (reject non-strings)
   - Remove --settings parameter (no longer in command line)

3. Tests:
   - Add loadMinimalEnvSettings() unit tests
   - Remove --settings validation (no longer in args)
   - All test mocks implement SetEnv()

Security improvements:
- No sensitive values in argv (safe from ps/logs)
- Type-safe env parsing (string-only)
- File size limit prevents memory issues
- Graceful degradation if setting.json missing

Tests: All pass (30.912s)

Generated with SWE-Agent.ai

Co-Authored-By: SWE-Agent.ai <noreply@swe-agent.ai>

---------

Co-authored-by: SWE-Agent.ai <noreply@swe-agent.ai>
2025-12-21 20:16:57 +08:00
..
.gitignore
fix(codeagent-wrapper): remove binary artifacts and improve error messages
2025-12-12 14:41:54 +08:00
backend_test.go
fix: allow claude backend to read env from setting.json while preventing recursion (#92)
2025-12-21 20:16:57 +08:00
backend.go
fix: allow claude backend to read env from setting.json while preventing recursion (#92)
2025-12-21 20:16:57 +08:00
bench_test.go
feat: implement enterprise workflow with multi-backend support
2025-12-09 15:53:31 +08:00
concurrent_stress_test.go
feat: add millisecond-precision timestamps to all log entries (#91)
2025-12-21 18:57:27 +08:00
config.go
fix: comprehensive security and quality improvements for PR #85 & #87 (#90)
2025-12-21 18:01:20 +08:00
executor_concurrent_test.go
fix: allow claude backend to read env from setting.json while preventing recursion (#92)
2025-12-21 20:16:57 +08:00
executor.go
fix: allow claude backend to read env from setting.json while preventing recursion (#92)
2025-12-21 20:16:57 +08:00
filter_test.go
fix(gemini): filter noisy stderr output from gemini backend (#83)
2025-12-19 20:50:21 +08:00
filter.go
fix(gemini): filter noisy stderr output from gemini backend (#83)
2025-12-19 20:50:21 +08:00
go.mod
feat: implement enterprise workflow with multi-backend support
2025-12-09 15:53:31 +08:00
log_writer_limit_test.go
fix(parser): 修复 bufio.Scanner token too long 错误 (#64)
2025-12-15 13:19:51 +08:00
logger_additional_coverage_test.go
fix(executor): isolate log files per task in parallel mode
2025-12-16 10:05:54 +08:00
logger_suffix_test.go
fix: 修复多 backend 并行日志 PID 混乱并移除包装格式 (#74) (#76)
2025-12-17 10:33:38 +08:00
logger_test.go
fix: 修复多 backend 并行日志 PID 混乱并移除包装格式 (#74) (#76)
2025-12-17 10:33:38 +08:00
logger.go
feat: add millisecond-precision timestamps to all log entries (#91)
2025-12-21 18:57:27 +08:00
main_integration_test.go
fix(executor): isolate log files per task in parallel mode
2025-12-16 10:05:54 +08:00
main_test.go
fix: allow claude backend to read env from setting.json while preventing recursion (#92)
2025-12-21 20:16:57 +08:00
main.go
Improve backend termination after message and extend timeout (#86)
2025-12-21 15:55:01 +08:00
parser_token_too_long_test.go
Improve backend termination after message and extend timeout (#86)
2025-12-21 15:55:01 +08:00
parser.go
Improve backend termination after message and extend timeout (#86)
2025-12-21 15:55:01 +08:00
process_check_test.go
Merge branch 'master' into rc/5.2
2025-12-09 16:03:44 +08:00
process_check_unix.go
Merge branch 'master' into rc/5.2
2025-12-09 16:03:44 +08:00
process_check_windows.go
Merge branch 'master' into rc/5.2
2025-12-09 16:03:44 +08:00
utils.go
fix(parser): 修复 bufio.Scanner token too long 错误 (#64)
2025-12-15 13:19:51 +08:00
wrapper_name_test.go
feat(codeagent-wrapper): 完整多后端支持与安全优化
2025-12-11 16:09:33 +08:00
wrapper_name.go
feat(codeagent-wrapper): 完整多后端支持与安全优化
2025-12-11 16:09:33 +08:00