zhi
ddaea57f2d
pass_mgr: - Complete rewrite using build-time AES key (injected via ldflags) - New command format: get-secret/get-username --key, set --key --secret - Admin commands: init, handoff, init-from (rejected when AGENT_* env set) - Inline pcguard check for agent commands - Legacy 'get <key>' kept for backward compat - Storage: pc-pass-store/<agent-id>/<key>.gpg with AES-256-GCM - Admin password stored as SHA-256 hash in .pass_mgr/admin.json pcexec.ts: - Support new 'get-secret --key' pattern alongside legacy 'get <key>' - Pass environment to fetchPassword for pcguard validation - Deduplicate matches, sanitize all resolved passwords from output install.mjs: - Generate random 32-byte hex build secret (.build-secret) - Reuse existing secret on rebuilds - Pass to go build via -ldflags -X main.buildSecret=<secret> README.md: - Document new pass_mgr command format - Document admin handoff/init-from workflow - Document security model limitations - Update project structure
37 lines
315 B
Plaintext
37 lines
315 B
Plaintext
# Dependencies
|
|
node_modules/
|
|
*.log
|
|
|
|
# Build outputs
|
|
dist/
|
|
*.exe
|
|
*.dll
|
|
*.so
|
|
*.dylib
|
|
|
|
# Environment
|
|
.env
|
|
.env.local
|
|
|
|
# IDE
|
|
.vscode/
|
|
.idea/
|
|
*.swp
|
|
*.swo
|
|
|
|
# OS
|
|
.DS_Store
|
|
Thumbs.db
|
|
|
|
# Go
|
|
*.o
|
|
*.a
|
|
*.test
|
|
vendor/
|
|
|
|
# Lock files (sub-packages)
|
|
plugin/package-lock.json
|
|
|
|
# Build secret (generated by install.mjs)
|
|
.build-secret
|