attune-system/attune
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[wip] cli capability parity
Some checks failed
CI / Rustfmt (push) Successful in 23s
Details
CI / Cargo Audit & Deny (push) Successful in 30s
Details
CI / Web Blocking Checks (push) Successful in 48s
Details
CI / Security Blocking Checks (push) Successful in 8s
Details
CI / Clippy (push) Failing after 1m55s
Details
CI / Web Advisory Checks (push) Successful in 35s
Details
CI / Security Advisory Checks (push) Successful in 37s
Details
CI / Tests (push) Successful in 8m5s
Details

Browse Source
This commit is contained in:
David Culbreth
2026-03-06 16:58:50 -06:00
parent 48b6ca6bd7
commit 87d830f952
94 changed files with 3694 additions and 734 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
work-summary/2025-02-05-secure-parameter-delivery.md
View File

@@ -139,7 +139,7 @@ New utility module providing:
- Temporary files created with restrictive permissions (owner read-only)
- Automatic cleanup of temporary files
- Proper escaping of special characters in dotenv format
- Delimiter (`---ATTUNE_PARAMS_END---`) separates parameters from secrets in stdin
- Single-document delivery (secrets merged into parameters)
**Test Coverage**: Comprehensive unit tests for all formatting and delivery methods
@@ -252,11 +252,9 @@ import sys
import json
def read_stdin_params():
content = sys.stdin.read()
parts = content.split('---ATTUNE_PARAMS_END---')
params = json.loads(parts[0].strip()) if parts[0].strip() else {}
secrets = json.loads(parts[1].strip()) if len(parts) > 1 and parts[1].strip() else {}
return {**params, **secrets}
"""Read parameters from stdin. Secrets are already merged into parameters."""
content = sys.stdin.read().strip()
return json.loads(content) if content else {}
params = read_stdin_params()
api_key = params.get('api_key') # Secure - not in process list!