100 lines
3 KiB
Markdown
100 lines
3 KiB
Markdown
# Phase 2: Env Audit and CLI Polish - Discussion Log
|
|
|
|
> **Audit trail only.** Do not use as input to planning, research, or execution agents.
|
|
> Decisions are captured in CONTEXT.md — this log preserves the alternatives considered.
|
|
|
|
**Date:** 2026-04-09
|
|
**Phase:** 02-env-audit-and-cli-polish
|
|
**Areas discussed:** Env audit display format, Confirmation and non-interactive behavior
|
|
|
|
---
|
|
|
|
## Env Audit Display Format
|
|
|
|
### Grouping
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Grouped by source | Three sections: Sandbox-generated, Host (allowlisted), Extra (CLAUDEBOX_EXTRA_ENV) | ✓ |
|
|
| Flat key=value list | Simple sorted list, no categories | |
|
|
| You decide | Claude's discretion | |
|
|
|
|
**User's choice:** Grouped by source
|
|
**Notes:** User wants PATH split by `:` with one entry per line. Wants automatic spacing and color coding.
|
|
|
|
### Color/Formatting
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| gum (Charm TUI) | Rich formatting, handles terminal detection, adds ~15MB | |
|
|
| Plain ANSI codes | printf with escape sequences, zero dependencies | ✓ |
|
|
| You decide | Claude's discretion | |
|
|
|
|
**User's choice:** Plain ANSI codes
|
|
**Notes:** User initially considered gum but chose zero-dependency approach.
|
|
|
|
### Value Masking
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Mask sensitive values | Pattern-match on var name, show first 7 + last 4 chars | ✓ |
|
|
| Show full values | Display everything as-is | |
|
|
| You decide | Claude's discretion | |
|
|
|
|
**User's choice:** Mask sensitive values
|
|
**Notes:** User asked about dependency for secret detection. Decided pattern-matching on var names is sufficient.
|
|
|
|
### Masking Approach
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Pattern-match var names | Regex: *KEY*, *TOKEN*, *SECRET*, *PASSWORD*, *CREDENTIAL* | ✓ |
|
|
| Hardcoded list | Only mask ANTHROPIC_API_KEY specifically | |
|
|
|
|
**User's choice:** Pattern-match var names
|
|
|
|
---
|
|
|
|
## Confirmation and Non-Interactive Behavior
|
|
|
|
### Prompt Style
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| y/N prompt | Default abort, user must type 'y' | |
|
|
| Y/n prompt | Default proceed, Enter launches | ✓ |
|
|
| You decide | Claude's discretion | |
|
|
|
|
**User's choice:** Y/n prompt (default proceed)
|
|
|
|
### Non-TTY Behavior
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Auto-proceed | Behave as if --yes in non-interactive | |
|
|
| Abort if no TTY | Refuse to run without explicit --yes | ✓ |
|
|
| You decide | Claude's discretion | |
|
|
|
|
**User's choice:** Abort if no TTY — forces scripts to opt-in with --yes
|
|
|
|
### Output Destination
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| stderr | Audit and prompt to stderr, stdout clean | ✓ |
|
|
| stdout | Everything to stdout | |
|
|
|
|
**User's choice:** stderr
|
|
|
|
---
|
|
|
|
## Claude's Discretion
|
|
|
|
- `--dry-run` output format
|
|
- `--check` diagnostic depth and format
|
|
- Exact ANSI color choices
|
|
- Flag parsing order
|
|
|
|
## Deferred Ideas
|
|
|
|
None
|