UNPKG

@every-env/cli

Version:

Multi-agent orchestrator for AI-powered development workflows

github.com/every-env/docs

every-env/docs

108 lines (85 loc) 4.49 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# Changelog All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] ## [0.5.16] - 2025-07-28 ### Changed - Simplified agent configuration to only require CLI command and args array - Removed model, apiKeyEnv, enabled, and skipPermissions fields from agent configs - Added default dangerous/bypass flags for all agents to enable autonomous operation: - Claude: `--dangerously-skip-permissions` - Amp: `--dangerously-allow-all` - Codex: `--dangerously-bypass-approvals-and-sandbox` - Init command now auto-exits after showing success message ### Fixed - React hooks order error in InitPrompts component - Agent selection not being saved properly in interactive init ## [0.5.15] - 2025-07-24 ### Added - New `copy-commands` CLI command to copy workflow templates from npm package to user's project - File creation permissions for plan command - plan agent can now use Write tool to create files directly - Security enhancements for copy-commands including path validation and file type restrictions ### Changed - Plan command now uses Write tool instead of capturing stdout for better flexibility - CI workflow updated to build before running tests to fix test failures ### Fixed - Path validation in copy-commands to prevent directory traversal attacks - Error handling in copy-commands - now throws errors instead of calling process.exit() ## [0.5.14] - 2025-07-24 ### Changed - Removed automatic `--print` flag addition to enable interactive mode for all agents - Claude agents now run interactively by default, creating files directly instead of outputting to stdout - Removed `defaultFlags: ["--print"]` from template configuration - Updated stdout handling to only capture output when `--print` is explicitly set ### Security - Added comprehensive security measures to prevent command injection vulnerabilities - Implemented path traversal protection with strict validation - Added command allowlisting to restrict executable commands - Introduced resource limits (memory, timeout) for agent processes - Added environment variable filtering to prevent sensitive data exposure ### Added - New `PatternManager` class for simplified pattern execution - Security utility module (`src/utils/security.ts`) with validation functions - Resource limits configuration with sensible defaults - Proper process cleanup in `AgentManager` - Plan command integrated directly into CLI ### Changed - **BREAKING**: Simplified architecture by consolidating pattern system - Replaced `PatternRegistry`, `PatternResolver`, and `PatternLoader` with single `PatternManager` - Removed `BasePatternCommand` and `CommandRegistry` abstractions - Commands now implemented directly in CLI file - Removed `CommandPatternExecutor` - logic integrated into `PatternManager` - **BREAKING**: Removed namespace and override features from pattern system - **BREAKING**: Removed built-in pattern loading from `resources/patterns/` directory - Improved error handling with proper cleanup on process termination - Simplified pattern validation to only essential checks ### Removed - Command abstraction layer (`src/commands/` directory) - Pattern registry system (`src/patterns/registry/` directory) - Complex pattern resolution logic - Namespace isolation features - Built-in pattern override system - Unnecessary validation complexity ### Fixed - Critical security vulnerabilities in command execution - Memory leaks from processes not being properly cleaned up - Path traversal vulnerabilities in file operations - Uncontrolled resource consumption issues ### Performance - Reduced codebase size by 28% (from ~3,600 to 2,581 lines) - Simplified execution flow improves startup time - Removed unnecessary abstraction layers ## [0.5.1] - 2025-07-23 ### Changed - Previous release version ## [0.5.0] - 2025-07-22 ### Added - Initial pattern system implementation - Command registry for extensible commands - Built-in pattern support [Unreleased]: https://github.com/EveryInc/every-env/compare/v0.5.15...HEAD [0.5.15]: https://github.com/EveryInc/every-env/compare/v0.5.14...v0.5.15 [0.5.14]: https://github.com/EveryInc/every-env/compare/v0.5.1...v0.5.14 [0.5.1]: https://github.com/EveryInc/every-env/compare/v0.5.0...v0.5.1 [0.5.0]: https://github.com/EveryInc/every-env/releases/tag/v0.5.0