mosaicstack/stack
1
0
Fork 0
Code Issues 13 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

fix(mosaic): gateway token recovery review remediations (#414)
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/push/publish Pipeline was successful
Details

Browse Source
This commit was merged in pull request #414.
This commit is contained in:
jason.woltje
2026-04-05 06:13:29 +00:00
parent 3abd63ea5c
commit 119ff0eb1b
5 changed files with 90 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
packages/mosaic/src/commands/gateway.ts
View File

@@ -126,10 +126,18 @@ export function registerGatewayCommand(program: Command): void {
.description('Sign in to the gateway (defaults to URL from meta.json)')
.option('-g, --gateway <url>', 'Gateway URL (overrides meta.json)')
.option('-e, --email <email>', 'Email address')
.option('-p, --password <password>', 'Password')
.option(
'-p, --password <password>',
'[UNSAFE] Avoid — exposes credentials in shell history and process listings',
)
.action(async (cmdOpts: { gateway?: string; email?: string; password?: string }) => {
const { runLogin } = await import('./gateway/login.js');
const url = getGatewayUrl(cmdOpts.gateway);
if (cmdOpts.password) {
console.warn(
'Warning: --password flag exposes credentials in shell history and process listings.',
);
}
try {
await runLogin({ gatewayUrl: url, email: cmdOpts.email, password: cmdOpts.password });
} catch (err) {