mosaicstack/stack
1
0
Fork 0
Code Issues 13 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

fix(mosaic): mask password input in TUI login prompt
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/pr/ci Pipeline was successful
Details

Browse Source 
The TUI login flow used a plain readline.question() for the password
prompt, which echoed characters to the terminal. Replaced with the
existing promptSecret() helper that uses TTY raw mode to suppress
echo — the same function already used by `mosaic gateway login`.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jarvis
2026-04-05 19:28:43 -05:00
parent 051de0d8a9
commit dd42b6079f
1 changed files with 3 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
packages/mosaic/src/cli.ts
View File

@@ -135,15 +135,11 @@ program
// No valid session — prompt for credentials // No valid session — prompt for credentials
if (!session) { if (!session) {
const readline = await import('node:readline'); const { promptLine, promptSecret } = await import('./commands/gateway/login.js');
const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
const ask = (q: string): Promise<string> =>
new Promise((resolve) => rl.question(q, resolve));
console.log(`Sign in to ${opts.gateway}`); console.log(`Sign in to ${opts.gateway}`);
const email = await ask('Email: '); const email = await promptLine('Email: ');
const password = await ask('Password: '); const password = await promptSecret('Password: ');
rl.close();
try { try {
const auth = await signIn(opts.gateway, email, password); const auth = await signIn(opts.gateway, email, password);