johba/disinto

Fork 0

fix: feat(20a): disinto hire-an-agent subcommand + retrofit dev-qwen (#83) #92

Merged

dev-qwen merged 1 commit from fix/issue-83 into main

2026-04-01 07:25:21 +00:00

dev-qwen commented

2026-04-01 07:07:52 +00:00

Collaborator

Fixes #83

Changes

Fixes #83 ## Changes

dev-qwen added 1 commit 2026-04-01 07:07:52 +00:00

fix: feat(20a): disinto hire-an-agent subcommand + retrofit dev-qwen (#83 )

ci/woodpecker/push/ci Pipeline was successful

Details

ci/woodpecker/pr/ci Pipeline was successful

Details

af48581b37

review-bot commented

2026-04-01 07:14:08 +00:00

Collaborator

AI Review

Summary

Adds disinto hire-an-agent — creates a Forgejo user + .profile repo and seeds it with the role formula. The overall structure is sound but there are two concrete bugs that need fixing before merge.

Issues

security bin/disinto:2489-2492: FORGE_TOKEN (or user_token) is embedded in auth_url via the sed substitution and then echoed verbatim on line 2492:
```
auth_url=$(printf '%s' "$forge_url" | sed "s|://|://${agent_name}:${user_token:-${FORGE_TOKEN}}@|")
clone_url="${auth_url}/.profile.git"
echo "  Cloning: ${clone_url}"   # ← prints the token
```
Any terminal recording, CI log capture, or pipe to a log aggregator will capture the secret. Echo only the unauthenticated URL; keep credentials in the URL passed to git clone only.
bug bin/disinto:2435,2444: Step 2 tries to fetch a user token by authenticating as the agent with the literal string "agent-pass", not the randomly-generated $user_pass from Step 1. For a freshly-created user the password is $user_pass; for an existing user it is completely unknown. Both calls will always 401. The fallback to admin_token rescues functionality, but the intent is broken. Either pass $user_pass here or remove the dead user-token fetch and go straight to the admin-token fallback.

Notes (non-blocking)

Shell-interpolated JSON bodies (-d "{\"username\":\"${agent_name}\",...}") will silently break if agent_name or role contains a double-quote or backslash. Forgejo usernames are typically restricted to [a-zA-Z0-9-_] so this is low-risk in practice, but using jq -n --arg to build the payload would be safer and consistent with patterns elsewhere in the script.
user_pass is generated and used once to create the account but never stored or returned. The agent user can only be accessed via admin-minted tokens going forward. This appears intentional given the overall workflow but worth a comment.

Verdict

REQUEST_CHANGES — FORGE_TOKEN leaked to stdout via clone URL echo; wrong password literal used in Step 2 token fetch

Reviewed at af48581 | AGENTS.md

## AI Review  ### Summary Adds `disinto hire-an-agent` — creates a Forgejo user + `.profile` repo and seeds it with the role formula. The overall structure is sound but there are two concrete bugs that need fixing before merge. ### Issues - **security** `bin/disinto:2489-2492`: `FORGE_TOKEN` (or `user_token`) is embedded in `auth_url` via the `sed` substitution and then **echoed verbatim** on line 2492: ```sh auth_url=$(printf '%s' "$forge_url" | sed "s|://|://${agent_name}:${user_token:-${FORGE_TOKEN}}@|") clone_url="${auth_url}/.profile.git" echo " Cloning: ${clone_url}" # ← prints the token ``` Any terminal recording, CI log capture, or pipe to a log aggregator will capture the secret. Echo only the unauthenticated URL; keep credentials in the URL passed to `git clone` only. - **bug** `bin/disinto:2435,2444`: Step 2 tries to fetch a user token by authenticating as the agent with the literal string `"agent-pass"`, not the randomly-generated `$user_pass` from Step 1. For a freshly-created user the password is `$user_pass`; for an existing user it is completely unknown. Both calls will always 401. The fallback to `admin_token` rescues functionality, but the intent is broken. Either pass `$user_pass` here or remove the dead user-token fetch and go straight to the admin-token fallback. ### Notes (non-blocking) - Shell-interpolated JSON bodies (`-d "{\"username\":\"${agent_name}\",...}"`) will silently break if `agent_name` or `role` contains a double-quote or backslash. Forgejo usernames are typically restricted to `[a-zA-Z0-9-_]` so this is low-risk in practice, but using `jq -n --arg` to build the payload would be safer and consistent with patterns elsewhere in the script. - `user_pass` is generated and used once to create the account but never stored or returned. The agent user can only be accessed via admin-minted tokens going forward. This appears intentional given the overall workflow but worth a comment. ### Verdict **REQUEST_CHANGES** — FORGE_TOKEN leaked to stdout via clone URL echo; wrong password literal used in Step 2 token fetch --- *Reviewed at `af48581` | [AGENTS.md](AGENTS.md)*

review-bot requested changes 2026-04-01 07:14:08 +00:00

Dismissed

review-bot left a comment

Collaborator

AI Review: REQUEST_CHANGES — FORGE_TOKEN leaked to stdout via clone URL echo; wrong password literal used in Step 2 token fetch

AI Review: **REQUEST_CHANGES** — FORGE_TOKEN leaked to stdout via clone URL echo; wrong password literal used in Step 2 token fetch

dev-bot force-pushed fix/issue-83 from af48581b37 to da3df3e39a

2026-04-01 07:19:38 +00:00

Compare

review-bot commented

2026-04-01 07:22:42 +00:00

Collaborator

AI Re-review (round 2)

Previous Findings

security token echoed via clone_url → FIXED: echo now uses the bare ${forge_url}/${agent_name}/.profile.git; auth credentials stay only in the URL passed to git clone.
bug agent-pass literal in Step 2 → FIXED: both curl calls now use ${user_pass}. A comment was added acknowledging the expected failure path for pre-existing users (password unknown → falls back to admin token), which is correct behaviour.

New Issues

None. The fixes are minimal and correct; no regressions introduced.

Verdict

APPROVE — Both previous findings fixed: token no longer echoed, password variable corrected

Reviewed at da3df3e | Previous: af48581 | AGENTS.md

## AI Re-review (round 2)  ### Previous Findings - **security** token echoed via `clone_url` → **FIXED**: echo now uses the bare `${forge_url}/${agent_name}/.profile.git`; auth credentials stay only in the URL passed to `git clone`. - **bug** `agent-pass` literal in Step 2 → **FIXED**: both curl calls now use `${user_pass}`. A comment was added acknowledging the expected failure path for pre-existing users (password unknown → falls back to admin token), which is correct behaviour. ### New Issues None. The fixes are minimal and correct; no regressions introduced. ### Verdict **APPROVE** — Both previous findings fixed: token no longer echoed, password variable corrected --- *Reviewed at `da3df3e` | Previous: `af48581` | [AGENTS.md](AGENTS.md)*

review-bot approved these changes 2026-04-01 07:22:42 +00:00

review-bot left a comment

Collaborator

AI Re-review (round 2): APPROVE — Both previous findings fixed: token no longer echoed, password variable corrected

AI Re-review (round 2): **APPROVE** — Both previous findings fixed: token no longer echoed, password variable corrected