diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
index 7fe7576..d7c2655 100644
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@@ -58,7 +58,7 @@ jobs:
CLI_BINARY="Sources/Packages/.build/release/SecretiveCLI"
ENTITLEMENTS="Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements"
IDENTITY=$(security find-identity -p codesigning -v 2>/dev/null | grep "Developer ID Application" | head -n1 | awk -F'"' '{print $2}')
- codesign --force --options runtime --sign "$IDENTITY" --identifier "com.maxgoedjen.Secretive.Host" --entitlements "$ENTITLEMENTS" "$CLI_BINARY"
+ codesign --force --options runtime --sign "$IDENTITY" --identifier "com.cursorinternal.Secretive.Host" --entitlements "$ENTITLEMENTS" "$CLI_BINARY"
- name: Prepare Artifact Folder
run: |
mkdir -p Artifact/App
@@ -67,32 +67,32 @@ jobs:
cp Sources/Packages/.build/release/SecretiveCLI Artifact/CLI/secretive
- name: Build Installer Package
run: |
- pkgbuild --root Artifact/App --install-location /Applications --identifier com.maxgoedjen.Secretive.app --version 1.0 App.pkg
- pkgbuild --root Artifact/CLI --install-location /usr/local/bin --identifier com.maxgoedjen.Secretive.cli --version 1.0 CLI.pkg
+ pkgbuild --root Artifact/App --install-location /Applications --identifier com.cursorinternal.Secretive.app --version 1.0 App.pkg
+ pkgbuild --root Artifact/CLI --install-location /usr/local/bin --identifier com.cursorinternal.Secretive.cli --version 1.0 CLI.pkg
cat > distribution.xml << 'EOF'
Secretive
- com.maxgoedjen
+ com.cursorinternal
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
- App.pkg
- CLI.pkg
+ App.pkg
+ CLI.pkg
EOF
productbuild --distribution distribution.xml --package-path . Secretive-unsigned.pkg
diff --git a/.github/workflows/oneoff.yml b/.github/workflows/oneoff.yml
index 4c5da3c..0f7fe9d 100644
--- a/.github/workflows/oneoff.yml
+++ b/.github/workflows/oneoff.yml
@@ -22,7 +22,22 @@ jobs:
AGENT_PROFILE_DATA: ${{ secrets.AGENT_PROFILE_DATA }}
APPLE_API_KEY_DATA: ${{ secrets.APPLE_API_KEY_DATA }}
APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
- run: ./.github/scripts/signing.sh
+ run: |
+ echo $SIGNING_DATA | base64 -d -o Signing.p12
+ security create-keychain -p ci ci.keychain
+ security default-keychain -s ci.keychain
+ security list-keychains -s ci.keychain
+ security import ./Signing.p12 -k ci.keychain -P $SIGNING_PASSWORD -A
+ security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k ci ci.keychain
+ mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
+ echo $HOST_PROFILE_DATA | base64 -d -o Host.provisionprofile
+ HOST_UUID=$(grep UUID -A1 -a Host.provisionprofile | grep -io "[-A-F0-9]\{36\}")
+ cp Host.provisionprofile ~/Library/MobileDevice/Provisioning\ Profiles/$HOST_UUID.provisionprofile
+ echo $AGENT_PROFILE_DATA | base64 -d -o Agent.provisionprofile
+ AGENT_UUID=$(grep UUID -A1 -a Agent.provisionprofile | grep -io "[-A-F0-9]\{36\}")
+ cp Agent.provisionprofile ~/Library/MobileDevice/Provisioning\ Profiles/$AGENT_UUID.provisionprofile
+ mkdir ~/.private_keys
+ echo -n "$APPLE_API_KEY_DATA" > ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8
- name: Set Environment
run: sudo xcrun xcode-select -s /Applications/Xcode_26.1.app
- name: Update Build Number
@@ -33,32 +48,70 @@ jobs:
sed -i '' -e "s/GITHUB_CI_VERSION/0.0.0_oneoff-$DATE/g" Sources/Config/Config.xcconfig
sed -i '' -e "s/GITHUB_BUILD_NUMBER/1.$RUN_ID/g" Sources/Config/Config.xcconfig
sed -i '' -e "s/GITHUB_BUILD_URL/https:\/\/github.com\/maxgoedjen\/secretive\/actions\/runs\/$RUN_ID/g" Sources/Config/Config.xcconfig
- - name: Build
+ - name: Build App
run: xcrun xcodebuild -project Sources/Secretive.xcodeproj -scheme Secretive -configuration Release -archivePath Archive.xcarchive archive
- - name: Move to Artifact Folder
- run: mkdir Artifact; cp -r Archive.xcarchive/Products/Applications/Secretive.app Artifact
- - name: Upload App to Artifacts
- id: upload
- uses: actions/upload-artifact@v4
- with:
- name: Secretive
- path: Artifact
- - name: Download Zipped Artifact
- id: download
- env:
- ZIP_ID: ${{ steps.upload.outputs.artifact-id }}
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ - name: Build CLI
+ run: swift build -c release --product SecretiveCLI --package-path Sources/Packages
+ - name: Codesign CLI
run: |
- curl -L -H "Authorization: Bearer $GITHUB_TOKEN" -L \
- https://api.github.com/repos/maxgoedjen/secretive/actions/artifacts/$ZIP_ID/zip > Secretive.zip
+ CLI_BINARY="Sources/Packages/.build/release/SecretiveCLI"
+ ENTITLEMENTS="Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements"
+ IDENTITY=$(security find-identity -p codesigning -v 2>/dev/null | grep "Developer ID Application" | head -n1 | awk -F'"' '{print $2}')
+ codesign --force --options runtime --sign "$IDENTITY" --identifier "com.cursorinternal.Secretive.Host" --entitlements "$ENTITLEMENTS" "$CLI_BINARY"
+ - name: Prepare Artifact Folder
+ run: |
+ mkdir -p Artifact/App
+ mkdir -p Artifact/CLI
+ cp -r Archive.xcarchive/Products/Applications/Secretive.app Artifact/App/
+ cp Sources/Packages/.build/release/SecretiveCLI Artifact/CLI/secretive
+ - name: Build Installer Package
+ run: |
+ pkgbuild --root Artifact/App --install-location /Applications --identifier com.cursorinternal.Secretive.app --version 1.0 App.pkg
+ pkgbuild --root Artifact/CLI --install-location /usr/local/bin --identifier com.cursorinternal.Secretive.cli --version 1.0 CLI.pkg
+ cat > distribution.xml << 'EOF'
+
+
+ Secretive
+ com.cursorinternal
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ App.pkg
+ CLI.pkg
+
+ EOF
+ productbuild --distribution distribution.xml --package-path . Secretive-unsigned.pkg
+ INSTALLER_IDENTITY=$(security find-identity -p basic -v 2>/dev/null | grep "Developer ID Installer" | head -n1 | awk -F'"' '{print $2}')
+ productsign --sign "$INSTALLER_IDENTITY" Secretive-unsigned.pkg Secretive.pkg
- name: Notarize
env:
APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }}
- run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip
+ run: |
+ xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER --wait Secretive.pkg
+ xcrun stapler staple Secretive.pkg
+ - name: Upload Installer to Artifacts
+ id: upload
+ uses: actions/upload-artifact@v4
+ with:
+ name: Secretive.pkg
+ path: Secretive.pkg
- name: Attest
id: attest
uses: actions/attest-build-provenance@v2
with:
- subject-name: "Secretive.zip"
- subject-digest: sha256:${{ steps.upload.outputs.artifact-digest }}
+ subject-path: "Secretive.pkg"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index dca11bf..878a405 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -96,7 +96,7 @@ jobs:
CLI_BINARY="Sources/Packages/.build/release/SecretiveCLI"
ENTITLEMENTS="Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements"
IDENTITY=$(security find-identity -p codesigning -v 2>/dev/null | grep "Developer ID Application" | head -n1 | awk -F'"' '{print $2}')
- codesign --force --options runtime --sign "$IDENTITY" --identifier "com.maxgoedjen.Secretive.Host" --entitlements "$ENTITLEMENTS" "$CLI_BINARY"
+ codesign --force --options runtime --sign "$IDENTITY" --identifier "com.cursorinternal.Secretive.Host" --entitlements "$ENTITLEMENTS" "$CLI_BINARY"
- name: Prepare Artifact Folder
run: |
mkdir -p Artifact/App
@@ -105,32 +105,32 @@ jobs:
cp Sources/Packages/.build/release/SecretiveCLI Artifact/CLI/secretive
- name: Build Installer Package
run: |
- pkgbuild --root Artifact/App --install-location /Applications --identifier com.maxgoedjen.Secretive.app --version 1.0 App.pkg
- pkgbuild --root Artifact/CLI --install-location /usr/local/bin --identifier com.maxgoedjen.Secretive.cli --version 1.0 CLI.pkg
+ pkgbuild --root Artifact/App --install-location /Applications --identifier com.cursorinternal.Secretive.app --version 1.0 App.pkg
+ pkgbuild --root Artifact/CLI --install-location /usr/local/bin --identifier com.cursorinternal.Secretive.cli --version 1.0 CLI.pkg
cat > distribution.xml << 'EOF'
Secretive
- com.maxgoedjen
+ com.cursorinternal
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
- App.pkg
- CLI.pkg
+ App.pkg
+ CLI.pkg
EOF
productbuild --distribution distribution.xml --package-path . Secretive-unsigned.pkg
diff --git a/FAQ.md b/FAQ.md
index 7c22fdb..206df82 100644
--- a/FAQ.md
+++ b/FAQ.md
@@ -54,7 +54,7 @@ Secretive checks in with GitHub's releases API to check if there's a new version
### How do I uninstall Secretive?
-Drag Secretive.app to the trash and remove `~/Library/Containers/com.maxgoedjen.Secretive.SecretAgent`. `SecretAgent` may continue running until you quit it or reboot.
+Drag Secretive.app to the trash and remove `~/Library/Containers/com.cursorinternal.Secretive.SecretAgent`. `SecretAgent` may continue running until you quit it or reboot.
### I have a security issue
diff --git a/Makefile b/Makefile
index 104a6b4..86a77ac 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,11 @@
# Creates a dev package containing the Secretive app and CLI
-# Usage: make
+# Usage:
+# make - Build unsigned (no keychain/Secure Enclave access)
+# make SIGN=1 TEAM=XXXXXX - Build with development signing (enables keychain access)
+#
+# To find your team ID, run:
+# security find-identity -v -p codesigning
+# Look for "Apple Development: Your Name (TEAMID)" - the TEAMID is in parentheses at the end
PROJECT_DIR := $(abspath $(dir $(lastword $(MAKEFILE_LIST))))
BUILD_DIR := $(PROJECT_DIR)/build
@@ -16,26 +22,51 @@ FINAL_PKG := $(BUILD_DIR)/Secretive-dev-unsigned.pkg
XCODEBUILD := xcodebuild -project $(PROJECT_DIR)/Sources/Secretive.xcodeproj
+# Signing configuration
+# SIGN_IDENTITY can be set to a specific identity, otherwise defaults to "Apple Development"
+SIGN_IDENTITY ?= Apple Development
+
+ifdef SIGN
+ CODE_SIGN_ARGS := CODE_SIGNING_ALLOWED=YES CODE_SIGNING_REQUIRED=YES CODE_SIGN_STYLE=Automatic
+ ifdef TEAM
+ CODE_SIGN_ARGS += DEVELOPMENT_TEAM=$(TEAM)
+ endif
+else
+ CODE_SIGN_ARGS := CODE_SIGNING_ALLOWED=NO CODE_SIGNING_REQUIRED=NO CODE_SIGN_IDENTITY=""
+endif
+
.PHONY: all clean
all: $(FINAL_PKG)
@echo "Built: $(FINAL_PKG)"
+# Validate TEAM is set when SIGN is enabled
+ifdef SIGN
+ifndef TEAM
+$(error SIGN=1 requires TEAM=. Find it with: security find-identity -v -p codesigning)
+endif
+endif
+
$(ARCHIVE):
@mkdir -p $(BUILD_DIR)
- $(XCODEBUILD) -scheme Secretive -configuration Release CODE_SIGNING_ALLOWED=NO CODE_SIGNING_REQUIRED=NO CODE_SIGN_IDENTITY="" -archivePath $(ARCHIVE) archive
+ $(XCODEBUILD) -scheme Secretive -configuration Release $(CODE_SIGN_ARGS) -archivePath $(ARCHIVE) archive
$(APP_BUNDLE): $(ARCHIVE)
@rm -rf $(APP_BUNDLE)
cp -R $(ARCHIVE)/Products/Applications/Secretive.app $(APP_BUNDLE)
+CLI_ENTITLEMENTS_SRC := $(PROJECT_DIR)/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements
+CLI_ENTITLEMENTS := $(BUILD_DIR)/SecretiveCLI.entitlements
+
$(CLI_BIN):
@mkdir -p $(BUILD_DIR)
- cd $(PROJECT_DIR)/Sources/Packages && xcodebuild -scheme SecretiveCLI -configuration Release \
- -destination 'platform=macOS' CODE_SIGNING_ALLOWED=NO CODE_SIGNING_REQUIRED=NO CODE_SIGN_IDENTITY="" \
- SYMROOT=$(BUILD_DIR)/xcode-cli build
- cp $(BUILD_DIR)/xcode-cli/Release/SecretiveCLI $(CLI_BIN)
- cp -R $(BUILD_DIR)/xcode-cli/Release/*.bundle $(BUILD_DIR)/ 2>/dev/null || true
+ swift build -c release --product SecretiveCLI --package-path $(PROJECT_DIR)/Sources/Packages
+ cp $(PROJECT_DIR)/Sources/Packages/.build/release/SecretiveCLI $(CLI_BIN)
+ifdef SIGN
+ @echo "Signing CLI binary with team $(TEAM)..."
+ @sed 's/$$(AppIdentifierPrefix)/$(TEAM)./g' $(CLI_ENTITLEMENTS_SRC) > $(CLI_ENTITLEMENTS)
+ codesign --force --sign "$(SIGN_IDENTITY)" --entitlements $(CLI_ENTITLEMENTS) $(CLI_BIN)
+endif
$(APP_ROOT): $(APP_BUNDLE)
@rm -rf $(APP_ROOT)
@@ -48,10 +79,10 @@ $(CLI_ROOT): $(CLI_BIN)
cp $(CLI_BIN) $(CLI_ROOT)/secretive
$(APP_PKG): $(APP_ROOT)
- pkgbuild --root $(APP_ROOT) --install-location /Applications --identifier com.maxgoedjen.Secretive.app --version 0.0.0-dev $(APP_PKG)
+ pkgbuild --root $(APP_ROOT) --install-location /Applications --identifier com.cursorinternal.Secretive.app --version 0.0.0-dev $(APP_PKG)
$(CLI_PKG): $(CLI_ROOT)
- pkgbuild --root $(CLI_ROOT) --install-location /usr/local/bin --identifier com.maxgoedjen.Secretive.cli --version 0.0.0-dev $(CLI_PKG)
+ pkgbuild --root $(CLI_ROOT) --install-location /usr/local/bin --identifier com.cursorinternal.Secretive.cli --version 0.0.0-dev $(CLI_PKG)
$(DIST):
@mkdir -p $(BUILD_DIR)
@@ -59,31 +90,32 @@ $(DIST):
'' \
'' \
' Secretive (Dev)' \
- ' com.maxgoedjen' \
+ ' com.cursorinternal' \
' ' \
' ' \
- ' ' \
- ' ' \
+ ' ' \
+ ' ' \
' ' \
' ' \
- ' ' \
- ' ' \
+ ' ' \
+ ' ' \
' ' \
' ' \
' ' \
- ' ' \
- ' ' \
+ ' ' \
+ ' ' \
' ' \
- ' ' \
- ' ' \
+ ' ' \
+ ' ' \
' ' \
- ' App.pkg' \
- ' CLI.pkg' \
+ ' App.pkg' \
+ ' CLI.pkg' \
'' \
> $(DIST)
$(FINAL_PKG): $(APP_PKG) $(CLI_PKG) $(DIST)
productbuild --distribution $(DIST) --package-path $(BUILD_DIR) $(FINAL_PKG)
+ @rm -rf $(ARCHIVE) $(APP_BUNDLE) $(APP_ROOT) $(APP_PKG) $(CLI_BIN) $(CLI_ROOT) $(CLI_PKG) $(DIST)
clean:
rm -rf $(BUILD_DIR)
diff --git a/Sources/Packages/Package.swift b/Sources/Packages/Package.swift
index 248b963..2fbb709 100644
--- a/Sources/Packages/Package.swift
+++ b/Sources/Packages/Package.swift
@@ -37,7 +37,7 @@ let package = Package(
targets: [
.target(
name: "SecretKit",
- dependencies: [],
+ dependencies: ["Localizations"],
resources: [localization],
swiftSettings: swiftSettings,
),
@@ -54,13 +54,13 @@ let package = Package(
),
.target(
name: "SecureEnclaveSecretKit",
- dependencies: ["SecretKit", "Localizations"],
+ dependencies: ["SecretKit"],
resources: [localization],
swiftSettings: swiftSettings,
),
.target(
name: "SmartCardSecretKit",
- dependencies: ["SecretKit", "Localizations"],
+ dependencies: ["SecretKit"],
resources: [localization],
swiftSettings: swiftSettings,
),
@@ -97,12 +97,10 @@ let package = Package(
.executableTarget(
name: "SecretiveCLI",
dependencies: [
- "SecretAgentKit",
"SecureEnclaveSecretKit",
"SmartCardSecretKit",
"SecretKit",
"Common",
- "Localizations",
],
exclude: ["Generated"],
swiftSettings: swiftSettings,
diff --git a/Sources/Packages/Sources/Brief/Updater.swift b/Sources/Packages/Sources/Brief/Updater.swift
index 12be1ee..970165b 100644
--- a/Sources/Packages/Sources/Brief/Updater.swift
+++ b/Sources/Packages/Sources/Brief/Updater.swift
@@ -47,7 +47,7 @@ import XPCWrappers
/// Manually trigger an update check.
public func checkForUpdates() async throws {
- let session = try await XPCTypedSession<[Release], Never>(serviceName: "com.maxgoedjen.Secretive.SecretiveUpdater")
+ let session = try await XPCTypedSession<[Release], Never>(serviceName: "com.cursorinternal.Secretive.SecretiveUpdater")
await evaluate(releases: try await session.send())
session.complete()
}
@@ -95,7 +95,7 @@ extension Updater {
/// The user defaults used to store user ignore state.
var defaults: UserDefaults {
- UserDefaults(suiteName: "com.maxgoedjen.Secretive.updater.ignorelist")!
+ UserDefaults(suiteName: "com.cursorinternal.Secretive.updater.ignorelist")!
}
}
diff --git a/Sources/Packages/Sources/SecretAgentKit/Agent.swift b/Sources/Packages/Sources/SecretAgentKit/Agent.swift
index 83ce175..5665a8d 100644
--- a/Sources/Packages/Sources/SecretAgentKit/Agent.swift
+++ b/Sources/Packages/Sources/SecretAgentKit/Agent.swift
@@ -12,7 +12,7 @@ public final class Agent: Sendable {
private let publicKeyWriter = OpenSSHPublicKeyWriter()
private let signatureWriter = OpenSSHSignatureWriter()
private let certificateHandler = OpenSSHCertificateHandler()
- private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "Agent")
+ private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "Agent")
/// Initializes an agent with a store list and a witness.
/// - Parameters:
diff --git a/Sources/Packages/Sources/SecretAgentKit/OpenSSHCertificateHandler.swift b/Sources/Packages/Sources/SecretAgentKit/OpenSSHCertificateHandler.swift
index 5451e49..86aef3f 100644
--- a/Sources/Packages/Sources/SecretAgentKit/OpenSSHCertificateHandler.swift
+++ b/Sources/Packages/Sources/SecretAgentKit/OpenSSHCertificateHandler.swift
@@ -6,7 +6,7 @@ import SecretKit
public actor OpenSSHCertificateHandler: Sendable {
private let publicKeyFileStoreController = PublicKeyFileStoreController(homeDirectory: URL.homeDirectory)
- private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "OpenSSHCertificateHandler")
+ private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "OpenSSHCertificateHandler")
private let writer = OpenSSHPublicKeyWriter()
private var keyBlobsAndNames: [AnySecret: (Data, Data)] = [:]
diff --git a/Sources/Packages/Sources/SecretAgentKit/SSHAgentInputParser.swift b/Sources/Packages/Sources/SecretAgentKit/SSHAgentInputParser.swift
index 6e9a2ee..68b6e0f 100644
--- a/Sources/Packages/Sources/SecretAgentKit/SSHAgentInputParser.swift
+++ b/Sources/Packages/Sources/SecretAgentKit/SSHAgentInputParser.swift
@@ -10,7 +10,7 @@ public protocol SSHAgentInputParserProtocol {
public struct SSHAgentInputParser: SSHAgentInputParserProtocol {
- private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "InputParser")
+ private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "InputParser")
public init() {
diff --git a/Sources/Packages/Sources/SecretAgentKit/SocketController.swift b/Sources/Packages/Sources/SecretAgentKit/SocketController.swift
index 7839037..a3e981a 100644
--- a/Sources/Packages/Sources/SecretAgentKit/SocketController.swift
+++ b/Sources/Packages/Sources/SecretAgentKit/SocketController.swift
@@ -18,7 +18,7 @@ public struct SocketController {
private let fileHandle: FileHandle
/// Logger for the socket controller.
- private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "SocketController")
+ private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "SocketController")
/// Tracer which determines who originates a socket connection.
private let requestTracer = SigningRequestTracer()
@@ -74,7 +74,7 @@ extension SocketController {
private let messagesContinuation: AsyncStream.Continuation
/// A logger for the session.
- private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "Session")
+ private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "Session")
/// Initializes a new Session.
/// - Parameter fileHandle: The FileHandle used to communicate with the socket.
diff --git a/Sources/Packages/Sources/SecretKit/LocalizationsExport.swift b/Sources/Packages/Sources/SecretKit/LocalizationsExport.swift
new file mode 100644
index 0000000..a95852e
--- /dev/null
+++ b/Sources/Packages/Sources/SecretKit/LocalizationsExport.swift
@@ -0,0 +1,3 @@
+// Copyright Anysphere Inc.
+// Re-exports Localizations module so dependent modules can access localization extensions.
+@_exported import Localizations
diff --git a/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift b/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift
index 49e417e..b593df3 100644
--- a/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift
+++ b/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift
@@ -4,7 +4,7 @@ import OSLog
/// Controller responsible for writing public keys to disk, so that they're easily accessible by scripts.
public final class PublicKeyFileStoreController: Sendable {
- private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "PublicKeyFileStoreController")
+ private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "PublicKeyFileStoreController")
private let directory: URL
private let keyWriter = OpenSSHPublicKeyWriter()
diff --git a/Sources/Packages/Sources/SecretKit/Types/SecretStore.swift b/Sources/Packages/Sources/SecretKit/Types/SecretStore.swift
index 42b4db9..ad496d1 100644
--- a/Sources/Packages/Sources/SecretKit/Types/SecretStore.swift
+++ b/Sources/Packages/Sources/SecretKit/Types/SecretStore.swift
@@ -96,8 +96,8 @@ public struct KeyAvailability: Sendable {
extension NSNotification.Name {
// Distributed notification that keys were modified out of process (ie, that the management tool added/removed secrets)
- public static let secretStoreUpdated = NSNotification.Name("com.maxgoedjen.Secretive.secretStore.updated")
+ public static let secretStoreUpdated = NSNotification.Name("com.cursorinternal.Secretive.secretStore.updated")
// Internal notification that keys were reloaded from the backing store.
- public static let secretStoreReloaded = NSNotification.Name("com.maxgoedjen.Secretive.secretStore.reloaded")
+ public static let secretStoreReloaded = NSNotification.Name("com.cursorinternal.Secretive.secretStore.reloaded")
}
diff --git a/Sources/Packages/Sources/SecretiveCLI/README.md b/Sources/Packages/Sources/SecretiveCLI/README.md
index aa80aa6..ecb7737 100644
--- a/Sources/Packages/Sources/SecretiveCLI/README.md
+++ b/Sources/Packages/Sources/SecretiveCLI/README.md
@@ -1,6 +1,8 @@
# Secretive CLI
-A command-line interface for Secretive that provides full key management and SSH agent functionality, sharing the same keychain and socket path as the GUI application.
+A command-line interface companion for Secretive that provides key management capabilities, sharing the same keychain and socket path as the GUI application.
+
+**Note:** The CLI is a helper tool for the main Secretive app. The SSH agent is managed by the Secretive GUI app - the CLI can check its status but does not run its own agent.
## Installation
@@ -37,7 +39,7 @@ The CLI uses the entitlements file at `SecretiveCLI.entitlements`:
keychain-access-groups
- $(AppIdentifierPrefix)com.maxgoedjen.Secretive
+ $(AppIdentifierPrefix)com.cursorinternal.Secretive
@@ -51,41 +53,31 @@ Sign the CLI binary with:
codesign --force \
--sign "Developer ID Application: YOUR_TEAM_NAME" \
--options runtime \
- --identifier com.maxgoedjen.Secretive.Host \
+ --identifier com.cursorinternal.Secretive.Host \
--entitlements Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements \
Sources/Packages/.build/release/SecretiveCLI
```
Replace `YOUR_TEAM_NAME` with your actual Developer ID or use your team's signing identity.
-**Important:** The `--identifier` must be `com.maxgoedjen.Secretive.Host` to match the GUI app's bundle identifier, ensuring the CLI can access the same keychain items.
+**Important:** The `--identifier` must be `com.cursorinternal.Secretive.Host` to match the GUI app's bundle identifier, ensuring the CLI can access the same keychain items.
## Usage
### Agent Management
-Install and manage the SSH agent as a launchd service:
+Check and control Secretive's SSH agent:
```bash
-# Install the agent as a launchd service
-secretive agent install
-
-# Start the agent
-secretive agent start
-
# Check agent status
secretive agent status
-# Stop the agent
-secretive agent stop
-
-# Uninstall the agent
-secretive agent uninstall
-
-# Run agent in foreground (for testing)
-secretive agent run
+# Start the agent (if not already running)
+secretive agent start
```
+The SSH agent is bundled with the Secretive GUI app. The `start` command will locate and launch the agent from the installed Secretive.app.
+
### Key Management
Manage SSH keys stored in the Secure Enclave:
@@ -110,27 +102,27 @@ secretive key update "My Key Name"
## Socket Path
The CLI uses the same socket path as the GUI app:
-- Production: `~/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh`
-- Debug: `~/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket-debug.ssh`
+- Production: `~/Library/Containers/com.cursorinternal.Secretive.SecretAgent/Data/socket.ssh`
+- Debug: `~/Library/Containers/com.cursorinternal.Secretive.SecretAgent/Data/socket-debug.ssh`
Set `SSH_AUTH_SOCK` to this path to use the agent:
```bash
-export SSH_AUTH_SOCK=~/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh
+export SSH_AUTH_SOCK=~/Library/Containers/com.cursorinternal.Secretive.SecretAgent/Data/socket.ssh
```
## Keychain Access
-The CLI shares the same keychain access group as the GUI app (`com.maxgoedjen.Secretive`), allowing it to:
+The CLI shares the same keychain access group as the GUI app (`com.cursorinternal.Secretive`), allowing it to:
- Access keys created by the GUI app
- Create keys that are accessible by the GUI app
- Use the same Secure Enclave storage
-This is achieved by signing the CLI with the same bundle identifier (`com.maxgoedjen.Secretive.Host`) and keychain access group entitlements.
+This is achieved by signing the CLI with the same bundle identifier (`com.cursorinternal.Secretive.Host`) and keychain access group entitlements.
## Notes
- The CLI uses the same `SecretStoreList` setup as the GUI app, including Secure Enclave and Smart Card stores
- Keys created via CLI will appear in the GUI app and vice versa
-- The agent can be run either via launchd (recommended) or in foreground mode for testing
+- The SSH agent runs as part of the Secretive GUI app - use the CLI's `agent status` command to check if it's running
- All key operations require appropriate authentication (Touch ID, Apple Watch, or password) as configured per key
diff --git a/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements b/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements
index 246a51d..40848a3 100644
--- a/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements
+++ b/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements
@@ -6,8 +6,9 @@
keychain-access-groups
- $(AppIdentifierPrefix)com.maxgoedjen.Secretive
+ $(AppIdentifierPrefix)com.cursorinternal.Secretive
+
diff --git a/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.swift b/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.swift
index 69f47d0..76b83c5 100644
--- a/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.swift
+++ b/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.swift
@@ -1,6 +1,5 @@
import Foundation
-import Darwin
-import SecretAgentKit
+import AppKit
import SecretKit
import SecureEnclaveSecretKit
import SmartCardSecretKit
@@ -9,7 +8,7 @@ import OSLog
@main
struct SecretiveCLI {
- private static let logger = Logger(subsystem: "com.maxgoedjen.secretive.cli", category: "CLI")
+ private static let logger = Logger(subsystem: "com.cursorinternal.secretive.cli", category: "CLI")
static func main() async {
let args = Array(CommandLine.arguments.dropFirst())
@@ -46,13 +45,8 @@ struct SecretiveCLI {
Usage: secretive-cli [options]
Commands:
- agent Manage SSH agent
- install Install agent as launchd service
- uninstall Uninstall agent from launchd
- start Start the agent service
- stop Stop the agent service
- status Check agent status
- run Run agent in foreground (for testing)
+ agent status Check if Secretive's SSH agent is running
+ agent start Start Secretive's SSH agent
key Manage SSH keys
generate [name] Generate a new key (default: "Secretive Key")
@@ -70,211 +64,109 @@ struct SecretiveCLI {
extension SecretiveCLI {
+ private static let agentBundleID = "com.cursorinternal.Secretive.SecretAgent"
+ private static let secretiveBundleID = "com.cursorinternal.Secretive.Host"
+
static func handleAgentCommand(args: [String]) async throws {
guard let subcommand = args.first else {
- print("Agent subcommand required: install, uninstall, start, stop, status, or run")
+ print("Agent subcommand required: status, start")
exit(1)
}
switch subcommand {
- case "install":
- try await installAgent()
- case "uninstall":
- try await uninstallAgent()
- case "start":
- try await startAgent()
- case "stop":
- try await stopAgent()
case "status":
try await checkAgentStatus()
- case "run":
- try await runAgent()
+ case "start":
+ try await startAgent()
default:
print("Unknown agent subcommand: \(subcommand)")
+ print("Available: status, start")
exit(1)
}
}
- static func installAgent() async throws {
- let plistPath = launchdPlistPath
- let plistDir = (plistPath as NSString).deletingLastPathComponent
+ static func checkAgentStatus() async throws {
+ // Check if the main Secretive app's SecretAgent is running
+ let runningAgents = NSRunningApplication.runningApplications(withBundleIdentifier: agentBundleID)
- // Create directory if needed
- try FileManager.default.createDirectory(atPath: plistDir, withIntermediateDirectories: true)
-
- // Get the CLI binary path
- guard let cliPath = Bundle.main.executablePath else {
- throw CLIError("Could not determine CLI binary path")
+ if let agent = runningAgents.first {
+ print("Secretive agent is running")
+ if let url = agent.bundleURL {
+ print(" Path: \(url.path)")
+ }
+ print(" PID: \(agent.processIdentifier)")
+
+ // Also check socket
+ let socketPath = URL.socketPath
+ if FileManager.default.fileExists(atPath: socketPath) {
+ print(" Socket: \(socketPath)")
+ }
+ } else {
+ print("Secretive agent is not running")
+ print("Run 'secretive agent start' to start it")
}
-
- // Create plist content
- let plist: [String: Any] = [
- "Label": launchdServiceLabel,
- "ProgramArguments": [cliPath, "agent", "run"],
- "RunAtLoad": true,
- "KeepAlive": true,
- "StandardOutPath": "/dev/null",
- "StandardErrorPath": "/dev/null",
- "EnvironmentVariables": [
- "SSH_AUTH_SOCK": socketPath
- ]
- ]
-
- let plistData = try PropertyListSerialization.data(fromPropertyList: plist, format: .xml, options: 0)
- try plistData.write(to: URL(fileURLWithPath: plistPath))
-
- // Bootstrap the service
- let process = Process()
- process.executableURL = URL(fileURLWithPath: "/bin/launchctl")
- process.arguments = ["bootstrap", "gui/\(getuid())", plistPath]
-
- try process.run()
- process.waitUntilExit()
-
- if process.terminationStatus != 0 {
- throw CLIError("Failed to install agent: launchctl bootstrap returned \(process.terminationStatus)")
- }
-
- print("Agent installed successfully")
- }
-
- static func uninstallAgent() async throws {
- let plistPath = launchdPlistPath
-
- // Unbootstrap the service
- let process = Process()
- process.executableURL = URL(fileURLWithPath: "/bin/launchctl")
- process.arguments = ["bootout", "gui/\(getuid())", launchdServiceLabel]
-
- try process.run()
- process.waitUntilExit()
-
- // Remove plist file if it exists
- if FileManager.default.fileExists(atPath: plistPath) {
- try FileManager.default.removeItem(atPath: plistPath)
- }
-
- print("Agent uninstalled successfully")
}
static func startAgent() async throws {
- let process = Process()
- process.executableURL = URL(fileURLWithPath: "/bin/launchctl")
- process.arguments = ["kickstart", "gui/\(getuid())/\(launchdServiceLabel)"]
-
- try process.run()
- process.waitUntilExit()
-
- if process.terminationStatus != 0 {
- throw CLIError("Failed to start agent: launchctl kickstart returned \(process.terminationStatus)")
+ // Check if already running
+ let runningAgents = NSRunningApplication.runningApplications(withBundleIdentifier: agentBundleID)
+ if !runningAgents.isEmpty {
+ print("Secretive agent is already running")
+ return
}
- print("Agent started")
- }
-
- static func stopAgent() async throws {
- let process = Process()
- process.executableURL = URL(fileURLWithPath: "/bin/launchctl")
- process.arguments = ["kill", "gui/\(getuid())/\(launchdServiceLabel)"]
+ // Find the SecretAgent app inside the installed Secretive app
+ guard let agentURL = findSecretAgentApp() else {
+ throw CLIError("Could not find Secretive.app. Please ensure Secretive is installed in /Applications or ~/Applications.")
+ }
- try process.run()
- process.waitUntilExit()
+ print("Starting Secretive agent...")
+ let config = NSWorkspace.OpenConfiguration()
+ config.activates = false
- print("Agent stopped")
- }
-
- static func checkAgentStatus() async throws {
- let process = Process()
- process.executableURL = URL(fileURLWithPath: "/bin/launchctl")
- process.arguments = ["list", launchdServiceLabel]
-
- let pipe = Pipe()
- process.standardOutput = pipe
-
- try process.run()
- process.waitUntilExit()
-
- let data = pipe.fileHandleForReading.readDataToEndOfFile()
- let output = String(data: data, encoding: .utf8) ?? ""
-
- if process.terminationStatus == 0 && !output.isEmpty {
- print("Agent is running")
- print(output)
- } else {
- print("Agent is not running")
+ do {
+ try await NSWorkspace.shared.openApplication(at: agentURL, configuration: config)
+ // Give it a moment to start
+ try await Task.sleep(for: .seconds(1))
+
+ // Verify it started
+ let agents = NSRunningApplication.runningApplications(withBundleIdentifier: agentBundleID)
+ if !agents.isEmpty {
+ print("Secretive agent started successfully")
+ } else {
+ print("Warning: Agent may not have started. Check Secretive.app for details.")
+ }
+ } catch {
+ throw CLIError("Failed to start agent: \(error.localizedDescription)")
}
}
- static func runAgent() async throws {
- logger.info("Starting SSH agent")
+ private static func findSecretAgentApp() -> URL? {
+ let fileManager = FileManager.default
- // Set up store list
- let storeList: SecretStoreList = await MainActor.run {
- let list = SecretStoreList()
- let cryptoKit = SecureEnclave.Store()
- let migrator = SecureEnclave.CryptoKitMigrator()
- try? migrator.migrate(to: cryptoKit)
- list.add(store: cryptoKit)
- list.add(store: SmartCard.Store())
- return list
- }
+ // Possible locations for Secretive.app
+ let searchPaths = [
+ "/Applications/Secretive.app",
+ "\(fileManager.homeDirectoryForCurrentUser.path)/Applications/Secretive.app"
+ ]
- // Create agent (no witness for CLI)
- let agent = Agent(storeList: storeList, witness: nil)
-
- // Set up socket controller
- let socket = SocketController(path: socketPath)
-
- // Set up input parser (use direct parser, not XPC)
- let parser = SSHAgentInputParser()
-
- logger.info("SSH agent listening on \(socketPath)")
- print("SSH agent running on \(socketPath)")
- print("Set SSH_AUTH_SOCK=\(socketPath) to use this agent")
-
- func handleSession(_ session: SocketController.Session) async {
- do {
- for await message in session.messages {
- let request = try parser.parse(data: message)
- let response = await agent.handle(request: request, provenance: session.provenance)
- try await MainActor.run {
- try session.write(response)
- }
- }
- } catch {
- logger.error("Session error: \(error.localizedDescription)")
- try? session.close()
+ for path in searchPaths {
+ let secretiveURL = URL(fileURLWithPath: path)
+ let agentURL = secretiveURL.appendingPathComponent("Contents/Library/LoginItems/SecretAgent.app")
+ if fileManager.fileExists(atPath: agentURL.path) {
+ return agentURL
}
}
- // Handle sessions
- for await session in socket.sessions {
- await handleSession(session)
+ // Also try to find via Launch Services
+ if let secretiveURL = NSWorkspace.shared.urlForApplication(withBundleIdentifier: secretiveBundleID) {
+ let agentURL = secretiveURL.appendingPathComponent("Contents/Library/LoginItems/SecretAgent.app")
+ if fileManager.fileExists(atPath: agentURL.path) {
+ return agentURL
+ }
}
- }
-
- // MARK: - Agent Paths
-
- static var socketPath: String {
- // Use the same socket path as the GUI app
- // This matches URL.socketPath from Common module, which constructs:
- // ~/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh
- let home = FileManager.default.homeDirectoryForCurrentUser.path
- let containerPath = "\(home)/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data"
- #if DEBUG
- return "\(containerPath)/socket-debug.ssh"
- #else
- return "\(containerPath)/socket.ssh"
- #endif
- }
-
- static var launchdServiceLabel: String {
- "com.maxgoedjen.secretive.cli"
- }
-
- static var launchdPlistPath: String {
- let home = FileManager.default.homeDirectoryForCurrentUser.path
- return "\(home)/Library/LaunchAgents/\(launchdServiceLabel).plist"
+
+ return nil
}
}
diff --git a/Sources/Packages/Sources/SecureEnclaveSecretKit/CryptoKitMigrator.swift b/Sources/Packages/Sources/SecureEnclaveSecretKit/CryptoKitMigrator.swift
index 68c73b2..768b7b8 100644
--- a/Sources/Packages/Sources/SecureEnclaveSecretKit/CryptoKitMigrator.swift
+++ b/Sources/Packages/Sources/SecureEnclaveSecretKit/CryptoKitMigrator.swift
@@ -9,7 +9,7 @@ extension SecureEnclave {
public struct CryptoKitMigrator {
- private let logger = Logger(subsystem: "com.maxgoedjen.secretive.migration", category: "CryptoKitMigrator")
+ private let logger = Logger(subsystem: "com.cursorinternal.secretive.migration", category: "CryptoKitMigrator")
public init() {
}
diff --git a/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift b/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
index 7f2fc55..8fea832 100644
--- a/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
+++ b/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
@@ -287,7 +287,7 @@ extension SecureEnclave.Store {
enum Constants {
static let keyClass = kSecClassGenericPassword as String
- static let keyTag = Data("com.maxgoedjen.secretive.secureenclave.key".utf8)
+ static let keyTag = Data("com.cursorinternal.secretive.secureenclave.key".utf8)
static let notificationToken = UUID().uuidString
}
diff --git a/Sources/Packages/Sources/XPCWrappers/XPCServiceDelegate.swift b/Sources/Packages/Sources/XPCWrappers/XPCServiceDelegate.swift
index 9fd9216..0770e1c 100644
--- a/Sources/Packages/Sources/XPCWrappers/XPCServiceDelegate.swift
+++ b/Sources/Packages/Sources/XPCWrappers/XPCServiceDelegate.swift
@@ -53,7 +53,7 @@ public final class XPCServiceDelegate: NSObject, NSXPCListenerDelegate {
extension NSError {
private enum Constants {
- static let domain = "com.maxgoedjen.secretive.xpcwrappers"
+ static let domain = "com.cursorinternal.secretive.xpcwrappers"
static let code = -1
static let dataKey = "underlying"
}
diff --git a/Sources/SecretAgent/AppDelegate.swift b/Sources/SecretAgent/AppDelegate.swift
index b49cb81..29001a6 100644
--- a/Sources/SecretAgent/AppDelegate.swift
+++ b/Sources/SecretAgent/AppDelegate.swift
@@ -30,7 +30,7 @@ class AppDelegate: NSObject, NSApplicationDelegate {
let path = URL.socketPath as String
return SocketController(path: path)
}()
- private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "AppDelegate")
+ private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "AppDelegate")
func applicationDidFinishLaunching(_ aNotification: Notification) {
logger.debug("SecretAgent finished launching")
diff --git a/Sources/SecretAgent/Notifier.swift b/Sources/SecretAgent/Notifier.swift
index fa48cdd..777a1b1 100644
--- a/Sources/SecretAgent/Notifier.swift
+++ b/Sources/SecretAgent/Notifier.swift
@@ -114,18 +114,18 @@ extension Notifier {
enum Constants {
// Update notifications
- static let updateCategoryIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.update"
- static let criticalUpdateCategoryIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.update.critical"
- static let updateActionIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.update.updateaction"
- static let ignoreActionIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.update.ignoreaction"
+ static let updateCategoryIdentitifier = "com.cursorinternal.Secretive.SecretAgent.update"
+ static let criticalUpdateCategoryIdentitifier = "com.cursorinternal.Secretive.SecretAgent.update.critical"
+ static let updateActionIdentitifier = "com.cursorinternal.Secretive.SecretAgent.update.updateaction"
+ static let ignoreActionIdentitifier = "com.cursorinternal.Secretive.SecretAgent.update.ignoreaction"
// Authorization persistence notificatoins
- static let persistAuthenticationCategoryIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication"
- static let doNotPersistActionIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.donotpersist"
- static let persistForActionIdentitifierPrefix = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.persist."
+ static let persistAuthenticationCategoryIdentitifier = "com.cursorinternal.Secretive.SecretAgent.persistauthentication"
+ static let doNotPersistActionIdentitifier = "com.cursorinternal.Secretive.SecretAgent.persistauthentication.donotpersist"
+ static let persistForActionIdentitifierPrefix = "com.cursorinternal.Secretive.SecretAgent.persistauthentication.persist."
- static let persistSecretIDKey = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.secretidkey"
- static let persistStoreIDKey = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.storeidkey"
+ static let persistSecretIDKey = "com.cursorinternal.Secretive.SecretAgent.persistauthentication.secretidkey"
+ static let persistStoreIDKey = "com.cursorinternal.Secretive.SecretAgent.persistauthentication.storeidkey"
}
}
diff --git a/Sources/SecretAgent/SecretAgent.entitlements b/Sources/SecretAgent/SecretAgent.entitlements
index c9423c4..5ad9af6 100644
--- a/Sources/SecretAgent/SecretAgent.entitlements
+++ b/Sources/SecretAgent/SecretAgent.entitlements
@@ -6,7 +6,7 @@
keychain-access-groups
- $(AppIdentifierPrefix)com.maxgoedjen.Secretive
+ $(AppIdentifierPrefix)com.cursorinternal.Secretive
diff --git a/Sources/SecretAgent/XPCInputParser.swift b/Sources/SecretAgent/XPCInputParser.swift
index b78f316..9c94791 100644
--- a/Sources/SecretAgent/XPCInputParser.swift
+++ b/Sources/SecretAgent/XPCInputParser.swift
@@ -7,12 +7,12 @@ import OSLog
/// Delegates all agent input parsing to an XPC service which wraps OpenSSH
public final class XPCAgentInputParser: SSHAgentInputParserProtocol {
- private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "XPCAgentInputParser")
+ private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "XPCAgentInputParser")
private let session: XPCTypedSession
public init() async throws {
logger.debug("Creating XPCAgentInputParser")
- session = try await XPCTypedSession(serviceName: "com.maxgoedjen.Secretive.SecretAgentInputParser", warmup: true)
+ session = try await XPCTypedSession(serviceName: "com.cursorinternal.Secretive.SecretAgentInputParser", warmup: true)
logger.debug("XPCAgentInputParser is warmed up.")
}
diff --git a/Sources/SecretAgentInputParser/SecretAgentInputParser.swift b/Sources/SecretAgentInputParser/SecretAgentInputParser.swift
index cc0c8fd..f0b6a90 100644
--- a/Sources/SecretAgentInputParser/SecretAgentInputParser.swift
+++ b/Sources/SecretAgentInputParser/SecretAgentInputParser.swift
@@ -5,7 +5,7 @@ import SecretAgentKit
final class SecretAgentInputParser: NSObject, XPCProtocol {
- private let logger = Logger(subsystem: "com.maxgoedjen.secretive.SecretAgentInputParser", category: "SecretAgentInputParser")
+ private let logger = Logger(subsystem: "com.cursorinternal.secretive.SecretAgentInputParser", category: "SecretAgentInputParser")
func process(_ data: Data) async throws -> SSHAgent.Request {
let parser = SSHAgentInputParser()
diff --git a/Sources/Secretive.xcodeproj/project.pbxproj b/Sources/Secretive.xcodeproj/project.pbxproj
index bcd4b37..0bd3db9 100644
--- a/Sources/Secretive.xcodeproj/project.pbxproj
+++ b/Sources/Secretive.xcodeproj/project.pbxproj
@@ -960,7 +960,7 @@
);
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.Host;
PRODUCT_NAME = "$(TARGET_NAME)";
PROVISIONING_PROFILE_SPECIFIER = "";
};
@@ -1000,7 +1000,7 @@
);
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.Host;
PRODUCT_NAME = "$(TARGET_NAME)";
PROVISIONING_PROFILE_SPECIFIER = "Secretive - Host";
};
@@ -1036,7 +1036,7 @@
LOCALIZATION_PREFERS_STRING_CATALOGS = YES;
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1.0;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretiveUpdater;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretiveUpdater;
PRODUCT_NAME = "$(TARGET_NAME)";
REGISTER_APP_GROUPS = YES;
SKIP_INSTALL = YES;
@@ -1076,7 +1076,7 @@
LOCALIZATION_PREFERS_STRING_CATALOGS = YES;
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1.0;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretiveUpdater;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretiveUpdater;
PRODUCT_NAME = "$(TARGET_NAME)";
REGISTER_APP_GROUPS = YES;
SKIP_INSTALL = YES;
@@ -1118,7 +1118,7 @@
LOCALIZATION_PREFERS_STRING_CATALOGS = YES;
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1.0;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretiveUpdater;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretiveUpdater;
PRODUCT_NAME = "$(TARGET_NAME)";
PROVISIONING_PROFILE_SPECIFIER = "";
REGISTER_APP_GROUPS = YES;
@@ -1150,7 +1150,7 @@
LOCALIZATION_PREFERS_STRING_CATALOGS = YES;
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1.0;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgentInputParser;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgentInputParser;
PRODUCT_NAME = "$(TARGET_NAME)";
REGISTER_APP_GROUPS = YES;
SKIP_INSTALL = YES;
@@ -1180,7 +1180,7 @@
LOCALIZATION_PREFERS_STRING_CATALOGS = YES;
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1.0;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgentInputParser;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgentInputParser;
PRODUCT_NAME = "$(TARGET_NAME)";
REGISTER_APP_GROUPS = YES;
SKIP_INSTALL = YES;
@@ -1212,7 +1212,7 @@
LOCALIZATION_PREFERS_STRING_CATALOGS = YES;
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1.0;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgentInputParser;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgentInputParser;
PRODUCT_NAME = "$(TARGET_NAME)";
PROVISIONING_PROFILE_SPECIFIER = "";
REGISTER_APP_GROUPS = YES;
@@ -1333,7 +1333,7 @@
);
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.Host;
PRODUCT_NAME = "$(TARGET_NAME)";
};
name = Test;
@@ -1366,7 +1366,7 @@
);
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgent;
PRODUCT_NAME = "$(TARGET_NAME)";
};
name = Test;
@@ -1401,7 +1401,7 @@
);
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgent;
PRODUCT_NAME = "$(TARGET_NAME)";
};
name = Debug;
@@ -1437,7 +1437,7 @@
);
MACOSX_DEPLOYMENT_TARGET = 14.0;
MARKETING_VERSION = 1;
- PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
+ PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgent;
PRODUCT_NAME = "$(TARGET_NAME)";
PROVISIONING_PROFILE_SPECIFIER = "Secretive - Secret Agent";
};
diff --git a/Sources/Secretive/Controllers/AgentStatusChecker.swift b/Sources/Secretive/Controllers/AgentStatusChecker.swift
index 6e6cf4e..ea0beec 100644
--- a/Sources/Secretive/Controllers/AgentStatusChecker.swift
+++ b/Sources/Secretive/Controllers/AgentStatusChecker.swift
@@ -20,7 +20,7 @@ import Common
var running: Bool = false
var process: NSRunningApplication? = nil
- private let logger = Logger(subsystem: "com.maxgoedjen.secretive", category: "LaunchAgentController")
+ private let logger = Logger(subsystem: "com.cursorinternal.secretive", category: "LaunchAgentController")
private let service = SMAppService.loginItem(identifier: Bundle.agentBundleID)
nonisolated init() {
diff --git a/Sources/Secretive/Controllers/JustUpdatedChecker.swift b/Sources/Secretive/Controllers/JustUpdatedChecker.swift
index 75e9483..55de965 100644
--- a/Sources/Secretive/Controllers/JustUpdatedChecker.swift
+++ b/Sources/Secretive/Controllers/JustUpdatedChecker.swift
@@ -37,8 +37,8 @@ import AppKit
extension JustUpdatedChecker {
enum Constants {
- static let previousVersionUserDefaultsKey = "com.maxgoedjen.Secretive.lastBuild"
- static let previousOSVersionUserDefaultsKey = "com.maxgoedjen.Secretive.lastOS"
+ static let previousVersionUserDefaultsKey = "com.cursorinternal.Secretive.lastBuild"
+ static let previousOSVersionUserDefaultsKey = "com.cursorinternal.Secretive.lastOS"
}
}
diff --git a/Sources/Secretive/Secretive.entitlements b/Sources/Secretive/Secretive.entitlements
index ab2c42b..8b3aea2 100644
--- a/Sources/Secretive/Secretive.entitlements
+++ b/Sources/Secretive/Secretive.entitlements
@@ -16,7 +16,7 @@
keychain-access-groups
- $(AppIdentifierPrefix)com.maxgoedjen.Secretive
+ $(AppIdentifierPrefix)com.cursorinternal.Secretive