From 625a605cc7bc8ffd707809b1d8d09262d187f98f Mon Sep 17 00:00:00 2001 From: Roy Xu Date: Tue, 9 Dec 2025 16:30:01 -0500 Subject: [PATCH] update name to be cursor internal --- .github/workflows/nightly.yml | 28 +- .github/workflows/oneoff.yml | 93 +++++-- .github/workflows/release.yml | 28 +- FAQ.md | 2 +- Makefile | 72 +++-- Sources/Packages/Package.swift | 8 +- Sources/Packages/Sources/Brief/Updater.swift | 4 +- .../Sources/SecretAgentKit/Agent.swift | 2 +- .../OpenSSHCertificateHandler.swift | 2 +- .../SecretAgentKit/SSHAgentInputParser.swift | 2 +- .../SecretAgentKit/SocketController.swift | 4 +- .../SecretKit/LocalizationsExport.swift | 3 + .../PublicKeyStandinFileController.swift | 2 +- .../Sources/SecretKit/Types/SecretStore.swift | 4 +- .../Packages/Sources/SecretiveCLI/README.md | 42 ++- .../SecretiveCLI/SecretiveCLI.entitlements | 3 +- .../Sources/SecretiveCLI/SecretiveCLI.swift | 258 +++++------------- .../CryptoKitMigrator.swift | 2 +- .../SecureEnclaveStore.swift | 2 +- .../XPCWrappers/XPCServiceDelegate.swift | 2 +- Sources/SecretAgent/AppDelegate.swift | 2 +- Sources/SecretAgent/Notifier.swift | 18 +- Sources/SecretAgent/SecretAgent.entitlements | 2 +- Sources/SecretAgent/XPCInputParser.swift | 4 +- .../SecretAgentInputParser.swift | 2 +- Sources/Secretive.xcodeproj/project.pbxproj | 24 +- .../Controllers/AgentStatusChecker.swift | 2 +- .../Controllers/JustUpdatedChecker.swift | 4 +- Sources/Secretive/Secretive.entitlements | 2 +- 29 files changed, 297 insertions(+), 326 deletions(-) create mode 100644 Sources/Packages/Sources/SecretKit/LocalizationsExport.swift diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 7fe7576..d7c2655 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -58,7 +58,7 @@ jobs: CLI_BINARY="Sources/Packages/.build/release/SecretiveCLI" ENTITLEMENTS="Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements" IDENTITY=$(security find-identity -p codesigning -v 2>/dev/null | grep "Developer ID Application" | head -n1 | awk -F'"' '{print $2}') - codesign --force --options runtime --sign "$IDENTITY" --identifier "com.maxgoedjen.Secretive.Host" --entitlements "$ENTITLEMENTS" "$CLI_BINARY" + codesign --force --options runtime --sign "$IDENTITY" --identifier "com.cursorinternal.Secretive.Host" --entitlements "$ENTITLEMENTS" "$CLI_BINARY" - name: Prepare Artifact Folder run: | mkdir -p Artifact/App @@ -67,32 +67,32 @@ jobs: cp Sources/Packages/.build/release/SecretiveCLI Artifact/CLI/secretive - name: Build Installer Package run: | - pkgbuild --root Artifact/App --install-location /Applications --identifier com.maxgoedjen.Secretive.app --version 1.0 App.pkg - pkgbuild --root Artifact/CLI --install-location /usr/local/bin --identifier com.maxgoedjen.Secretive.cli --version 1.0 CLI.pkg + pkgbuild --root Artifact/App --install-location /Applications --identifier com.cursorinternal.Secretive.app --version 1.0 App.pkg + pkgbuild --root Artifact/CLI --install-location /usr/local/bin --identifier com.cursorinternal.Secretive.cli --version 1.0 CLI.pkg cat > distribution.xml << 'EOF' Secretive - com.maxgoedjen + com.cursorinternal - - + + - - + + - - + + - - + + - App.pkg - CLI.pkg + App.pkg + CLI.pkg EOF productbuild --distribution distribution.xml --package-path . Secretive-unsigned.pkg diff --git a/.github/workflows/oneoff.yml b/.github/workflows/oneoff.yml index 4c5da3c..0f7fe9d 100644 --- a/.github/workflows/oneoff.yml +++ b/.github/workflows/oneoff.yml @@ -22,7 +22,22 @@ jobs: AGENT_PROFILE_DATA: ${{ secrets.AGENT_PROFILE_DATA }} APPLE_API_KEY_DATA: ${{ secrets.APPLE_API_KEY_DATA }} APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} - run: ./.github/scripts/signing.sh + run: | + echo $SIGNING_DATA | base64 -d -o Signing.p12 + security create-keychain -p ci ci.keychain + security default-keychain -s ci.keychain + security list-keychains -s ci.keychain + security import ./Signing.p12 -k ci.keychain -P $SIGNING_PASSWORD -A + security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k ci ci.keychain + mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles + echo $HOST_PROFILE_DATA | base64 -d -o Host.provisionprofile + HOST_UUID=$(grep UUID -A1 -a Host.provisionprofile | grep -io "[-A-F0-9]\{36\}") + cp Host.provisionprofile ~/Library/MobileDevice/Provisioning\ Profiles/$HOST_UUID.provisionprofile + echo $AGENT_PROFILE_DATA | base64 -d -o Agent.provisionprofile + AGENT_UUID=$(grep UUID -A1 -a Agent.provisionprofile | grep -io "[-A-F0-9]\{36\}") + cp Agent.provisionprofile ~/Library/MobileDevice/Provisioning\ Profiles/$AGENT_UUID.provisionprofile + mkdir ~/.private_keys + echo -n "$APPLE_API_KEY_DATA" > ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 - name: Set Environment run: sudo xcrun xcode-select -s /Applications/Xcode_26.1.app - name: Update Build Number @@ -33,32 +48,70 @@ jobs: sed -i '' -e "s/GITHUB_CI_VERSION/0.0.0_oneoff-$DATE/g" Sources/Config/Config.xcconfig sed -i '' -e "s/GITHUB_BUILD_NUMBER/1.$RUN_ID/g" Sources/Config/Config.xcconfig sed -i '' -e "s/GITHUB_BUILD_URL/https:\/\/github.com\/maxgoedjen\/secretive\/actions\/runs\/$RUN_ID/g" Sources/Config/Config.xcconfig - - name: Build + - name: Build App run: xcrun xcodebuild -project Sources/Secretive.xcodeproj -scheme Secretive -configuration Release -archivePath Archive.xcarchive archive - - name: Move to Artifact Folder - run: mkdir Artifact; cp -r Archive.xcarchive/Products/Applications/Secretive.app Artifact - - name: Upload App to Artifacts - id: upload - uses: actions/upload-artifact@v4 - with: - name: Secretive - path: Artifact - - name: Download Zipped Artifact - id: download - env: - ZIP_ID: ${{ steps.upload.outputs.artifact-id }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Build CLI + run: swift build -c release --product SecretiveCLI --package-path Sources/Packages + - name: Codesign CLI run: | - curl -L -H "Authorization: Bearer $GITHUB_TOKEN" -L \ - https://api.github.com/repos/maxgoedjen/secretive/actions/artifacts/$ZIP_ID/zip > Secretive.zip + CLI_BINARY="Sources/Packages/.build/release/SecretiveCLI" + ENTITLEMENTS="Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements" + IDENTITY=$(security find-identity -p codesigning -v 2>/dev/null | grep "Developer ID Application" | head -n1 | awk -F'"' '{print $2}') + codesign --force --options runtime --sign "$IDENTITY" --identifier "com.cursorinternal.Secretive.Host" --entitlements "$ENTITLEMENTS" "$CLI_BINARY" + - name: Prepare Artifact Folder + run: | + mkdir -p Artifact/App + mkdir -p Artifact/CLI + cp -r Archive.xcarchive/Products/Applications/Secretive.app Artifact/App/ + cp Sources/Packages/.build/release/SecretiveCLI Artifact/CLI/secretive + - name: Build Installer Package + run: | + pkgbuild --root Artifact/App --install-location /Applications --identifier com.cursorinternal.Secretive.app --version 1.0 App.pkg + pkgbuild --root Artifact/CLI --install-location /usr/local/bin --identifier com.cursorinternal.Secretive.cli --version 1.0 CLI.pkg + cat > distribution.xml << 'EOF' + + + Secretive + com.cursorinternal + + + + + + + + + + + + + + + + + + App.pkg + CLI.pkg + + EOF + productbuild --distribution distribution.xml --package-path . Secretive-unsigned.pkg + INSTALLER_IDENTITY=$(security find-identity -p basic -v 2>/dev/null | grep "Developer ID Installer" | head -n1 | awk -F'"' '{print $2}') + productsign --sign "$INSTALLER_IDENTITY" Secretive-unsigned.pkg Secretive.pkg - name: Notarize env: APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }} - run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip + run: | + xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER --wait Secretive.pkg + xcrun stapler staple Secretive.pkg + - name: Upload Installer to Artifacts + id: upload + uses: actions/upload-artifact@v4 + with: + name: Secretive.pkg + path: Secretive.pkg - name: Attest id: attest uses: actions/attest-build-provenance@v2 with: - subject-name: "Secretive.zip" - subject-digest: sha256:${{ steps.upload.outputs.artifact-digest }} + subject-path: "Secretive.pkg" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dca11bf..878a405 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -96,7 +96,7 @@ jobs: CLI_BINARY="Sources/Packages/.build/release/SecretiveCLI" ENTITLEMENTS="Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements" IDENTITY=$(security find-identity -p codesigning -v 2>/dev/null | grep "Developer ID Application" | head -n1 | awk -F'"' '{print $2}') - codesign --force --options runtime --sign "$IDENTITY" --identifier "com.maxgoedjen.Secretive.Host" --entitlements "$ENTITLEMENTS" "$CLI_BINARY" + codesign --force --options runtime --sign "$IDENTITY" --identifier "com.cursorinternal.Secretive.Host" --entitlements "$ENTITLEMENTS" "$CLI_BINARY" - name: Prepare Artifact Folder run: | mkdir -p Artifact/App @@ -105,32 +105,32 @@ jobs: cp Sources/Packages/.build/release/SecretiveCLI Artifact/CLI/secretive - name: Build Installer Package run: | - pkgbuild --root Artifact/App --install-location /Applications --identifier com.maxgoedjen.Secretive.app --version 1.0 App.pkg - pkgbuild --root Artifact/CLI --install-location /usr/local/bin --identifier com.maxgoedjen.Secretive.cli --version 1.0 CLI.pkg + pkgbuild --root Artifact/App --install-location /Applications --identifier com.cursorinternal.Secretive.app --version 1.0 App.pkg + pkgbuild --root Artifact/CLI --install-location /usr/local/bin --identifier com.cursorinternal.Secretive.cli --version 1.0 CLI.pkg cat > distribution.xml << 'EOF' Secretive - com.maxgoedjen + com.cursorinternal - - + + - - + + - - + + - - + + - App.pkg - CLI.pkg + App.pkg + CLI.pkg EOF productbuild --distribution distribution.xml --package-path . Secretive-unsigned.pkg diff --git a/FAQ.md b/FAQ.md index 7c22fdb..206df82 100644 --- a/FAQ.md +++ b/FAQ.md @@ -54,7 +54,7 @@ Secretive checks in with GitHub's releases API to check if there's a new version ### How do I uninstall Secretive? -Drag Secretive.app to the trash and remove `~/Library/Containers/com.maxgoedjen.Secretive.SecretAgent`. `SecretAgent` may continue running until you quit it or reboot. +Drag Secretive.app to the trash and remove `~/Library/Containers/com.cursorinternal.Secretive.SecretAgent`. `SecretAgent` may continue running until you quit it or reboot. ### I have a security issue diff --git a/Makefile b/Makefile index 104a6b4..86a77ac 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,11 @@ # Creates a dev package containing the Secretive app and CLI -# Usage: make +# Usage: +# make - Build unsigned (no keychain/Secure Enclave access) +# make SIGN=1 TEAM=XXXXXX - Build with development signing (enables keychain access) +# +# To find your team ID, run: +# security find-identity -v -p codesigning +# Look for "Apple Development: Your Name (TEAMID)" - the TEAMID is in parentheses at the end PROJECT_DIR := $(abspath $(dir $(lastword $(MAKEFILE_LIST)))) BUILD_DIR := $(PROJECT_DIR)/build @@ -16,26 +22,51 @@ FINAL_PKG := $(BUILD_DIR)/Secretive-dev-unsigned.pkg XCODEBUILD := xcodebuild -project $(PROJECT_DIR)/Sources/Secretive.xcodeproj +# Signing configuration +# SIGN_IDENTITY can be set to a specific identity, otherwise defaults to "Apple Development" +SIGN_IDENTITY ?= Apple Development + +ifdef SIGN + CODE_SIGN_ARGS := CODE_SIGNING_ALLOWED=YES CODE_SIGNING_REQUIRED=YES CODE_SIGN_STYLE=Automatic + ifdef TEAM + CODE_SIGN_ARGS += DEVELOPMENT_TEAM=$(TEAM) + endif +else + CODE_SIGN_ARGS := CODE_SIGNING_ALLOWED=NO CODE_SIGNING_REQUIRED=NO CODE_SIGN_IDENTITY="" +endif + .PHONY: all clean all: $(FINAL_PKG) @echo "Built: $(FINAL_PKG)" +# Validate TEAM is set when SIGN is enabled +ifdef SIGN +ifndef TEAM +$(error SIGN=1 requires TEAM=. Find it with: security find-identity -v -p codesigning) +endif +endif + $(ARCHIVE): @mkdir -p $(BUILD_DIR) - $(XCODEBUILD) -scheme Secretive -configuration Release CODE_SIGNING_ALLOWED=NO CODE_SIGNING_REQUIRED=NO CODE_SIGN_IDENTITY="" -archivePath $(ARCHIVE) archive + $(XCODEBUILD) -scheme Secretive -configuration Release $(CODE_SIGN_ARGS) -archivePath $(ARCHIVE) archive $(APP_BUNDLE): $(ARCHIVE) @rm -rf $(APP_BUNDLE) cp -R $(ARCHIVE)/Products/Applications/Secretive.app $(APP_BUNDLE) +CLI_ENTITLEMENTS_SRC := $(PROJECT_DIR)/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements +CLI_ENTITLEMENTS := $(BUILD_DIR)/SecretiveCLI.entitlements + $(CLI_BIN): @mkdir -p $(BUILD_DIR) - cd $(PROJECT_DIR)/Sources/Packages && xcodebuild -scheme SecretiveCLI -configuration Release \ - -destination 'platform=macOS' CODE_SIGNING_ALLOWED=NO CODE_SIGNING_REQUIRED=NO CODE_SIGN_IDENTITY="" \ - SYMROOT=$(BUILD_DIR)/xcode-cli build - cp $(BUILD_DIR)/xcode-cli/Release/SecretiveCLI $(CLI_BIN) - cp -R $(BUILD_DIR)/xcode-cli/Release/*.bundle $(BUILD_DIR)/ 2>/dev/null || true + swift build -c release --product SecretiveCLI --package-path $(PROJECT_DIR)/Sources/Packages + cp $(PROJECT_DIR)/Sources/Packages/.build/release/SecretiveCLI $(CLI_BIN) +ifdef SIGN + @echo "Signing CLI binary with team $(TEAM)..." + @sed 's/$$(AppIdentifierPrefix)/$(TEAM)./g' $(CLI_ENTITLEMENTS_SRC) > $(CLI_ENTITLEMENTS) + codesign --force --sign "$(SIGN_IDENTITY)" --entitlements $(CLI_ENTITLEMENTS) $(CLI_BIN) +endif $(APP_ROOT): $(APP_BUNDLE) @rm -rf $(APP_ROOT) @@ -48,10 +79,10 @@ $(CLI_ROOT): $(CLI_BIN) cp $(CLI_BIN) $(CLI_ROOT)/secretive $(APP_PKG): $(APP_ROOT) - pkgbuild --root $(APP_ROOT) --install-location /Applications --identifier com.maxgoedjen.Secretive.app --version 0.0.0-dev $(APP_PKG) + pkgbuild --root $(APP_ROOT) --install-location /Applications --identifier com.cursorinternal.Secretive.app --version 0.0.0-dev $(APP_PKG) $(CLI_PKG): $(CLI_ROOT) - pkgbuild --root $(CLI_ROOT) --install-location /usr/local/bin --identifier com.maxgoedjen.Secretive.cli --version 0.0.0-dev $(CLI_PKG) + pkgbuild --root $(CLI_ROOT) --install-location /usr/local/bin --identifier com.cursorinternal.Secretive.cli --version 0.0.0-dev $(CLI_PKG) $(DIST): @mkdir -p $(BUILD_DIR) @@ -59,31 +90,32 @@ $(DIST): '' \ '' \ ' Secretive (Dev)' \ - ' com.maxgoedjen' \ + ' com.cursorinternal' \ ' ' \ ' ' \ - ' ' \ - ' ' \ + ' ' \ + ' ' \ ' ' \ ' ' \ - ' ' \ - ' ' \ + ' ' \ + ' ' \ ' ' \ ' ' \ ' ' \ - ' ' \ - ' ' \ + ' ' \ + ' ' \ ' ' \ - ' ' \ - ' ' \ + ' ' \ + ' ' \ ' ' \ - ' App.pkg' \ - ' CLI.pkg' \ + ' App.pkg' \ + ' CLI.pkg' \ '' \ > $(DIST) $(FINAL_PKG): $(APP_PKG) $(CLI_PKG) $(DIST) productbuild --distribution $(DIST) --package-path $(BUILD_DIR) $(FINAL_PKG) + @rm -rf $(ARCHIVE) $(APP_BUNDLE) $(APP_ROOT) $(APP_PKG) $(CLI_BIN) $(CLI_ROOT) $(CLI_PKG) $(DIST) clean: rm -rf $(BUILD_DIR) diff --git a/Sources/Packages/Package.swift b/Sources/Packages/Package.swift index 248b963..2fbb709 100644 --- a/Sources/Packages/Package.swift +++ b/Sources/Packages/Package.swift @@ -37,7 +37,7 @@ let package = Package( targets: [ .target( name: "SecretKit", - dependencies: [], + dependencies: ["Localizations"], resources: [localization], swiftSettings: swiftSettings, ), @@ -54,13 +54,13 @@ let package = Package( ), .target( name: "SecureEnclaveSecretKit", - dependencies: ["SecretKit", "Localizations"], + dependencies: ["SecretKit"], resources: [localization], swiftSettings: swiftSettings, ), .target( name: "SmartCardSecretKit", - dependencies: ["SecretKit", "Localizations"], + dependencies: ["SecretKit"], resources: [localization], swiftSettings: swiftSettings, ), @@ -97,12 +97,10 @@ let package = Package( .executableTarget( name: "SecretiveCLI", dependencies: [ - "SecretAgentKit", "SecureEnclaveSecretKit", "SmartCardSecretKit", "SecretKit", "Common", - "Localizations", ], exclude: ["Generated"], swiftSettings: swiftSettings, diff --git a/Sources/Packages/Sources/Brief/Updater.swift b/Sources/Packages/Sources/Brief/Updater.swift index 12be1ee..970165b 100644 --- a/Sources/Packages/Sources/Brief/Updater.swift +++ b/Sources/Packages/Sources/Brief/Updater.swift @@ -47,7 +47,7 @@ import XPCWrappers /// Manually trigger an update check. public func checkForUpdates() async throws { - let session = try await XPCTypedSession<[Release], Never>(serviceName: "com.maxgoedjen.Secretive.SecretiveUpdater") + let session = try await XPCTypedSession<[Release], Never>(serviceName: "com.cursorinternal.Secretive.SecretiveUpdater") await evaluate(releases: try await session.send()) session.complete() } @@ -95,7 +95,7 @@ extension Updater { /// The user defaults used to store user ignore state. var defaults: UserDefaults { - UserDefaults(suiteName: "com.maxgoedjen.Secretive.updater.ignorelist")! + UserDefaults(suiteName: "com.cursorinternal.Secretive.updater.ignorelist")! } } diff --git a/Sources/Packages/Sources/SecretAgentKit/Agent.swift b/Sources/Packages/Sources/SecretAgentKit/Agent.swift index 83ce175..5665a8d 100644 --- a/Sources/Packages/Sources/SecretAgentKit/Agent.swift +++ b/Sources/Packages/Sources/SecretAgentKit/Agent.swift @@ -12,7 +12,7 @@ public final class Agent: Sendable { private let publicKeyWriter = OpenSSHPublicKeyWriter() private let signatureWriter = OpenSSHSignatureWriter() private let certificateHandler = OpenSSHCertificateHandler() - private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "Agent") + private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "Agent") /// Initializes an agent with a store list and a witness. /// - Parameters: diff --git a/Sources/Packages/Sources/SecretAgentKit/OpenSSHCertificateHandler.swift b/Sources/Packages/Sources/SecretAgentKit/OpenSSHCertificateHandler.swift index 5451e49..86aef3f 100644 --- a/Sources/Packages/Sources/SecretAgentKit/OpenSSHCertificateHandler.swift +++ b/Sources/Packages/Sources/SecretAgentKit/OpenSSHCertificateHandler.swift @@ -6,7 +6,7 @@ import SecretKit public actor OpenSSHCertificateHandler: Sendable { private let publicKeyFileStoreController = PublicKeyFileStoreController(homeDirectory: URL.homeDirectory) - private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "OpenSSHCertificateHandler") + private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "OpenSSHCertificateHandler") private let writer = OpenSSHPublicKeyWriter() private var keyBlobsAndNames: [AnySecret: (Data, Data)] = [:] diff --git a/Sources/Packages/Sources/SecretAgentKit/SSHAgentInputParser.swift b/Sources/Packages/Sources/SecretAgentKit/SSHAgentInputParser.swift index 6e9a2ee..68b6e0f 100644 --- a/Sources/Packages/Sources/SecretAgentKit/SSHAgentInputParser.swift +++ b/Sources/Packages/Sources/SecretAgentKit/SSHAgentInputParser.swift @@ -10,7 +10,7 @@ public protocol SSHAgentInputParserProtocol { public struct SSHAgentInputParser: SSHAgentInputParserProtocol { - private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "InputParser") + private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "InputParser") public init() { diff --git a/Sources/Packages/Sources/SecretAgentKit/SocketController.swift b/Sources/Packages/Sources/SecretAgentKit/SocketController.swift index 7839037..a3e981a 100644 --- a/Sources/Packages/Sources/SecretAgentKit/SocketController.swift +++ b/Sources/Packages/Sources/SecretAgentKit/SocketController.swift @@ -18,7 +18,7 @@ public struct SocketController { private let fileHandle: FileHandle /// Logger for the socket controller. - private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "SocketController") + private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "SocketController") /// Tracer which determines who originates a socket connection. private let requestTracer = SigningRequestTracer() @@ -74,7 +74,7 @@ extension SocketController { private let messagesContinuation: AsyncStream.Continuation /// A logger for the session. - private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "Session") + private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "Session") /// Initializes a new Session. /// - Parameter fileHandle: The FileHandle used to communicate with the socket. diff --git a/Sources/Packages/Sources/SecretKit/LocalizationsExport.swift b/Sources/Packages/Sources/SecretKit/LocalizationsExport.swift new file mode 100644 index 0000000..a95852e --- /dev/null +++ b/Sources/Packages/Sources/SecretKit/LocalizationsExport.swift @@ -0,0 +1,3 @@ +// Copyright Anysphere Inc. +// Re-exports Localizations module so dependent modules can access localization extensions. +@_exported import Localizations diff --git a/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift b/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift index 49e417e..b593df3 100644 --- a/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift +++ b/Sources/Packages/Sources/SecretKit/PublicKeyStandinFileController.swift @@ -4,7 +4,7 @@ import OSLog /// Controller responsible for writing public keys to disk, so that they're easily accessible by scripts. public final class PublicKeyFileStoreController: Sendable { - private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "PublicKeyFileStoreController") + private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "PublicKeyFileStoreController") private let directory: URL private let keyWriter = OpenSSHPublicKeyWriter() diff --git a/Sources/Packages/Sources/SecretKit/Types/SecretStore.swift b/Sources/Packages/Sources/SecretKit/Types/SecretStore.swift index 42b4db9..ad496d1 100644 --- a/Sources/Packages/Sources/SecretKit/Types/SecretStore.swift +++ b/Sources/Packages/Sources/SecretKit/Types/SecretStore.swift @@ -96,8 +96,8 @@ public struct KeyAvailability: Sendable { extension NSNotification.Name { // Distributed notification that keys were modified out of process (ie, that the management tool added/removed secrets) - public static let secretStoreUpdated = NSNotification.Name("com.maxgoedjen.Secretive.secretStore.updated") + public static let secretStoreUpdated = NSNotification.Name("com.cursorinternal.Secretive.secretStore.updated") // Internal notification that keys were reloaded from the backing store. - public static let secretStoreReloaded = NSNotification.Name("com.maxgoedjen.Secretive.secretStore.reloaded") + public static let secretStoreReloaded = NSNotification.Name("com.cursorinternal.Secretive.secretStore.reloaded") } diff --git a/Sources/Packages/Sources/SecretiveCLI/README.md b/Sources/Packages/Sources/SecretiveCLI/README.md index aa80aa6..ecb7737 100644 --- a/Sources/Packages/Sources/SecretiveCLI/README.md +++ b/Sources/Packages/Sources/SecretiveCLI/README.md @@ -1,6 +1,8 @@ # Secretive CLI -A command-line interface for Secretive that provides full key management and SSH agent functionality, sharing the same keychain and socket path as the GUI application. +A command-line interface companion for Secretive that provides key management capabilities, sharing the same keychain and socket path as the GUI application. + +**Note:** The CLI is a helper tool for the main Secretive app. The SSH agent is managed by the Secretive GUI app - the CLI can check its status but does not run its own agent. ## Installation @@ -37,7 +39,7 @@ The CLI uses the entitlements file at `SecretiveCLI.entitlements`: keychain-access-groups - $(AppIdentifierPrefix)com.maxgoedjen.Secretive + $(AppIdentifierPrefix)com.cursorinternal.Secretive @@ -51,41 +53,31 @@ Sign the CLI binary with: codesign --force \ --sign "Developer ID Application: YOUR_TEAM_NAME" \ --options runtime \ - --identifier com.maxgoedjen.Secretive.Host \ + --identifier com.cursorinternal.Secretive.Host \ --entitlements Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements \ Sources/Packages/.build/release/SecretiveCLI ``` Replace `YOUR_TEAM_NAME` with your actual Developer ID or use your team's signing identity. -**Important:** The `--identifier` must be `com.maxgoedjen.Secretive.Host` to match the GUI app's bundle identifier, ensuring the CLI can access the same keychain items. +**Important:** The `--identifier` must be `com.cursorinternal.Secretive.Host` to match the GUI app's bundle identifier, ensuring the CLI can access the same keychain items. ## Usage ### Agent Management -Install and manage the SSH agent as a launchd service: +Check and control Secretive's SSH agent: ```bash -# Install the agent as a launchd service -secretive agent install - -# Start the agent -secretive agent start - # Check agent status secretive agent status -# Stop the agent -secretive agent stop - -# Uninstall the agent -secretive agent uninstall - -# Run agent in foreground (for testing) -secretive agent run +# Start the agent (if not already running) +secretive agent start ``` +The SSH agent is bundled with the Secretive GUI app. The `start` command will locate and launch the agent from the installed Secretive.app. + ### Key Management Manage SSH keys stored in the Secure Enclave: @@ -110,27 +102,27 @@ secretive key update "My Key Name" ## Socket Path The CLI uses the same socket path as the GUI app: -- Production: `~/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh` -- Debug: `~/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket-debug.ssh` +- Production: `~/Library/Containers/com.cursorinternal.Secretive.SecretAgent/Data/socket.ssh` +- Debug: `~/Library/Containers/com.cursorinternal.Secretive.SecretAgent/Data/socket-debug.ssh` Set `SSH_AUTH_SOCK` to this path to use the agent: ```bash -export SSH_AUTH_SOCK=~/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh +export SSH_AUTH_SOCK=~/Library/Containers/com.cursorinternal.Secretive.SecretAgent/Data/socket.ssh ``` ## Keychain Access -The CLI shares the same keychain access group as the GUI app (`com.maxgoedjen.Secretive`), allowing it to: +The CLI shares the same keychain access group as the GUI app (`com.cursorinternal.Secretive`), allowing it to: - Access keys created by the GUI app - Create keys that are accessible by the GUI app - Use the same Secure Enclave storage -This is achieved by signing the CLI with the same bundle identifier (`com.maxgoedjen.Secretive.Host`) and keychain access group entitlements. +This is achieved by signing the CLI with the same bundle identifier (`com.cursorinternal.Secretive.Host`) and keychain access group entitlements. ## Notes - The CLI uses the same `SecretStoreList` setup as the GUI app, including Secure Enclave and Smart Card stores - Keys created via CLI will appear in the GUI app and vice versa -- The agent can be run either via launchd (recommended) or in foreground mode for testing +- The SSH agent runs as part of the Secretive GUI app - use the CLI's `agent status` command to check if it's running - All key operations require appropriate authentication (Touch ID, Apple Watch, or password) as configured per key diff --git a/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements b/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements index 246a51d..40848a3 100644 --- a/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements +++ b/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.entitlements @@ -6,8 +6,9 @@ keychain-access-groups - $(AppIdentifierPrefix)com.maxgoedjen.Secretive + $(AppIdentifierPrefix)com.cursorinternal.Secretive + diff --git a/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.swift b/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.swift index 69f47d0..76b83c5 100644 --- a/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.swift +++ b/Sources/Packages/Sources/SecretiveCLI/SecretiveCLI.swift @@ -1,6 +1,5 @@ import Foundation -import Darwin -import SecretAgentKit +import AppKit import SecretKit import SecureEnclaveSecretKit import SmartCardSecretKit @@ -9,7 +8,7 @@ import OSLog @main struct SecretiveCLI { - private static let logger = Logger(subsystem: "com.maxgoedjen.secretive.cli", category: "CLI") + private static let logger = Logger(subsystem: "com.cursorinternal.secretive.cli", category: "CLI") static func main() async { let args = Array(CommandLine.arguments.dropFirst()) @@ -46,13 +45,8 @@ struct SecretiveCLI { Usage: secretive-cli [options] Commands: - agent Manage SSH agent - install Install agent as launchd service - uninstall Uninstall agent from launchd - start Start the agent service - stop Stop the agent service - status Check agent status - run Run agent in foreground (for testing) + agent status Check if Secretive's SSH agent is running + agent start Start Secretive's SSH agent key Manage SSH keys generate [name] Generate a new key (default: "Secretive Key") @@ -70,211 +64,109 @@ struct SecretiveCLI { extension SecretiveCLI { + private static let agentBundleID = "com.cursorinternal.Secretive.SecretAgent" + private static let secretiveBundleID = "com.cursorinternal.Secretive.Host" + static func handleAgentCommand(args: [String]) async throws { guard let subcommand = args.first else { - print("Agent subcommand required: install, uninstall, start, stop, status, or run") + print("Agent subcommand required: status, start") exit(1) } switch subcommand { - case "install": - try await installAgent() - case "uninstall": - try await uninstallAgent() - case "start": - try await startAgent() - case "stop": - try await stopAgent() case "status": try await checkAgentStatus() - case "run": - try await runAgent() + case "start": + try await startAgent() default: print("Unknown agent subcommand: \(subcommand)") + print("Available: status, start") exit(1) } } - static func installAgent() async throws { - let plistPath = launchdPlistPath - let plistDir = (plistPath as NSString).deletingLastPathComponent + static func checkAgentStatus() async throws { + // Check if the main Secretive app's SecretAgent is running + let runningAgents = NSRunningApplication.runningApplications(withBundleIdentifier: agentBundleID) - // Create directory if needed - try FileManager.default.createDirectory(atPath: plistDir, withIntermediateDirectories: true) - - // Get the CLI binary path - guard let cliPath = Bundle.main.executablePath else { - throw CLIError("Could not determine CLI binary path") + if let agent = runningAgents.first { + print("Secretive agent is running") + if let url = agent.bundleURL { + print(" Path: \(url.path)") + } + print(" PID: \(agent.processIdentifier)") + + // Also check socket + let socketPath = URL.socketPath + if FileManager.default.fileExists(atPath: socketPath) { + print(" Socket: \(socketPath)") + } + } else { + print("Secretive agent is not running") + print("Run 'secretive agent start' to start it") } - - // Create plist content - let plist: [String: Any] = [ - "Label": launchdServiceLabel, - "ProgramArguments": [cliPath, "agent", "run"], - "RunAtLoad": true, - "KeepAlive": true, - "StandardOutPath": "/dev/null", - "StandardErrorPath": "/dev/null", - "EnvironmentVariables": [ - "SSH_AUTH_SOCK": socketPath - ] - ] - - let plistData = try PropertyListSerialization.data(fromPropertyList: plist, format: .xml, options: 0) - try plistData.write(to: URL(fileURLWithPath: plistPath)) - - // Bootstrap the service - let process = Process() - process.executableURL = URL(fileURLWithPath: "/bin/launchctl") - process.arguments = ["bootstrap", "gui/\(getuid())", plistPath] - - try process.run() - process.waitUntilExit() - - if process.terminationStatus != 0 { - throw CLIError("Failed to install agent: launchctl bootstrap returned \(process.terminationStatus)") - } - - print("Agent installed successfully") - } - - static func uninstallAgent() async throws { - let plistPath = launchdPlistPath - - // Unbootstrap the service - let process = Process() - process.executableURL = URL(fileURLWithPath: "/bin/launchctl") - process.arguments = ["bootout", "gui/\(getuid())", launchdServiceLabel] - - try process.run() - process.waitUntilExit() - - // Remove plist file if it exists - if FileManager.default.fileExists(atPath: plistPath) { - try FileManager.default.removeItem(atPath: plistPath) - } - - print("Agent uninstalled successfully") } static func startAgent() async throws { - let process = Process() - process.executableURL = URL(fileURLWithPath: "/bin/launchctl") - process.arguments = ["kickstart", "gui/\(getuid())/\(launchdServiceLabel)"] - - try process.run() - process.waitUntilExit() - - if process.terminationStatus != 0 { - throw CLIError("Failed to start agent: launchctl kickstart returned \(process.terminationStatus)") + // Check if already running + let runningAgents = NSRunningApplication.runningApplications(withBundleIdentifier: agentBundleID) + if !runningAgents.isEmpty { + print("Secretive agent is already running") + return } - print("Agent started") - } - - static func stopAgent() async throws { - let process = Process() - process.executableURL = URL(fileURLWithPath: "/bin/launchctl") - process.arguments = ["kill", "gui/\(getuid())/\(launchdServiceLabel)"] + // Find the SecretAgent app inside the installed Secretive app + guard let agentURL = findSecretAgentApp() else { + throw CLIError("Could not find Secretive.app. Please ensure Secretive is installed in /Applications or ~/Applications.") + } - try process.run() - process.waitUntilExit() + print("Starting Secretive agent...") + let config = NSWorkspace.OpenConfiguration() + config.activates = false - print("Agent stopped") - } - - static func checkAgentStatus() async throws { - let process = Process() - process.executableURL = URL(fileURLWithPath: "/bin/launchctl") - process.arguments = ["list", launchdServiceLabel] - - let pipe = Pipe() - process.standardOutput = pipe - - try process.run() - process.waitUntilExit() - - let data = pipe.fileHandleForReading.readDataToEndOfFile() - let output = String(data: data, encoding: .utf8) ?? "" - - if process.terminationStatus == 0 && !output.isEmpty { - print("Agent is running") - print(output) - } else { - print("Agent is not running") + do { + try await NSWorkspace.shared.openApplication(at: agentURL, configuration: config) + // Give it a moment to start + try await Task.sleep(for: .seconds(1)) + + // Verify it started + let agents = NSRunningApplication.runningApplications(withBundleIdentifier: agentBundleID) + if !agents.isEmpty { + print("Secretive agent started successfully") + } else { + print("Warning: Agent may not have started. Check Secretive.app for details.") + } + } catch { + throw CLIError("Failed to start agent: \(error.localizedDescription)") } } - static func runAgent() async throws { - logger.info("Starting SSH agent") + private static func findSecretAgentApp() -> URL? { + let fileManager = FileManager.default - // Set up store list - let storeList: SecretStoreList = await MainActor.run { - let list = SecretStoreList() - let cryptoKit = SecureEnclave.Store() - let migrator = SecureEnclave.CryptoKitMigrator() - try? migrator.migrate(to: cryptoKit) - list.add(store: cryptoKit) - list.add(store: SmartCard.Store()) - return list - } + // Possible locations for Secretive.app + let searchPaths = [ + "/Applications/Secretive.app", + "\(fileManager.homeDirectoryForCurrentUser.path)/Applications/Secretive.app" + ] - // Create agent (no witness for CLI) - let agent = Agent(storeList: storeList, witness: nil) - - // Set up socket controller - let socket = SocketController(path: socketPath) - - // Set up input parser (use direct parser, not XPC) - let parser = SSHAgentInputParser() - - logger.info("SSH agent listening on \(socketPath)") - print("SSH agent running on \(socketPath)") - print("Set SSH_AUTH_SOCK=\(socketPath) to use this agent") - - func handleSession(_ session: SocketController.Session) async { - do { - for await message in session.messages { - let request = try parser.parse(data: message) - let response = await agent.handle(request: request, provenance: session.provenance) - try await MainActor.run { - try session.write(response) - } - } - } catch { - logger.error("Session error: \(error.localizedDescription)") - try? session.close() + for path in searchPaths { + let secretiveURL = URL(fileURLWithPath: path) + let agentURL = secretiveURL.appendingPathComponent("Contents/Library/LoginItems/SecretAgent.app") + if fileManager.fileExists(atPath: agentURL.path) { + return agentURL } } - // Handle sessions - for await session in socket.sessions { - await handleSession(session) + // Also try to find via Launch Services + if let secretiveURL = NSWorkspace.shared.urlForApplication(withBundleIdentifier: secretiveBundleID) { + let agentURL = secretiveURL.appendingPathComponent("Contents/Library/LoginItems/SecretAgent.app") + if fileManager.fileExists(atPath: agentURL.path) { + return agentURL + } } - } - - // MARK: - Agent Paths - - static var socketPath: String { - // Use the same socket path as the GUI app - // This matches URL.socketPath from Common module, which constructs: - // ~/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh - let home = FileManager.default.homeDirectoryForCurrentUser.path - let containerPath = "\(home)/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data" - #if DEBUG - return "\(containerPath)/socket-debug.ssh" - #else - return "\(containerPath)/socket.ssh" - #endif - } - - static var launchdServiceLabel: String { - "com.maxgoedjen.secretive.cli" - } - - static var launchdPlistPath: String { - let home = FileManager.default.homeDirectoryForCurrentUser.path - return "\(home)/Library/LaunchAgents/\(launchdServiceLabel).plist" + + return nil } } diff --git a/Sources/Packages/Sources/SecureEnclaveSecretKit/CryptoKitMigrator.swift b/Sources/Packages/Sources/SecureEnclaveSecretKit/CryptoKitMigrator.swift index 68c73b2..768b7b8 100644 --- a/Sources/Packages/Sources/SecureEnclaveSecretKit/CryptoKitMigrator.swift +++ b/Sources/Packages/Sources/SecureEnclaveSecretKit/CryptoKitMigrator.swift @@ -9,7 +9,7 @@ extension SecureEnclave { public struct CryptoKitMigrator { - private let logger = Logger(subsystem: "com.maxgoedjen.secretive.migration", category: "CryptoKitMigrator") + private let logger = Logger(subsystem: "com.cursorinternal.secretive.migration", category: "CryptoKitMigrator") public init() { } diff --git a/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift b/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift index 7f2fc55..8fea832 100644 --- a/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift +++ b/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift @@ -287,7 +287,7 @@ extension SecureEnclave.Store { enum Constants { static let keyClass = kSecClassGenericPassword as String - static let keyTag = Data("com.maxgoedjen.secretive.secureenclave.key".utf8) + static let keyTag = Data("com.cursorinternal.secretive.secureenclave.key".utf8) static let notificationToken = UUID().uuidString } diff --git a/Sources/Packages/Sources/XPCWrappers/XPCServiceDelegate.swift b/Sources/Packages/Sources/XPCWrappers/XPCServiceDelegate.swift index 9fd9216..0770e1c 100644 --- a/Sources/Packages/Sources/XPCWrappers/XPCServiceDelegate.swift +++ b/Sources/Packages/Sources/XPCWrappers/XPCServiceDelegate.swift @@ -53,7 +53,7 @@ public final class XPCServiceDelegate: NSObject, NSXPCListenerDelegate { extension NSError { private enum Constants { - static let domain = "com.maxgoedjen.secretive.xpcwrappers" + static let domain = "com.cursorinternal.secretive.xpcwrappers" static let code = -1 static let dataKey = "underlying" } diff --git a/Sources/SecretAgent/AppDelegate.swift b/Sources/SecretAgent/AppDelegate.swift index b49cb81..29001a6 100644 --- a/Sources/SecretAgent/AppDelegate.swift +++ b/Sources/SecretAgent/AppDelegate.swift @@ -30,7 +30,7 @@ class AppDelegate: NSObject, NSApplicationDelegate { let path = URL.socketPath as String return SocketController(path: path) }() - private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "AppDelegate") + private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "AppDelegate") func applicationDidFinishLaunching(_ aNotification: Notification) { logger.debug("SecretAgent finished launching") diff --git a/Sources/SecretAgent/Notifier.swift b/Sources/SecretAgent/Notifier.swift index fa48cdd..777a1b1 100644 --- a/Sources/SecretAgent/Notifier.swift +++ b/Sources/SecretAgent/Notifier.swift @@ -114,18 +114,18 @@ extension Notifier { enum Constants { // Update notifications - static let updateCategoryIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.update" - static let criticalUpdateCategoryIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.update.critical" - static let updateActionIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.update.updateaction" - static let ignoreActionIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.update.ignoreaction" + static let updateCategoryIdentitifier = "com.cursorinternal.Secretive.SecretAgent.update" + static let criticalUpdateCategoryIdentitifier = "com.cursorinternal.Secretive.SecretAgent.update.critical" + static let updateActionIdentitifier = "com.cursorinternal.Secretive.SecretAgent.update.updateaction" + static let ignoreActionIdentitifier = "com.cursorinternal.Secretive.SecretAgent.update.ignoreaction" // Authorization persistence notificatoins - static let persistAuthenticationCategoryIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication" - static let doNotPersistActionIdentitifier = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.donotpersist" - static let persistForActionIdentitifierPrefix = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.persist." + static let persistAuthenticationCategoryIdentitifier = "com.cursorinternal.Secretive.SecretAgent.persistauthentication" + static let doNotPersistActionIdentitifier = "com.cursorinternal.Secretive.SecretAgent.persistauthentication.donotpersist" + static let persistForActionIdentitifierPrefix = "com.cursorinternal.Secretive.SecretAgent.persistauthentication.persist." - static let persistSecretIDKey = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.secretidkey" - static let persistStoreIDKey = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.storeidkey" + static let persistSecretIDKey = "com.cursorinternal.Secretive.SecretAgent.persistauthentication.secretidkey" + static let persistStoreIDKey = "com.cursorinternal.Secretive.SecretAgent.persistauthentication.storeidkey" } } diff --git a/Sources/SecretAgent/SecretAgent.entitlements b/Sources/SecretAgent/SecretAgent.entitlements index c9423c4..5ad9af6 100644 --- a/Sources/SecretAgent/SecretAgent.entitlements +++ b/Sources/SecretAgent/SecretAgent.entitlements @@ -6,7 +6,7 @@ keychain-access-groups - $(AppIdentifierPrefix)com.maxgoedjen.Secretive + $(AppIdentifierPrefix)com.cursorinternal.Secretive diff --git a/Sources/SecretAgent/XPCInputParser.swift b/Sources/SecretAgent/XPCInputParser.swift index b78f316..9c94791 100644 --- a/Sources/SecretAgent/XPCInputParser.swift +++ b/Sources/SecretAgent/XPCInputParser.swift @@ -7,12 +7,12 @@ import OSLog /// Delegates all agent input parsing to an XPC service which wraps OpenSSH public final class XPCAgentInputParser: SSHAgentInputParserProtocol { - private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "XPCAgentInputParser") + private let logger = Logger(subsystem: "com.cursorinternal.secretive.secretagent", category: "XPCAgentInputParser") private let session: XPCTypedSession public init() async throws { logger.debug("Creating XPCAgentInputParser") - session = try await XPCTypedSession(serviceName: "com.maxgoedjen.Secretive.SecretAgentInputParser", warmup: true) + session = try await XPCTypedSession(serviceName: "com.cursorinternal.Secretive.SecretAgentInputParser", warmup: true) logger.debug("XPCAgentInputParser is warmed up.") } diff --git a/Sources/SecretAgentInputParser/SecretAgentInputParser.swift b/Sources/SecretAgentInputParser/SecretAgentInputParser.swift index cc0c8fd..f0b6a90 100644 --- a/Sources/SecretAgentInputParser/SecretAgentInputParser.swift +++ b/Sources/SecretAgentInputParser/SecretAgentInputParser.swift @@ -5,7 +5,7 @@ import SecretAgentKit final class SecretAgentInputParser: NSObject, XPCProtocol { - private let logger = Logger(subsystem: "com.maxgoedjen.secretive.SecretAgentInputParser", category: "SecretAgentInputParser") + private let logger = Logger(subsystem: "com.cursorinternal.secretive.SecretAgentInputParser", category: "SecretAgentInputParser") func process(_ data: Data) async throws -> SSHAgent.Request { let parser = SSHAgentInputParser() diff --git a/Sources/Secretive.xcodeproj/project.pbxproj b/Sources/Secretive.xcodeproj/project.pbxproj index bcd4b37..0bd3db9 100644 --- a/Sources/Secretive.xcodeproj/project.pbxproj +++ b/Sources/Secretive.xcodeproj/project.pbxproj @@ -960,7 +960,7 @@ ); MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.Host; PRODUCT_NAME = "$(TARGET_NAME)"; PROVISIONING_PROFILE_SPECIFIER = ""; }; @@ -1000,7 +1000,7 @@ ); MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.Host; PRODUCT_NAME = "$(TARGET_NAME)"; PROVISIONING_PROFILE_SPECIFIER = "Secretive - Host"; }; @@ -1036,7 +1036,7 @@ LOCALIZATION_PREFERS_STRING_CATALOGS = YES; MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1.0; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretiveUpdater; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretiveUpdater; PRODUCT_NAME = "$(TARGET_NAME)"; REGISTER_APP_GROUPS = YES; SKIP_INSTALL = YES; @@ -1076,7 +1076,7 @@ LOCALIZATION_PREFERS_STRING_CATALOGS = YES; MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1.0; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretiveUpdater; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretiveUpdater; PRODUCT_NAME = "$(TARGET_NAME)"; REGISTER_APP_GROUPS = YES; SKIP_INSTALL = YES; @@ -1118,7 +1118,7 @@ LOCALIZATION_PREFERS_STRING_CATALOGS = YES; MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1.0; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretiveUpdater; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretiveUpdater; PRODUCT_NAME = "$(TARGET_NAME)"; PROVISIONING_PROFILE_SPECIFIER = ""; REGISTER_APP_GROUPS = YES; @@ -1150,7 +1150,7 @@ LOCALIZATION_PREFERS_STRING_CATALOGS = YES; MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1.0; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgentInputParser; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgentInputParser; PRODUCT_NAME = "$(TARGET_NAME)"; REGISTER_APP_GROUPS = YES; SKIP_INSTALL = YES; @@ -1180,7 +1180,7 @@ LOCALIZATION_PREFERS_STRING_CATALOGS = YES; MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1.0; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgentInputParser; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgentInputParser; PRODUCT_NAME = "$(TARGET_NAME)"; REGISTER_APP_GROUPS = YES; SKIP_INSTALL = YES; @@ -1212,7 +1212,7 @@ LOCALIZATION_PREFERS_STRING_CATALOGS = YES; MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1.0; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgentInputParser; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgentInputParser; PRODUCT_NAME = "$(TARGET_NAME)"; PROVISIONING_PROFILE_SPECIFIER = ""; REGISTER_APP_GROUPS = YES; @@ -1333,7 +1333,7 @@ ); MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.Host; PRODUCT_NAME = "$(TARGET_NAME)"; }; name = Test; @@ -1366,7 +1366,7 @@ ); MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgent; PRODUCT_NAME = "$(TARGET_NAME)"; }; name = Test; @@ -1401,7 +1401,7 @@ ); MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgent; PRODUCT_NAME = "$(TARGET_NAME)"; }; name = Debug; @@ -1437,7 +1437,7 @@ ); MACOSX_DEPLOYMENT_TARGET = 14.0; MARKETING_VERSION = 1; - PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent; + PRODUCT_BUNDLE_IDENTIFIER = com.cursorinternal.Secretive.SecretAgent; PRODUCT_NAME = "$(TARGET_NAME)"; PROVISIONING_PROFILE_SPECIFIER = "Secretive - Secret Agent"; }; diff --git a/Sources/Secretive/Controllers/AgentStatusChecker.swift b/Sources/Secretive/Controllers/AgentStatusChecker.swift index 6e6cf4e..ea0beec 100644 --- a/Sources/Secretive/Controllers/AgentStatusChecker.swift +++ b/Sources/Secretive/Controllers/AgentStatusChecker.swift @@ -20,7 +20,7 @@ import Common var running: Bool = false var process: NSRunningApplication? = nil - private let logger = Logger(subsystem: "com.maxgoedjen.secretive", category: "LaunchAgentController") + private let logger = Logger(subsystem: "com.cursorinternal.secretive", category: "LaunchAgentController") private let service = SMAppService.loginItem(identifier: Bundle.agentBundleID) nonisolated init() { diff --git a/Sources/Secretive/Controllers/JustUpdatedChecker.swift b/Sources/Secretive/Controllers/JustUpdatedChecker.swift index 75e9483..55de965 100644 --- a/Sources/Secretive/Controllers/JustUpdatedChecker.swift +++ b/Sources/Secretive/Controllers/JustUpdatedChecker.swift @@ -37,8 +37,8 @@ import AppKit extension JustUpdatedChecker { enum Constants { - static let previousVersionUserDefaultsKey = "com.maxgoedjen.Secretive.lastBuild" - static let previousOSVersionUserDefaultsKey = "com.maxgoedjen.Secretive.lastOS" + static let previousVersionUserDefaultsKey = "com.cursorinternal.Secretive.lastBuild" + static let previousOSVersionUserDefaultsKey = "com.cursorinternal.Secretive.lastOS" } } diff --git a/Sources/Secretive/Secretive.entitlements b/Sources/Secretive/Secretive.entitlements index ab2c42b..8b3aea2 100644 --- a/Sources/Secretive/Secretive.entitlements +++ b/Sources/Secretive/Secretive.entitlements @@ -16,7 +16,7 @@ keychain-access-groups - $(AppIdentifierPrefix)com.maxgoedjen.Secretive + $(AppIdentifierPrefix)com.cursorinternal.Secretive