Skip to content

Remove SHUSH/--no-log compat; migrate store v2→v3; fix agent start and e2e script#22

Merged
cursor[bot] merged 1 commit intomainfrom
cursor/remove-compat-store-migration-1425
Apr 12, 2026
Merged

Remove SHUSH/--no-log compat; migrate store v2→v3; fix agent start and e2e script#22
cursor[bot] merged 1 commit intomainfrom
cursor/remove-compat-store-migration-1425

Conversation

@lbb00
Copy link
Copy Markdown
Member

@lbb00 lbb00 commented Apr 12, 2026

Summary

This change removes legacy compatibility paths the user asked to drop, adds downward-compatible handling for store metadata versions, and fixes regressions uncovered during testing.

Changes

  1. Environment / CLI

    • Removed SHUSH_SOCKET / SHUSH_CAPABILITY fallbacks and the deprecated hidden --no-log flag.
    • Documentation now lists only ONESSH_AGENT_SOCKET and ONESSH_AGENT_CAPABILITY.

  2. Agent subprocess

    • agent start now mirrors the library behavior by setting both ONESSH_AGENT_CAPABILITY and the shush-required capability env on the child process, so the server and CLI agree without reintroducing parent-side SHUSH_* reads.

  3. Encrypted store

    • Centralized version constants in internal/store/version.go.
    • Readers accept store metadata versions in [2, 3]; unlocking a v2 meta.yaml rewrites it to v3 on disk.
    • User/host YAML docs remain v1-only for now (range [1, 1]) with room to extend Min/Write when future formats appear.

  4. logout --all

    • Implemented --all to clear only OneSSH passphrase cache keys (onessh:passphrase:v1: prefix) via ClearPrefix, matching the existing unit test expectations.

  5. E2E

    • Fixed runWithTTY for util-linux script(1) so -c is not consumed by script instead of sh.

Testing

  • go test ./...
Open in Web Open in Cursor 

@cursoragent @lbb00
Remove legacy env/flag compat; add store version migration; fix e2e s…
02453a1 
…cript

- Drop SHUSH_* and deprecated --no-log; document only ONESSH agent env vars.
- Start background agent with both ONESSH_AGENT_CAPABILITY and SHUSH_CAPABILITY
  so the child process matches the parent without reading SHUSH from the parent env.
- Accept older meta.yaml store version 2 and upgrade to 3 on successful unlock.
- Add logout --all using passphrase key prefix clear (fixes unit test).
- Fix e2e TTY helper for util-linux script(1) argument parsing.

Co-authored-by: lbb <mr@lbb00.com>
@cursor cursor Bot marked this pull request as ready for review April 12, 2026 10:35
@cursor cursor Bot merged commit cd5255a into main Apr 12, 2026
2 checks passed
@cursor cursor Bot deleted the cursor/remove-compat-store-migration-1425 branch April 12, 2026 10:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lbb00 @cursoragent