hermes-bsd/hermes_cli
Ben 1928aa0443 fix(managed-scope): honor managed scope in config→env bridges too
Manual verification surfaced a second bypass class beyond the standalone
config loaders: several code paths bridge config.yaml values into os.environ
(HERMES_TIMEZONE, HERMES_REDACT_SECRETS, HERMES_MAX_ITERATIONS, TERMINAL_*,
network.force_ipv4, ...) by reading the raw user YAML, so the env the whole
process reads carried the USER's value even when an administrator pinned it —
e.g. a managed timezone was overridden because gateway/run.py wrote the user's
timezone into HERMES_TIMEZONE, and _resolve_timezone_name() checks the env var
first.

Wired the shared apply_managed_overlay() into every config→env bridge:

- gateway/run.py module-level startup bridge (timezone, redact_secrets,
  max_turns, terminal, display, gateway.strict, ...)
- gateway/run.py _reload_runtime_env_preserving_config_authority (the per-turn
  re-bridge that keeps config authoritative over reloaded .env — must keep
  MANAGED authoritative on every turn, not just startup)
- hermes_cli/main.py early security.redact_secrets / network.force_ipv4 bridge
  (runs before load_config is usable, at import time)
- hermes_cli/send_cmd.py top-level scalar config→env bridge

Verified end-to-end against a writable managed dir (12/12 checks incl. timezone,
logging, model, skin, gateway settings, write-guard) and in a clean process the
gateway per-turn bridge writes HERMES_TIMEZONE=<managed>. Adds an
order-independent regression test for the bridge overlay.
2026-06-19 07:46:33 -07:00
..
dashboard_auth fix(dashboard-auth): warn when public_url override is silently rejected (#43214) 2026-06-10 12:14:57 +10:00
proxy
subcommands feat(skills): find & diff user-modified bundled skills 2026-06-18 12:26:20 +05:30
__init__.py fix(cli): repair non-UTF-8 stdout/stderr on all platforms, not just Windows (#43439) 2026-06-10 02:21:00 -07:00
_parser.py fix(desktop): keep composer usable during reconnect (#45488) 2026-06-13 02:36:09 -07:00
_subprocess_compat.py fix(windows): retry watcher Popen without breakaway when parent job denies it, plus regression tests for the breakaway bit (#40956) 2026-06-07 01:21:58 -07:00
active_sessions.py feat(sessions): add optional max session cap 2026-06-08 15:12:12 -07:00
auth.py feat(billing): /billing terminal billing — interactive TUI + CLI client (#45449) 2026-06-19 01:53:32 +05:30
auth_commands.py fix(auth): add Codex OAuth accounts as distinct pool entries 2026-06-08 11:57:03 -07:00
azure_detect.py
backup.py fix(backup): exclude regeneratable dependency and cache dirs 2026-06-19 14:37:41 +05:30
banner.py fix(mcp): avoid false failed startup status 2026-06-11 09:01:52 -07:00
blueprint_cmd.py refactor(cron): rebrand Cron Recipes -> Automation Blueprints 2026-06-11 10:49:47 -07:00
browser_connect.py
build_info.py
bundles.py
callbacks.py
checkpoints.py
claw.py
cli_agent_setup_mixin.py fix(cli): gate tool-rendering paths with tool_progress_mode, not quiet_mode 2026-06-08 11:29:53 -07:00
cli_commands_mixin.py feat(delegation): async background subagents via delegate_task(background=true) (#40946) 2026-06-15 13:33:12 -07:00
cli_output.py
clipboard.py
codex_models.py
codex_runtime_plugin_migration.py
codex_runtime_switch.py
colors.py
commands.py fix(model): persist /model switch by default across sessions 2026-06-19 07:07:06 -07:00
completion.py
config.py feat(managed-scope): surface managed scope in config show and doctor 2026-06-19 07:46:33 -07:00
container_boot.py fix(docker): skip gateway reconciliation in dashboard container (autodetect) (#46293) 2026-06-15 20:51:48 +10:00
copilot_auth.py
cron.py fix(terminal): block gateway lifecycle commands from inside the gateway process 2026-06-19 11:53:44 +05:30
curator.py feat(curator): make skill consolidation opt-in (prune stays default-on) (#47840) 2026-06-17 05:20:32 -07:00
curses_ui.py
dashboard_register.py fix(cli): persist custom --portal-url to .env on dashboard register (#42435) 2026-06-09 13:56:33 +10:00
debug.py fix(debug): include gui.log (dashboard/TUI/pty/websocket) in hermes debug share 2026-06-19 07:05:42 -07:00
default_soul.py
dep_ensure.py
dingtalk_auth.py
doctor.py fix(managed-scope): honor managed scope in all standalone config loaders 2026-06-19 07:46:33 -07:00
dump.py fix(dump): show commit date instead of release date in hermes debug (#48104) 2026-06-17 16:53:42 -07:00
env_loader.py feat(managed-scope): apply managed .env last with override 2026-06-19 07:46:33 -07:00
fallback_cmd.py
fallback_config.py
gateway.py feat(gateway): multiplex phase 4 — lifecycle guard + per-profile observability 2026-06-19 07:34:15 -07:00
gateway_enroll.py feat(relay): connector⇄gateway channel auth + signed-HTTP inbound receiver + enroll CLI (#48147) 2026-06-18 12:01:54 +10:00
gateway_windows.py fix(gateway): Windows restart no longer causes a silent outage 2026-06-19 06:31:56 -07:00
goals.py
gui_uninstall.py feat: uninstall the Chat GUI without removing the agent (CLI + desktop UI) (#40355) 2026-06-06 18:22:38 -07:00
hooks.py
inventory.py feat(model-picker): add Refresh Models control to bust stale model cache (#48691) 2026-06-18 21:37:41 -07:00
kanban.py fix(kanban): isolate board override per concurrent call 2026-06-04 07:39:53 -07:00
kanban_db.py fix(kanban): treat already-gone worker as terminated, not survived 2026-06-19 07:38:10 -07:00
kanban_decompose.py docs(kanban): clarify decomposer profile roles 2026-06-06 19:29:00 -07:00
kanban_diagnostics.py
kanban_specify.py fix: guard int(os.getenv()) casts against malformed env vars (#40598) 2026-06-07 06:14:24 -07:00
kanban_swarm.py
logs.py
main.py fix(managed-scope): honor managed scope in config→env bridges too 2026-06-19 07:46:33 -07:00
managed_scope.py fix(managed-scope): honor managed scope in all standalone config loaders 2026-06-19 07:46:33 -07:00
managed_uv.py fix(update/windows): don't return _UvResult on Windows (subprocess argv crash) (#39820) 2026-06-05 07:54:08 -05:00
mcp_catalog.py fix(mcp): block exfil-shaped stdio server configs (#46083) 2026-06-14 04:24:14 -07:00
mcp_config.py fix(mcp): block suspicious stdio configs before probe (#46112) 2026-06-14 04:46:54 -07:00
mcp_picker.py
mcp_security.py fix(mcp): block exfil-shaped stdio server configs (#46083) 2026-06-14 04:24:14 -07:00
mcp_startup.py
memory_providers.py fix(desktop): show Hindsight memory provider (#37546) 2026-06-18 16:48:47 -05:00
memory_setup.py feat(memory): improve OpenViking setup UX 2026-06-17 01:04:26 +08:00
middleware.py fix(middleware): single-use next_call guard + deepcopy-safe request copies 2026-06-06 23:07:25 +05:30
migrate.py
model_catalog.py feat(models): seed model-catalog disk cache from checkout on update (#42614) 2026-06-08 22:31:06 -07:00
model_cost_guard.py fix(model): require confirmation for expensive model selections 2026-06-10 00:24:06 -07:00
model_normalize.py fix(gemini): strip native self prefixes before generateContent (#36141) 2026-06-13 13:47:08 -07:00
model_setup_flows.py feat(xai): default to grok-build-0.1 2026-06-16 11:50:17 -07:00
model_switch.py fix(model): persist /model switch by default across sessions 2026-06-19 07:07:06 -07:00
models.py feat(xai): add grok-composer-2.5-fast to xAI OAuth model picker 2026-06-17 09:49:46 -07:00
nous_account.py feat(billing): /credits command — balance + portal top-up handoff (#44776) 2026-06-12 08:51:10 +00:00
nous_billing.py feat(billing): /billing terminal billing — interactive TUI + CLI client (#45449) 2026-06-19 01:53:32 +05:30
nous_subscription.py fix(whatsapp-cloud): review follow-ups for #43921 2026-06-11 07:51:01 -07:00
oneshot.py
pairing.py
partial_compress.py
platforms.py
plugins.py fix(desktop): keep composer usable during reconnect (#45488) 2026-06-13 02:36:09 -07:00
plugins_cmd.py fix(plugins): normalize browser-pasted GitHub repo URLs (#33539) 2026-06-13 13:23:59 -07:00
portal_cli.py feat(cli): make hermes portal run the full quick-setup Nous flow (model picker) 2026-06-04 02:20:31 +05:30
profile_describer.py
profile_distribution.py fix(dist): stop USER_OWNED_EXCLUDE from filtering nested directories 2026-06-07 21:50:57 -07:00
profiles.py feat(gateway): multiplex phase 0 — config flag, profile enumeration, profile-stamped session keys 2026-06-19 07:34:15 -07:00
prompt_size.py
provider_catalog.py feat: unified provider_catalog() — one source for CLI picker and desktop tabs 2026-06-19 07:26:46 -07:00
providers.py fix(doctor): allow vendor slugs for named custom providers 2026-06-08 15:53:09 -07:00
psutil_android.py
pt_input_extras.py
pty_bridge.py fix(pty-bridge): mark os.killpg/getpgid windows-footgun-ok (POSIX-only module) 2026-06-08 07:03:12 -07:00
relaunch.py
runtime_provider.py feat(gateway): multiplex phase 2 — fail-closed profile credential isolation (Workstream A) 2026-06-19 07:34:15 -07:00
secret_prompt.py feat(memory): improve OpenViking setup UX 2026-06-17 01:04:26 +08:00
secrets_cli.py fix(secrets): fail early with clear error when bitwarden setup runs without TTY (#40571) 2026-06-06 18:36:40 -07:00
security_advisories.py
security_audit.py
send_cmd.py fix(managed-scope): honor managed scope in config→env bridges too 2026-06-19 07:46:33 -07:00
service_manager.py fix(docker): supervised gateway uses --replace to take over stale holder (NS-505) (#47555) 2026-06-18 10:49:02 +10:00
session_listing.py fix: harden salvaged session and browser improvements 2026-06-15 07:46:34 -07:00
session_recap.py
setup.py feat(zai): add GLM-5.2 with verified 1M context window 2026-06-14 13:50:36 -07:00
setup_whatsapp_cloud.py fix(whatsapp-cloud): review follow-ups for #43921 2026-06-11 07:51:01 -07:00
skills_config.py fix(skills): apply global|platform disabled union to all resolution sites 2026-06-14 22:54:54 +05:30
skills_hub.py feat(skills): find & diff user-modified bundled skills 2026-06-18 12:26:20 +05:30
skin_engine.py
slack_cli.py
status.py Merge commit '6110aed9b' into feat/whatsapp-cloud-api 2026-06-10 21:39:22 -04:00
stdio.py
suggestions_cmd.py refactor(cron): rebrand Cron Recipes -> Automation Blueprints 2026-06-11 10:49:47 -07:00
telegram_managed_bot.py Add CLI Telegram QR onboarding 2026-06-05 03:20:10 -07:00
timeouts.py
tips.py fix: make profile subprocess HOME policy explicit 2026-06-14 03:20:21 -07:00
tools_config.py refactor: remove agent-callable send_message tool (#47856) 2026-06-17 07:11:23 -07:00
uninstall.py feat: uninstall the Chat GUI without removing the agent (CLI + desktop UI) (#40355) 2026-06-06 18:22:38 -07:00
voice.py
web_server.py feat(desktop): resolve OAuth status for catalog-only account providers 2026-06-19 07:26:46 -07:00
webhook.py
win_pty_bridge.py feat(windows): enable dashboard /chat tab via ConPTY (win_pty_bridge) + tests (#42251) 2026-06-08 11:32:43 -07:00
write_approval_commands.py refactor(memory,skills): replace tri-state write_mode with boolean write_approval (default off) (#43354) 2026-06-09 23:21:14 -07:00
xai_retirement.py