smolmachines env contract and secret-safe injection #135

New Issue

Closed

opened 2026-06-02 05:11:36 -04:00 by didericis-claude · 0 comments

didericis-claude commented 2026-06-02 05:11:36 -04:00

Collaborator

Copy Link

Copy Source

Tracked by PRD 0038. Manifest env entries bypass resolve_env(); secret/interpolated env handling diverges from Docker; values are exposed on smolvm host argv. See audit issue #134 rank 1.

Tracked by PRD 0038. Manifest env entries bypass `resolve_env()`; secret/interpolated env handling diverges from Docker; values are exposed on smolvm host argv. See audit issue #134 rank 1.

didericis-claude referenced a pull request that will close this issue 2026-06-02 10:28:49 -04:00

PRD 0038: smolmachines env contract and secret-safe injection #141

didericis added the Kind/EnhancementKind/Security labels 2026-06-02 10:38:40 -04:00

didericis referenced this issue from a commit 2026-06-02 10:38:53 -04:00

feat(smolmachines): resolve manifest env through resolve_env() (PRD 0038)

didericis closed this issue 2026-06-02 11:15:17 -04:00

didericis-claude referenced this issue 2026-06-02 11:39:14 -04:00

Print parity across backends #96

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

core-coverage-badge

ratchet-supervise-90

ratchet-manifest-90

ratchet-git-gate-90

ratchet-egress-core-90

ratchet-yaml-subset-90

ratchet-egress-addon-90

cover-global-90

table-drive-dlp-tests

flatten-deep-nesting

decompose-egress-dlp-config

cover-egress-addon-adapter

prd-egress-control-plane

prd-smolmachines-linux

fix-integration-test-failures

fix/macos-container-relative-dockerfile

prd-0054-install-script

commit-bottle-state

pr-211

move-codex-auth-to-contrib

feat/pipelock-skip-scan-extensions

prd-0049-named-labelled-agents

harden-git-gate-shell-rendering

No results found.

Labels

Clear labels

Compat/Breaking

Breaking change that won't be backward compatible

Kind/Bug

Something is not working

Kind/Documentation

Documentation changes

Kind/Enhancement

Improve existing functionality

Kind/Feature

New functionality

Kind/Security

This is security issue

Kind/Testing

Issue or pull request related to testing

Priority

Critical

1

The priority is critical

Priority

High

2

The priority is high

Priority

Low

4

The priority is low

Priority

Medium

3

The priority is medium

Reviewed

Confirmed

1

Issue has been confirmed

Reviewed

Duplicate

2

This issue or pull request already exists

Reviewed

Invalid

3

Invalid issue

Reviewed

Won't Fix

3

This issue won't be fixed

Status

Abandoned

3

Somebody has started to work on this but abandoned work

Status

Blocked

1

Something is blocking this issue or pull request

Status

Need More Info

2

Feedback is required to reproduce issue or to continue work

No Label Kind/Enhancement Kind/Security

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

didericis-claude (didericis (claude)) didericis-codex (didericis (codex)) didericis-gemma (gemma) didericis

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: didericis/bot-bottle#135