ros/claude-plugins-official
1
0
Fork 0
mirror of https://github.com/anthropics/claude-plugins-official.git synced 2026-03-21 11:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(telegram,discord): migrate to plugin userConfig secrets

Browse Source 
Closes H1 #3617646 via the proper path — plugin userConfig with
sensitive: true routes tokens to keychain (macOS) or .credentials.json
0600 (elsewhere) instead of world-readable .env files.

Requires claude-cli-internal#23383 (PLUGIN_OPTIONS ungate + per-server
sensitive split).

Changes per plugin:
  - plugin.json: add userConfig.{PLATFORM}_BOT_TOKEN with sensitive: true
  - .mcp.json: add env block with ${user_config.{PLATFORM}_BOT_TOKEN}
  - server.ts: update comment + error message to point to
    /plugin reconfigure instead of .env file

The .env read loop stays as a legacy fallback for existing users —
process.env wins (injected value takes precedence), so no migration
forced. New users get prompted at enable time via CC's built-in dialog;
token lands in keychain, never touches settings.json.

/telegram:configure and /discord:configure skills are NOT removed in this
PR — they still work for the legacy .env path. Follow-up: repurpose or
remove after a grace period once cli#23383 is released.

🏠 Remote-Dev: homespace
This commit is contained in:
Daisy Hollman
2026-03-20 21:48:07 +00:00
parent 90accf6fd2
commit 355be7d582
6 changed files with 46 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
external_plugins/discord/.claude-plugin/plugin.json
View File

@@ -1,11 +1,20 @@
{ {
"name": "discord", "name": "discord",
"description": "Discord channel for Claude Code \u2014 messaging bridge with built-in access control. Manage pairing, allowlists, and policy via /discord:access.", "description": "Discord channel for Claude Code messaging bridge with built-in access control. Manage pairing, allowlists, and policy via /discord:access.",
"version": "0.0.1", "version": "0.0.2",
"keywords": [ "keywords": [
"discord", "discord",
"messaging", "messaging",
"channel", "channel",
"mcp" "mcp"
] ],
"userConfig": {
"DISCORD_BOT_TOKEN": {
"type": "string",
"title": "Bot Token",
"description": "Bot token from the Discord Developer Portal. Stored in keychain (macOS) or ~/.claude/.credentials.json with 0600 permissions elsewhere. Never written to settings.json.",
"required": true,
"sensitive": true
}
}
} }

5
external_plugins/discord/.mcp.json
View File

@@ -2,7 +2,10 @@
"mcpServers": { "mcpServers": {
"discord": { "discord": {
"command": "bun", "command": "bun",
"args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"] "args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"],
"env": {
"DISCORD_BOT_TOKEN": "${user_config.DISCORD_BOT_TOKEN}"
}
} }
} }
} }

12
external_plugins/discord/server.ts
View File

@@ -34,10 +34,12 @@ const ACCESS_FILE = join(STATE_DIR, 'access.json')
const APPROVED_DIR = join(STATE_DIR, 'approved') const APPROVED_DIR = join(STATE_DIR, 'approved')
const ENV_FILE = join(STATE_DIR, '.env') const ENV_FILE = join(STATE_DIR, '.env')
// Load ~/.claude/channels/discord/.env into process.env. Real env wins. // Token is injected via ${user_config.DISCORD_BOT_TOKEN} from .mcp.json —
// Plugin-spawned servers don't get an env block — this is where the token lives. // prompted at enable time, stored in keychain (macOS) or .credentials.json 0600
// elsewhere. The .env file below is a legacy fallback for users configured
// before H1 #3617646 — real env wins, so the injected value takes precedence.
try { try {
// Token is a credential — lock to owner. No-op on Windows (would need ACLs). // Defensive chmod for legacy .env files (no-op on Windows).
chmodSync(ENV_FILE, 0o600) chmodSync(ENV_FILE, 0o600)
for (const line of readFileSync(ENV_FILE, 'utf8').split('\n')) { for (const line of readFileSync(ENV_FILE, 'utf8').split('\n')) {
const m = line.match(/^(\w+)=(.*)$/) const m = line.match(/^(\w+)=(.*)$/)
@@ -51,8 +53,8 @@ const STATIC = process.env.DISCORD_ACCESS_MODE === 'static'
if (!TOKEN) { if (!TOKEN) {
process.stderr.write( process.stderr.write(
`discord channel: DISCORD_BOT_TOKEN required\n` + `discord channel: DISCORD_BOT_TOKEN required\n` +
` set in ${ENV_FILE}\n` + ` configure via: /plugin reconfigure discord\n` +
` format: DISCORD_BOT_TOKEN=MTIz...\n`, ` (stored in keychain/credentials.json, not settings.json)\n`,
) )
process.exit(1) process.exit(1)
} }

15
external_plugins/telegram/.claude-plugin/plugin.json
View File

@@ -1,11 +1,20 @@
{ {
"name": "telegram", "name": "telegram",
"description": "Telegram channel for Claude Code \u2014 messaging bridge with built-in access control. Manage pairing, allowlists, and policy via /telegram:access.", "description": "Telegram channel for Claude Code messaging bridge with built-in access control. Manage pairing, allowlists, and policy via /telegram:access.",
"version": "0.0.1", "version": "0.0.2",
"keywords": [ "keywords": [
"telegram", "telegram",
"messaging", "messaging",
"channel", "channel",
"mcp" "mcp"
] ],
"userConfig": {
"TELEGRAM_BOT_TOKEN": {
"type": "string",
"title": "Bot Token",
"description": "Bot token from @BotFather — format is 123456789:AAH... Stored in keychain (macOS) or ~/.claude/.credentials.json with 0600 permissions elsewhere. Never written to settings.json.",
"required": true,
"sensitive": true
}
}
} }

5
external_plugins/telegram/.mcp.json
View File

@@ -2,7 +2,10 @@
"mcpServers": { "mcpServers": {
"telegram": { "telegram": {
"command": "bun", "command": "bun",
"args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"] "args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"],
"env": {
"TELEGRAM_BOT_TOKEN": "${user_config.TELEGRAM_BOT_TOKEN}"
}
} }
} }
} }

12
external_plugins/telegram/server.ts
View File

@@ -27,10 +27,12 @@ const ACCESS_FILE = join(STATE_DIR, 'access.json')
const APPROVED_DIR = join(STATE_DIR, 'approved') const APPROVED_DIR = join(STATE_DIR, 'approved')
const ENV_FILE = join(STATE_DIR, '.env') const ENV_FILE = join(STATE_DIR, '.env')
// Load ~/.claude/channels/telegram/.env into process.env. Real env wins. // Token is injected via ${user_config.TELEGRAM_BOT_TOKEN} from .mcp.json —
// Plugin-spawned servers don't get an env block — this is where the token lives. // prompted at enable time, stored in keychain (macOS) or .credentials.json 0600
// elsewhere. The .env file below is a legacy fallback for users configured
// before H1 #3617646 — real env wins, so the injected value takes precedence.
try { try {
// Token is a credential — lock to owner. No-op on Windows (would need ACLs). // Defensive chmod for legacy .env files (no-op on Windows).
chmodSync(ENV_FILE, 0o600) chmodSync(ENV_FILE, 0o600)
for (const line of readFileSync(ENV_FILE, 'utf8').split('\n')) { for (const line of readFileSync(ENV_FILE, 'utf8').split('\n')) {
const m = line.match(/^(\w+)=(.*)$/) const m = line.match(/^(\w+)=(.*)$/)
@@ -44,8 +46,8 @@ const STATIC = process.env.TELEGRAM_ACCESS_MODE === 'static'
if (!TOKEN) { if (!TOKEN) {
process.stderr.write( process.stderr.write(
`telegram channel: TELEGRAM_BOT_TOKEN required\n` + `telegram channel: TELEGRAM_BOT_TOKEN required\n` +
` set in ${ENV_FILE}\n` + ` configure via: /plugin reconfigure telegram\n` +
` format: TELEGRAM_BOT_TOKEN=123456789:AAH...\n`, ` (stored in keychain/credentials.json, not settings.json)\n`,
) )
process.exit(1) process.exit(1)
} }