curo/Pyra - Pyra - Gitea: Git with a cup of tea

5 Commits 4 Branches 0 Tags

Author	SHA1	Message	Date
curo1305	7617a80595	feat(vault): API key storage in vault only - vault/reader.py: get_key() reads from ~/.pyra/vault/secrets/api_keys.json - vault/writer.py: set_key(), delete_key() — only writer callable from setup - Both call assert_safe_path() as defense-in-depth - Keys file stays chmod 400; temporarily 600 during write then locked again - Config.yaml never touched by either module Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-17 12:50:24 +02:00
curo1305	43a8a363ba	feat(setup): provider registry and interactive setup wizard - setup/providers.py: registry for 8 providers (3 local, 5 cloud), frozen dataclasses - setup/wizard.py: questionary-based wizard — provider select, model input, API key collected via vault.writer (not config.yaml), connectivity check, test call via litellm Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-17 12:50:04 +02:00
curo1305	ae565b0d68	feat(config): directory bootstrap and config manager - config/schema.py: Pydantic v2 models — no API keys, only provider_id/model/base_url - config/manager.py: ruamel.yaml round-trip load/save, chmod 600 enforced on write - config/dirs.py: bootstrap() creates ~/.pyra/ tree, vault sentinel checked every startup Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-17 12:49:22 +02:00
curo1305	a96b540234	feat(security): vault wall, path guard, and utils - utils/paths.py: pyra_home(), ensure_dir(), safe_chmod(), expand() - security/boundaries.py: VaultAccessError, PyraSecurityError, assert_safe_path() (called before every file read), check_vault_lock() Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-17 12:48:50 +02:00
curo1305	0a04e04490	chore: init project skeleton Directory structure, pyproject.toml with hatchling build, and all subpackage stubs for pyra Stage 1. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-17 12:48:32 +02:00