feat(installer): collapse OP_ITEM+OP_FIELD into one secret-reference prompt#16
Merged
Conversation
Followup from #14. The migration warning showed the correct split, but a Windows user typed the legacy 3-segment value back at the prompt (with quotes the first time), and the installer accepted it. Runtime defense in claudestart.ps1 silently fixed it at launch, but local.env on disk was still wrong. Three input-validation gaps in the prompts: 1. Read-Host / read returned literal quote chars from copy-pasted values (e.g. "op://...") so the first attempt failed with the misleading "must start with op://". Strip surrounding matched quotes inside prompt_default / Prompt-Default. 2. OP_ITEM prompt only checked the op:// prefix. A 3+ segment path passed through, undoing the migration that just happened. Now the prompt loops with a specific message that shows exactly how to split the input across the next two prompts. 3. OP_FIELD prompt accepted anything, including a full op:// URL. Reject inputs starting with op:// in both the field-list and no-fields paths. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…prompt The two-prompt flow (item path, then field name) was a synthetic split of what 1Password already gives users as one value: the desktop app's "Copy Secret Reference" produces op://Vault/Item/Field directly, wrapped in double quotes for paste-safety. Replace both prompts with a single one that accepts that exact format, then split into OP_ITEM (vault/item) and OP_FIELD (everything after) at write time. The internal storage and runtime contract stay the same — local.env still has separate variables, claude-env.sh / claudestart.ps1 still append /<project> with /<OP_FIELD> as fallback. Only the collection mechanism changes. Drops list_op_fields/prompt_op_field (bash) and Get-OpFields/Prompt- OpField (PowerShell), since interactive field enumeration was only useful when the user had to type the field name from memory. With Copy Secret Reference, the user pastes vault, item, and field together. The migration warning block is also removed: the installer just uses whatever existing local.env produces (legacy 3-segment OP_ITEM, modern split, or the team default) as the prompt's bracketed default. Net -138 lines. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The two-prompt flow (item path → field name) was a synthetic split of what 1Password already gives users as one value. The desktop app has a Copy Secret Reference option (right-click an item) that produces
op://Vault/Item/Fielddirectly, wrapped in double quotes for paste-safety.Replace both prompts with a single one that accepts that exact format, including the surrounding quotes. Split into
OP_ITEM(vault/item) andOP_FIELD(everything after) at write time, so the internal storage and runtime contract stay unchanged —claude-env.sh/claudestart.ps1still append/<project>with/<OP_FIELD>as fallback.This also obsoletes:
list_op_fields/prompt_op_field(bash) andGet-OpFields/Prompt-OpField(PowerShell). Interactive field enumeration was only useful when the user had to type the field name from memory; with Copy Secret Reference there's nothing to enumerate.local.envproduces (legacy 3-segmentOP_ITEM, modern split, or team default) as the prompt's bracketed default.Net -138 lines.
New flow
local.envends up with:Existing user upgrade paths
local.envstate before reinstallOP_ITEM(e.g.op://V/I/Field), noOP_FIELDop://V/I/Field(use as-is)OP_ITEM+OP_FIELD)${OP_ITEM}/${OP_FIELD}(joined)OP_ITEMonly${OP_ITEM}/API Keyop://Employee/ai.apro.is litellm/API KeyIn all cases the user can hit enter to keep their existing config, or paste a new secret reference to switch.
Validation
The single prompt rejects:
op://A 4-segment
op://V/I/Section/Fieldis accepted; the section/field combo is preserved asOP_FIELD=Section/Field.Test plan
bash -n install.shop://(rejected) — all behave correctlylist_op_fields/prompt_op_field/Get-OpFields/Prompt-OpFieldhelpersirm .../install.ps1 | iexand pastes"op://Employee/liteLLM/API key"from 1Password desktop — should accept cleanlycurl .../install.sh | bash— should behave identically🤖 Generated with Claude Code