mirror of
https://github.com/AgentSeal/codeburn.git
synced 2026-07-14 03:29:32 +00:00
|
Some checks failed
CI / semgrep (push) Has been cancelled
Background token refreshes re-read the "Claude Code-credentials" keychain item via the Security framework. On macOS Sierra+, access is governed by the item's partition list, not the legacy "Always Allow" ACL. Claude Code resets that partition list every time it rotates the credential, dropping our app from the allowed set, so the next read raises a fresh keychain password prompt. On a heavy usage day this fires dozens of times. The LAContext interactionNotAllowed flag we relied on does not suppress that prompt for a plain generic-password item. Route the silent path (proactive refresh and post-401 re-read) through /usr/bin/security instead. The Apple-signed security binary sits in the item's apple-tool: partition, so it reads the secret without prompting and without depending on the user's ACL grant. It is read-only and never spends the shared refresh token, preserving the existing invariant that the Claude CLI owns the grant. The user-initiated bootstrap keeps the framework read, where a single consent prompt is expected. Drops the now-unused LocalAuthentication import. |
||
|---|---|---|
| .. | ||
| Data | ||
| Security | ||
| Theme | ||
| Views | ||
| AppStore.swift | ||
| AppVersion.swift | ||
| CodeBurnApp.swift | ||
| CurrencyState.swift | ||