rename secrets.py to credential_store.py, enhance /status, add usage tracking

- Rename src/secrets.py → src/credential_store.py (avoid stdlib conflict) - Enhanced /status command: uptime, tokens, cost, context window usage - Session metadata now tracks input/output tokens, cost, duration - _safe_env() changed from allowlist to blocklist approach - Better Claude CLI error logging Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-13 17:54:59 +00:00
parent 0ecfa630eb
commit 85c72e4b3d
7 changed files with 155 additions and 39 deletions
--- a/tests/test_claude_session.py
+++ b/tests/test_claude_session.py
@@ -131,17 +131,18 @@ class TestSafeEnv:
        assert "CLAUDECODE" not in env

    def test_excludes_api_keys(self, monkeypatch):
-        monkeypatch.setenv("OPENAI_API_KEY", "sk-xxx")
-        monkeypatch.setenv("ANTHROPIC_API_KEY", "sk-ant-xxx")
+        monkeypatch.setenv("API_KEY", "sk-xxx")
+        monkeypatch.setenv("SECRET", "sk-ant-xxx")
        env = _safe_env()
-        assert "OPENAI_API_KEY" not in env
-        assert "ANTHROPIC_API_KEY" not in env
+        assert "API_KEY" not in env
+        assert "SECRET" not in env

-    def test_only_passthrough_keys(self, monkeypatch):
-        monkeypatch.setenv("RANDOM_SECRET", "bad")
+    def test_strips_all_blocked_keys(self, monkeypatch):
+        for key in claude_session._ENV_STRIP:
+            monkeypatch.setenv(key, "bad")
        env = _safe_env()
-        for key in env:
-            assert key in claude_session._ENV_PASSTHROUGH
+        for key in claude_session._ENV_STRIP:
+            assert key not in env


 # ---------------------------------------------------------------------------