sc/sgard
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
5529fff6498cd92d8ff0dc681f622cb47fc3ab53
sgard/CLAUDE.md
Kyle Isom 7accc6cac6 Step 20: Encryption polish — e2e test, docs, flake. 
E2e encryption test: full lifecycle covering init, add encrypted +
plaintext, checkpoint, modify, status (no DEK needed), re-checkpoint,
restore, verify, re-open with unlock, diff, slot management, passphrase
change, old passphrase rejection.

Docs updated:
- ARCHITECTURE.md: package structure (encrypt.go, encrypt_fido2.go,
  encrypt CLI), Garden struct (dek field, encryption methods), auth.go
  descriptions updated for JWT
- README.md: encryption commands table, encryption section with usage
- CLAUDE.md: added jwt/argon2/chacha20 deps, encryption file mentions

flake.nix: vendorHash updated for new deps.

Phase 3 complete.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 09:34:05 -07:00

76 lines
2.3 KiB
Markdown
Raw Blame History

# CLAUDE.md
This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
## Critical: Keep Project Docs Updated
Any change to the codebase MUST be reflected in these files:
- **ARCHITECTURE.md** — design decisions, data model, package structure
- **PROJECT_PLAN.md** — implementation steps; check off completed items
- **PROGRESS.md** — current status, change log; update after completing any step
If another agent or engineer picks this up later, these files are how they
resume. Keeping them accurate is not optional.
## Project
sgard (Shimmering Clarity Gardener) — a dotfiles manager.
Module: `github.com/kisom/sgard`. Author: K. Isom <kyle@imap.cc>.
## Build
```bash
go build ./... # both sgard and sgardd
```
Nix:
```bash
nix build .#sgard # builds both binaries
```
Run tests:
```bash
go test ./...
```
Lint:
```bash
golangci-lint run ./...
```
Regenerate proto (requires protoc toolchain):
```bash
make proto
```
## Dependencies
- `gopkg.in/yaml.v3` — manifest serialization
- `github.com/spf13/cobra` — CLI framework
- `github.com/jonboulle/clockwork` — injectable clock for deterministic tests
- `google.golang.org/grpc` — gRPC runtime
- `google.golang.org/protobuf` — protobuf runtime
- `golang.org/x/crypto` — SSH key auth (ssh, ssh/agent), Argon2id, XChaCha20-Poly1305
- `github.com/golang-jwt/jwt/v5` — JWT token auth
## Package Structure
```
cmd/sgard/ CLI entry point (cobra commands, pure wiring)
cmd/sgardd/ gRPC server daemon
garden/ Core business logic (Garden struct, encryption via encrypt.go/encrypt_fido2.go)
manifest/ YAML manifest parsing (Manifest/Entry structs, Load/Save)
store/ Content-addressable blob storage (SHA-256 keyed)
server/ gRPC server (RPC handlers, JWT/SSH auth interceptor, proto conversion)
client/ gRPC client library (Push, Pull, Prune, token auth with auto-renewal)
sgardpb/ Generated protobuf + gRPC Go code
```
Key rule: all logic lives in `garden/`. The `cmd/` layer only parses flags
and calls `Garden` methods. The `server` wraps `Garden` as gRPC endpoints.
No logic duplication.
Each garden operation lives in its own file (`garden/<op>.go`) to minimize
merge conflicts during parallel development.
Reference in New Issue View Git Blame Copy Permalink