sc/sgard
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
c00d9c65c3833553b3b9f580e9b075397ac4456a
sgard/CLAUDE.md
Kyle Isom 7accc6cac6 Step 20: Encryption polish — e2e test, docs, flake. 
E2e encryption test: full lifecycle covering init, add encrypted +
plaintext, checkpoint, modify, status (no DEK needed), re-checkpoint,
restore, verify, re-open with unlock, diff, slot management, passphrase
change, old passphrase rejection.

Docs updated:
- ARCHITECTURE.md: package structure (encrypt.go, encrypt_fido2.go,
  encrypt CLI), Garden struct (dek field, encryption methods), auth.go
  descriptions updated for JWT
- README.md: encryption commands table, encryption section with usage
- CLAUDE.md: added jwt/argon2/chacha20 deps, encryption file mentions

flake.nix: vendorHash updated for new deps.

Phase 3 complete.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 09:34:05 -07:00

2.3 KiB
Raw Blame History

CLAUDE.md

This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.

Critical: Keep Project Docs Updated

Any change to the codebase MUST be reflected in these files:

  • ARCHITECTURE.md — design decisions, data model, package structure
  • PROJECT_PLAN.md — implementation steps; check off completed items
  • PROGRESS.md — current status, change log; update after completing any step

If another agent or engineer picks this up later, these files are how they resume. Keeping them accurate is not optional.

Project

sgard (Shimmering Clarity Gardener) — a dotfiles manager. Module: github.com/kisom/sgard. Author: K. Isom kyle@imap.cc.

Build

go build ./...                   # both sgard and sgardd

Nix:

nix build .#sgard                # builds both binaries

Run tests:

go test ./...

Lint:

golangci-lint run ./...

Regenerate proto (requires protoc toolchain):

make proto

Dependencies

  • gopkg.in/yaml.v3 — manifest serialization
  • github.com/spf13/cobra — CLI framework
  • github.com/jonboulle/clockwork — injectable clock for deterministic tests
  • google.golang.org/grpc — gRPC runtime
  • google.golang.org/protobuf — protobuf runtime
  • golang.org/x/crypto — SSH key auth (ssh, ssh/agent), Argon2id, XChaCha20-Poly1305
  • github.com/golang-jwt/jwt/v5 — JWT token auth

Package Structure

cmd/sgard/    CLI entry point (cobra commands, pure wiring)
cmd/sgardd/   gRPC server daemon
garden/       Core business logic (Garden struct, encryption via encrypt.go/encrypt_fido2.go)
manifest/     YAML manifest parsing (Manifest/Entry structs, Load/Save)
store/        Content-addressable blob storage (SHA-256 keyed)
server/       gRPC server (RPC handlers, JWT/SSH auth interceptor, proto conversion)
client/       gRPC client library (Push, Pull, Prune, token auth with auto-renewal)
sgardpb/      Generated protobuf + gRPC Go code

Key rule: all logic lives in garden/. The cmd/ layer only parses flags and calls Garden methods. The server wraps Garden as gRPC endpoints. No logic duplication.

Each garden operation lives in its own file (garden/<op>.go) to minimize merge conflicts during parallel development.

Reference in New Issue View Git Blame Copy Permalink