Documentation
¶
Overview ¶
Package doctor provides diagnostic and validation utilities for aix configurations.
Package doctor provides diagnostic checks for aix configuration.
Index ¶
- Variables
- func ContainsTokenPrefix(value string) bool
- func MaskSecrets(env map[string]string) map[string]string
- func MaskURL(rawURL string) string
- func MaskValue(value string) string
- func ShouldMask(key string) bool
- type Check
- type CheckResult
- type ConfigSemanticCheck
- type ConfigSyntaxCheck
- type DoctorReport
- type FixResult
- type Fixer
- type PathPermissionCheck
- type PermissionFixer
- type PlatformCheck
- type Runner
- type Severity
- type Summary
Constants ¶
This section is empty.
Variables ¶
var SecretKeyPatterns = []string{
"TOKEN",
"KEY",
"SECRET",
"PASSWORD",
"AUTH",
"CREDENTIAL",
"API_KEY",
"PRIVATE",
}
SecretKeyPatterns contains substrings that indicate a key likely contains sensitive data. Keys are matched case-insensitively.
var TokenPrefixes = []string{
"ghp_",
"gho_",
"ghu_",
"ghs_",
"ghr_",
"sk-",
"pk-",
"AKIA",
"xoxb-",
"xoxp-",
"xoxa-",
"xoxr-",
}
TokenPrefixes contains known API token prefixes that indicate sensitive values regardless of key name.
Functions ¶
func ContainsTokenPrefix ¶
ContainsTokenPrefix returns true if the value starts with a known token prefix. This catches cases where the key name doesn't indicate sensitivity but the value is clearly a token (e.g., "MY_VAR=ghp_abc123").
func MaskSecrets ¶
MaskSecrets masks sensitive values in the given environment variable map. Keys matching SecretKeyPatterns or values matching TokenPrefixes are masked. Returns a new map with sensitive values redacted.
func MaskURL ¶
MaskURL redacts credentials from URLs. URLs with embedded credentials (user:pass@host) become (user:****@host). If the URL cannot be parsed, it is returned unchanged.
func MaskValue ¶
MaskValue masks a potentially sensitive string value. Values with 4 or fewer characters are fully masked as "********". Longer values show the last 4 characters: "****xxxx".
func ShouldMask ¶
ShouldMask returns true if the key name suggests it contains sensitive data. Matching is case-insensitive.
Types ¶
type Check ¶
type Check interface {
// Name returns the unique identifier for this check.
Name() string
// Category returns the grouping for this check (e.g., "platform", "config").
Category() string
// Run executes the diagnostic check and returns its result.
Run() *CheckResult
}
Check is the interface that diagnostic checks must implement.
type CheckResult ¶
type CheckResult struct {
// Name is the identifier for this check.
Name string `json:"name"`
// Category groups related checks (e.g., "platform", "config", "mcp").
Category string `json:"category"`
// Status indicates the severity of the check result.
Status Severity `json:"status"`
// Message describes the check outcome.
Message string `json:"message"`
// Details contains additional context about the check result.
// Keys and values depend on the specific check.
Details map[string]any `json:"details,omitempty"`
// Fixable indicates whether aix can automatically fix this issue.
Fixable bool `json:"fixable,omitempty"`
// FixHint provides guidance on how to resolve the issue.
FixHint string `json:"fix_hint,omitempty"`
}
CheckResult represents the outcome of a single diagnostic check.
type ConfigSemanticCheck ¶
type ConfigSemanticCheck struct{}
ConfigSemanticCheck validates configuration file semantics beyond syntax. It verifies that MCP server configurations are internally consistent and that referenced executables exist.
func NewConfigSemanticCheck ¶
func NewConfigSemanticCheck() *ConfigSemanticCheck
NewConfigSemanticCheck creates a new ConfigSemanticCheck instance.
func (*ConfigSemanticCheck) Category ¶
func (c *ConfigSemanticCheck) Category() string
Category returns the grouping for this check.
func (*ConfigSemanticCheck) Name ¶
func (c *ConfigSemanticCheck) Name() string
Name returns the unique identifier for this check.
func (*ConfigSemanticCheck) Run ¶
func (c *ConfigSemanticCheck) Run() *CheckResult
Run executes the semantic validation check across all installed platforms.
type ConfigSyntaxCheck ¶
type ConfigSyntaxCheck struct{}
ConfigSyntaxCheck validates configuration file syntax (JSON/TOML parsing).
func NewConfigSyntaxCheck ¶
func NewConfigSyntaxCheck() *ConfigSyntaxCheck
NewConfigSyntaxCheck creates a new ConfigSyntaxCheck instance.
func (*ConfigSyntaxCheck) Category ¶
func (c *ConfigSyntaxCheck) Category() string
Category returns the grouping for this check.
func (*ConfigSyntaxCheck) Name ¶
func (c *ConfigSyntaxCheck) Name() string
Name returns the unique identifier for this check.
func (*ConfigSyntaxCheck) Run ¶
func (c *ConfigSyntaxCheck) Run() *CheckResult
Run executes the syntax validation check across all installed platforms.
type DoctorReport ¶
type DoctorReport struct {
// Timestamp is when the diagnostic run started.
Timestamp time.Time `json:"timestamp"`
// Results contains the outcome of each check.
Results []*CheckResult `json:"results"`
// Summary contains counts by severity level.
Summary Summary `json:"summary"`
}
DoctorReport aggregates all check results with timing and summary.
func (*DoctorReport) HasErrors ¶
func (r *DoctorReport) HasErrors() bool
HasErrors returns true if any check has SeverityError.
func (*DoctorReport) HasWarnings ¶
func (r *DoctorReport) HasWarnings() bool
HasWarnings returns true if any check has SeverityWarning.
type FixResult ¶
type FixResult struct {
// Path is the file or directory that was targeted for fixing.
Path string
// Fixed indicates whether the fix was successfully applied.
Fixed bool
// Description explains what was fixed or why it couldn't be fixed.
Description string
// Error contains the error if the fix failed.
Error error
}
FixResult describes the outcome of an attempted fix operation.
type Fixer ¶
type Fixer interface {
// CanFix returns true if this check has fixable issues.
// Must be called after Run() to check if there are issues that can be fixed.
CanFix() bool
// Fix attempts to remediate the issues found by Run().
// Returns a slice of FixResult indicating what was fixed or why it couldn't be fixed.
// Must be called after Run().
Fix() []FixResult
}
Fixer is an optional interface that checks can implement to support auto-remediation. Checks that implement Fixer can fix issues they detect when the --fix flag is used.
type PathPermissionCheck ¶
type PathPermissionCheck struct {
// contains filtered or unexported fields
}
PathPermissionCheck validates file paths and permissions for platform configurations. It implements both the Check and Fixer interfaces.
func NewPathPermissionCheck ¶
func NewPathPermissionCheck() *PathPermissionCheck
NewPathPermissionCheck creates a new path permission check.
func (*PathPermissionCheck) CanFix ¶
func (c *PathPermissionCheck) CanFix() bool
CanFix returns true if there are fixable permission issues. Must be called after Run().
func (*PathPermissionCheck) Category ¶
func (c *PathPermissionCheck) Category() string
Category returns the grouping for this check.
func (*PathPermissionCheck) Fix ¶
func (c *PathPermissionCheck) Fix() []FixResult
Fix attempts to remediate fixable permission issues. Must be called after Run().
func (*PathPermissionCheck) Name ¶
func (c *PathPermissionCheck) Name() string
Name returns the unique identifier for this check.
func (*PathPermissionCheck) Run ¶
func (c *PathPermissionCheck) Run() *CheckResult
Run executes the path and permission diagnostic check.
type PermissionFixer ¶
type PermissionFixer struct {
// contains filtered or unexported fields
}
PermissionFixer fixes file and directory permission issues. It is embedded in PathPermissionCheck to provide fix capability.
func (*PermissionFixer) CanFix ¶
func (f *PermissionFixer) CanFix() bool
CanFix returns true if there are any fixable permission issues.
func (*PermissionFixer) CountFixable ¶
func (f *PermissionFixer) CountFixable() int
CountFixable returns the number of fixable issues.
func (*PermissionFixer) Fix ¶
func (f *PermissionFixer) Fix() []FixResult
Fix attempts to fix all fixable permission issues. Returns a FixResult for each fixable issue.
type PlatformCheck ¶
type PlatformCheck struct{}
PlatformCheck verifies installed AI coding platforms.
func NewPlatformCheck ¶
func NewPlatformCheck() *PlatformCheck
NewPlatformCheck creates a new platform detection check.
func (*PlatformCheck) Category ¶
func (c *PlatformCheck) Category() string
Category returns the grouping for this check.
func (*PlatformCheck) Name ¶
func (c *PlatformCheck) Name() string
Name returns the unique identifier for this check.
func (*PlatformCheck) Run ¶
func (c *PlatformCheck) Run() *CheckResult
Run executes the platform detection check and returns its result.
type Runner ¶
type Runner struct {
// contains filtered or unexported fields
}
Runner executes diagnostic checks and aggregates their results.
func (*Runner) Run ¶
func (r *Runner) Run() *DoctorReport
Run executes all registered checks and returns a report.
type Severity ¶
type Severity int
Severity indicates the importance level of a check result.
const ( // SeverityPass indicates the check passed without issues. SeverityPass Severity = iota // SeverityInfo indicates informational output, not a problem. SeverityInfo // SeverityWarning indicates a potential issue that doesn't prevent operation. SeverityWarning // SeverityError indicates a problem that prevents proper operation. SeverityError )
type Summary ¶
type Summary struct {
// Passed is the count of checks with SeverityPass.
Passed int `json:"passed"`
// Info is the count of checks with SeverityInfo.
Info int `json:"info"`
// Warnings is the count of checks with SeverityWarning.
Warnings int `json:"warnings"`
// Errors is the count of checks with SeverityError.
Errors int `json:"errors"`
}
Summary aggregates counts of check results by severity.
Source Files