chore(privacy): Remove hardcoded paths and personal identifiers#166
Open
eddie333016 wants to merge 1 commit intoakaszubski:masterfrom
Open
chore(privacy): Remove hardcoded paths and personal identifiers#166eddie333016 wants to merge 1 commit intoakaszubski:masterfrom
eddie333016 wants to merge 1 commit intoakaszubski:masterfrom
Conversation
This commit addresses personal information leakage discovered during
a comprehensive security audit. No real credentials or API keys were
exposed - this is purely a privacy cleanup.
Changes:
- Delete accidentally committed pytest temp artifact with username
- Replace hardcoded /Users/akaszubski paths with ${CLAUDE_PROJECT_DIR}
or ${PROJECT_ROOT} for portable configuration
- Update .gitignore to prevent future pytest artifact commits
- Clean documentation files of personal machine paths
- Update test files to use portable path patterns
Files affected:
- 1 file deleted (pytest temp artifact)
- 33 files modified across docs/, tests/, plugins/, .mcp/
Privacy findings addressed:
- HIGH: pytest-of-andrewkaszubski temp directory committed → Deleted
- MEDIUM: 150+ hardcoded local paths → Replaced with portable patterns
- LOW: .gitignore gaps → Added patterns for pytest artifacts
Not changed (by design):
- CHANGELOG.md historical entries (documenting past bugs)
- Security policy allowed_repos (expected self-reference)
- Git commit history (would require force push)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Privacy cleanup to remove accidentally committed personal information discovered during a security audit. No real credentials were exposed - this addresses personal identifiers only.
Type of Change
Changes
.mcp/config.jsonto use${CLAUDE_PROJECT_DIR}instead of hardcoded path.mcp/README.mdto use template variables.gitignoreto prevent future pytest artifact commitsFiles Modified
.gitignore- Added patterns for pytest temp directories.mcp/config.json- Replaced hardcoded paths with env variable.mcp/README.md- Replaced hardcoded paths with placeholdersdocs/*.md(7 files) - Replaced hardcoded pathstests/**/*.py(21 files) - Replaced hardcoded paths with portable patternsplugins/autonomous-dev/tests/**/*.py(2 files) - SameFiles Deleted
\private\var\folders\...\pytest-of-andrewkaszubski\...\batch_state.jsonTest Plan
/Users/akaszubskipaths in active files${CLAUDE_PROJECT_DIR}(supported by Claude Code)Quality Checklist
Security Audit Findings Addressed
Not Changed (By Design)
CHANGELOG.md- Historical entries documenting past bugsPost-PR Recommendations
akaszubski@users.noreply.github.com🤖 Generated with Claude Code
Co-Authored-By: Claude noreply@anthropic.com