From 936ffc68a581a5334f609801ef1987e036717f43 Mon Sep 17 00:00:00 2001 From: Yoni Melki Date: Mon, 1 Jun 2026 19:40:38 +0300 Subject: [PATCH] AX-1579 - Make MCP secret-persistence guidance shell-aware Persisting MCP secrets previously told users to add the export to ~/.zshrc, which only works for zsh users. Replace that with shell-keyed guidance (zsh/bash/fish, plus Windows setx) and tell the agent to detect the shell, so the export lands in the file the user's shell actually sources. Bump plugin version 0.5.0 -> 0.5.1 (plugin.json + marketplace.json). Co-Authored-By: Claude Opus 4.8 (1M context) --- .cursor-plugin/marketplace.json | 2 +- plugins/jfrog/.cursor-plugin/plugin.json | 2 +- .../jfrog/templates/jfrog-mcp-management.md | 20 ++++++++++++++----- 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/.cursor-plugin/marketplace.json b/.cursor-plugin/marketplace.json index 6947c05..499cffb 100644 --- a/.cursor-plugin/marketplace.json +++ b/.cursor-plugin/marketplace.json @@ -6,7 +6,7 @@ }, "metadata": { "description": "JFrog Platform plugins for Cursor", - "version": "0.5.0", + "version": "0.5.1", "pluginRoot": "plugins" }, "plugins": [ diff --git a/plugins/jfrog/.cursor-plugin/plugin.json b/plugins/jfrog/.cursor-plugin/plugin.json index 71ccb48..070de6d 100644 --- a/plugins/jfrog/.cursor-plugin/plugin.json +++ b/plugins/jfrog/.cursor-plugin/plugin.json @@ -1,7 +1,7 @@ { "name": "jfrog", "displayName": "JFrog Platform", - "version": "0.5.0", + "version": "0.5.1", "description": "JFrog Platform integration with MCP, security skills, supply-chain best practices, and JFrog Agent Guard governance for adding, removing, and listing MCP servers.", "author": { "name": "JFrog", diff --git a/plugins/jfrog/templates/jfrog-mcp-management.md b/plugins/jfrog/templates/jfrog-mcp-management.md index 2abb620..7792187 100644 --- a/plugins/jfrog/templates/jfrog-mcp-management.md +++ b/plugins/jfrog/templates/jfrog-mcp-management.md @@ -165,11 +165,21 @@ Split Step 2 inputs by `isRequired`: For each input in Step 4: - **Secrets** (`isSecret=true`): use `${env:VAR_NAME}` in the config; - tell the user to export it via - `read -rs VAR_NAME && export VAR_NAME && echo exported` - (and add to `~/.zshrc` for persistence). They are picked up on next - launch (4a). NEVER take secrets in chat, echo them back, or - write raw values into config. + tell the user to export it for the current session via + `read -rs VAR_NAME && export VAR_NAME && echo exported`. + For persistence, the right startup file depends on the user's + **shell**, not their OS — macOS and Linux both commonly run zsh or + bash. Detect the shell (e.g. `echo "$SHELL"`) and add the export to + the file that shell loads on startup: + - **zsh** (the macOS default) → `~/.zshrc` + - **bash** → `~/.bashrc`; note macOS login shells read + `~/.bash_profile`, which usually sources `~/.bashrc` + - **fish** → `~/.config/fish/config.fish` (use `set -gx`) + - **Windows** → use `setx VAR_NAME ""` (PowerShell/CMD) + instead of the `read`/`export` snippet + If unsure which file the shell sources, ask the user. Values are + picked up on next launch (4a). NEVER take secrets in chat, echo them + back, or write raw values into config. - **Non-secrets**: literal in `env` or `${env:VAR_NAME}` — ask if unclear.