今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

标签:#config

找到 4 篇相关文章

AI 资讯

I Versioned the Way I Think. Then I Forced It to Comply.

One morning I pasted four principles into my CLAUDE.md , the global instruction file Claude Code reads at the start of every session. "Think before you code", "simplicity first", that kind of maxim you see fly by on X, credited to Andrej Karpathy. I felt clever for about a day. Then I watched Claude read the file, nod, and carry on exactly as before. A CLAUDE.md is a suggestion box. The model nods, then does whatever it wants. If I wanted it to code my way, writing it down wasn't going to cut it. I had to enforce it. What follows is what that frustration turned into: a config in four layers, reinstallable in one command, and a discovery that runs through everything else. The only rigor that counts is the one a model can't grant itself. Four layers, and only one really changes the behavior My config has four floors, from softest to hardest. The brain is CLAUDE.md : how I work, not the docs for my code. The rule that sums it up lives inside it: "what not to add: anything Claude rediscovers by reading the code." It holds my design principles, my stance on orchestrating subagents (I size up, I delegate, I verify: "I stay the brain, they're the hands"), and one line that becomes the thread running through the whole thing. The references : a go-best-practices.md file the brain points to in plain text whenever Go is involved. The skills : ten of them. A skill is a folder with a playbook that Claude loads on demand for a specific job: review code, write an article, distill a book. Mine are packaged as a marketplace, in a public GitHub repo , with a changelog and a version number. That's the real differentiator: versioned tooling, not just rules scribbled in a file. The guardrails , finally. And this is the only layer that reliably changes behavior. The first three, the model can read and ignore. The fourth, it can't. The four config layers, from softest (the model can ignore) to hardest (the model is bound by the guardrail) Brain CLAUDE.md: how I work References go-best-pra

2026-06-28 原文 →
AI 资讯

Azure App Configuration vs. Azure Key Vault

Rule of thumb : Secrets → Key Vault Configs → App Configuration Use both for secure + flexible configuration management. Azure Key Vault Purpose : Securely store sensitive information such as secrets, keys, and certificates. Use Cases : Store API keys, connection strings, tokens. Manage and rotate TLS/SSL certificates. Protect cryptographic keys used for encryption/decryption. Strengths : Built-in hardware security module (HSM) support. Access policies and RBAC for fine-grained control. Automatic secret rotation with some Azure services. Logging and monitoring via Azure Monitor. Limitations : Not designed for feature flags or configuration settings that change frequently. API calls can add latency if used excessively at runtime. Azure App Configuration Purpose : Centralized application configuration management . Use Cases : Store non-sensitive app settings (feature flags, UI options, app behavior). Versioned configurations and labels (per environment, per region). Enable dynamic configuration refresh in apps. Strengths : Feature flag management built-in. Supports key-value pairs with labels for environment separation. Integration with Azure Functions, App Service, AKS, and more. High availability and global distribution. Limitations : Not designed to store secrets or keys. Does not provide encryption key lifecycle management. When to Use Which Use Key Vault when : Handling secrets (DB passwords, API keys). Managing certificates and encryption keys. Need secure storage with strong access policies. Use App Configuration when : Handling app configs (feature flags, toggle dark mode, regional endpoints). Need dynamic refresh without redeployment. Want environment-based configuration with versioning. How They Work Together In most real-world solutions, you combine both : Use Azure App Configuration for general settings and feature management. Reference Azure Key Vault inside App Configuration for sensitive values. Example: AppConfig:DbConnectionString → points to Key Vaul

2026-06-26 原文 →
AI 资讯

The complete guide to claude code configuration file

What Is a Claude Code Configuration File? A Claude Code configuration file is a structured file — either CLAUDE.md (a Markdown document) or settings.json (a JSON schema file) — that controls how the Claude Code AI coding assistant behaves within a project or organization. These files define the agent's permissions, memory context, tool access, allowed shell commands, and behavioral guardrails. Without them, Claude Code operates with broad defaults that may not align with your security posture or project conventions. Claude Code reads configuration from multiple locations in a defined hierarchy: a global user-level ~/.claude/settings.json , a project-level .claude/settings.json at the repo root, and one or more CLAUDE.md files that can be nested in subdirectories. The agent merges these at startup, with project-level settings taking precedence over global ones. Understanding that hierarchy isn't optional — it's the foundation of any serious deployment. Why Claude Code Configuration Files Matter in 2026 Claude Code has moved from a tool used by individual engineers to something teams are deploying org-wide, running in CI/CD pipelines, and integrating with production infrastructure. That shift changes the risk profile completely. A misconfigured agent with shell access and no guardrails isn't a productivity tool anymore — it's a liability. Anthropic's own documentation on Claude Code security acknowledges that the agent can execute terminal commands, read and write files, and make network requests. By default, many of these capabilities require per-operation approval, but configuration files can silently expand those permissions across an entire organization if applied at the global or enterprise policy layer. The CISA and NSA joint guidance on AI-assisted development tools (published in late 2024) specifically flagged AI coding assistants as a new attack surface for supply chain compromise — the concern being that an agent with write access to source files and no beha

2026-06-10 原文 →
AI 资讯

One Schema to Rule Them All: The Config v2 Rewrite

This is part sixteen in a series about managing the growing pile of skills, scripts, and context that AI coding agents depend on. The 0.8.0 release notes cover the storage and pipeline changes that shipped alongside this rewrite; Part thirteen covers how the new profiles.improve config drives the improve pipeline. Config files are where projects go to accumulate technical debt quietly. Each new feature gets a new key. Each new key gets a new parser. Each parser has slightly different error handling, slightly different defaults, and slightly different ideas about what "invalid" means. Nobody notices until a user files an issue that says "I had a typo in my config and akm just silently used defaults for three weeks." That was the state of akm's config layer going into 0.8.0. What the Old Shape Looked Like The v1 config had three top-level blocks that grew independently over two years: llm.* for LLM connection settings, agent.* for agent process settings, and llm.features.* boolean flags gating per-feature LLM calls. The features block was nested under llm for historical reasons even though many features used the agent, not the LLM. The agent's per-process map lived under agent.processes , while LLM-gated features used llm.features.index.metadata_enhance style dotted paths. Each block had its own parser function. parseLlmConfig , parseEmbeddingConfig , parseIndexConfig , and a dozen more. The comment at the top of the new config-schema.ts is blunt about it: the Zod schema "replaces the ~1.4k LOC of legacy per-shape parsers." The problems that accumulated in that ~1.4k LOC: Unknown keys were silently accepted. If you wrote llm.temperaure (typo), the parser ignored it and fell back to the default temperature. No warning. You tuned a key that did nothing. Bad JSON was masked. The config loader caught JSON parse errors and fell back to DEFAULT_CONFIG — the compiled-in defaults. Your entire config file could be corrupt and akm would start without complaint, using defaults a

2026-06-04 原文 →