mirror of
https://github.com/garrytan/gstack.git
synced 2026-05-19 10:52:28 +08:00
49cc4ff9c9
* fix(careful): BSD sed compatibility for safe exception detection on macOS
The sed regex in check-careful.sh uses \s+, which is a GNU sed
extension not supported by BSD sed (macOS default). On macOS, this
causes the RM_ARGS strip to fail silently, making rm -rf of safe
exceptions (node_modules, .next, dist, etc.) trigger the destructive
warning instead of being permitted as designed.
Fix: replace \s+ with POSIX [[:space:]]+, which works on both GNU sed
(Linux) and BSD sed (macOS).
The existing test/hook-scripts.test.ts already documented this
limitation via a detectSafeRmWorks() helper and a platform-conditional
assertion ("if GNU sed: expect undefined, else: expect ask"). Now that
the regex works on both platforms, this dead path is removed and the
safe-exception tests assert the same expectation on every OS.
Note: the grep regex in the same file also uses \s+, but BSD grep -E
on macOS does support \s (verified via bash -x trace), so only the
sed expression needs the fix.
Discovered while translating the careful skill for a Japanese
derivative project (uzustack). Reference:
https://github.com/uzumaki-inc/uzustack/commit/bc67c8d
* docs(codex): rename Step 0 to avoid collision with platform-detect prelude
The codex skill template had its own '## Step 0: Check codex binary'
heading (line 42), which after gen-skill-docs collided with the
platform-detection prelude '## Step 0: Detect platform and base branch'
(injected by scripts/resolvers/utility.ts). The generated codex/SKILL.md
ended up with two H2 headings labeled Step 0, which is ambiguous to an
agent reading the skill in order.
Renamed the local heading to Step 0.4, slotting it between the prelude
(Step 0) and the existing Step 0.5 / Step 0.6 sections. No renumbering
of downstream steps needed.
Closes #1388
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* docs(codex): regenerate SKILL.md after Step 0 rename
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* fix(make-pdf): move setup before preamble footer
* chore: bump version and changelog (v1.31.1.0)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: ToraDady <tac201k@gmail.com>
Co-authored-by: Matt Van Horn <455140+mvanhorn@users.noreply.github.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Co-authored-by: Jayesh Betala <jayesh.betala7@gmail.com>
113 lines
4.2 KiB
Bash
Executable File
113 lines
4.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# check-careful.sh — PreToolUse hook for /careful skill
|
|
# Reads JSON from stdin, checks Bash command for destructive patterns.
|
|
# Returns {"permissionDecision":"ask","message":"..."} to warn, or {} to allow.
|
|
set -euo pipefail
|
|
|
|
# Read stdin (JSON with tool_input)
|
|
INPUT=$(cat)
|
|
|
|
# Extract the "command" field value from tool_input
|
|
# Try grep/sed first (handles 99% of cases), fall back to Python for escaped quotes
|
|
CMD=$(printf '%s' "$INPUT" | grep -o '"command"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/.*:[[:space:]]*"//;s/"$//' || true)
|
|
|
|
# Python fallback if grep returned empty (e.g., escaped quotes in command)
|
|
if [ -z "$CMD" ]; then
|
|
CMD=$(printf '%s' "$INPUT" | python3 -c 'import sys,json; print(json.loads(sys.stdin.read()).get("tool_input",{}).get("command",""))' 2>/dev/null || true)
|
|
fi
|
|
|
|
# If we still couldn't extract a command, allow
|
|
if [ -z "$CMD" ]; then
|
|
echo '{}'
|
|
exit 0
|
|
fi
|
|
|
|
# Normalize: lowercase for case-insensitive SQL matching
|
|
CMD_LOWER=$(printf '%s' "$CMD" | tr '[:upper:]' '[:lower:]')
|
|
|
|
# --- Check for safe exceptions (rm -rf of build artifacts) ---
|
|
if printf '%s' "$CMD" | grep -qE 'rm\s+(-[a-zA-Z]*r[a-zA-Z]*\s+|--recursive\s+)' 2>/dev/null; then
|
|
SAFE_ONLY=true
|
|
RM_ARGS=$(printf '%s' "$CMD" | sed -E 's/.*rm[[:space:]]+(-[a-zA-Z]+[[:space:]]+)*//;s/--recursive[[:space:]]*//')
|
|
for target in $RM_ARGS; do
|
|
case "$target" in
|
|
*/node_modules|node_modules|*/\.next|\.next|*/dist|dist|*/__pycache__|__pycache__|*/\.cache|\.cache|*/build|build|*/\.turbo|\.turbo|*/coverage|coverage)
|
|
;; # safe target
|
|
-*)
|
|
;; # flag, skip
|
|
*)
|
|
SAFE_ONLY=false
|
|
break
|
|
;;
|
|
esac
|
|
done
|
|
if [ "$SAFE_ONLY" = true ]; then
|
|
echo '{}'
|
|
exit 0
|
|
fi
|
|
fi
|
|
|
|
# --- Destructive pattern checks ---
|
|
WARN=""
|
|
PATTERN=""
|
|
|
|
# rm -rf / rm -r / rm --recursive
|
|
if printf '%s' "$CMD" | grep -qE 'rm\s+(-[a-zA-Z]*r|--recursive)' 2>/dev/null; then
|
|
WARN="Destructive: recursive delete (rm -r). This permanently removes files."
|
|
PATTERN="rm_recursive"
|
|
fi
|
|
|
|
# DROP TABLE / DROP DATABASE
|
|
if [ -z "$WARN" ] && printf '%s' "$CMD_LOWER" | grep -qE 'drop\s+(table|database)' 2>/dev/null; then
|
|
WARN="Destructive: SQL DROP detected. This permanently deletes database objects."
|
|
PATTERN="drop_table"
|
|
fi
|
|
|
|
# TRUNCATE
|
|
if [ -z "$WARN" ] && printf '%s' "$CMD_LOWER" | grep -qE '\btruncate\b' 2>/dev/null; then
|
|
WARN="Destructive: SQL TRUNCATE detected. This deletes all rows from a table."
|
|
PATTERN="truncate"
|
|
fi
|
|
|
|
# git push --force / git push -f
|
|
if [ -z "$WARN" ] && printf '%s' "$CMD" | grep -qE 'git\s+push\s+.*(-f\b|--force)' 2>/dev/null; then
|
|
WARN="Destructive: git force-push rewrites remote history. Other contributors may lose work."
|
|
PATTERN="git_force_push"
|
|
fi
|
|
|
|
# git reset --hard
|
|
if [ -z "$WARN" ] && printf '%s' "$CMD" | grep -qE 'git\s+reset\s+--hard' 2>/dev/null; then
|
|
WARN="Destructive: git reset --hard discards all uncommitted changes."
|
|
PATTERN="git_reset_hard"
|
|
fi
|
|
|
|
# git checkout . / git restore .
|
|
if [ -z "$WARN" ] && printf '%s' "$CMD" | grep -qE 'git\s+(checkout|restore)\s+\.' 2>/dev/null; then
|
|
WARN="Destructive: discards all uncommitted changes in the working tree."
|
|
PATTERN="git_discard"
|
|
fi
|
|
|
|
# kubectl delete
|
|
if [ -z "$WARN" ] && printf '%s' "$CMD" | grep -qE 'kubectl\s+delete' 2>/dev/null; then
|
|
WARN="Destructive: kubectl delete removes Kubernetes resources. May impact production."
|
|
PATTERN="kubectl_delete"
|
|
fi
|
|
|
|
# docker rm -f / docker system prune
|
|
if [ -z "$WARN" ] && printf '%s' "$CMD" | grep -qE 'docker\s+(rm\s+-f|system\s+prune)' 2>/dev/null; then
|
|
WARN="Destructive: Docker force-remove or prune. May delete running containers or cached images."
|
|
PATTERN="docker_destructive"
|
|
fi
|
|
|
|
# --- Output ---
|
|
if [ -n "$WARN" ]; then
|
|
# Log hook fire event (pattern name only, never command content)
|
|
mkdir -p ~/.gstack/analytics 2>/dev/null || true
|
|
echo '{"event":"hook_fire","skill":"careful","pattern":"'"$PATTERN"'","ts":"'$(date -u +%Y-%m-%dT%H:%M:%SZ)'","repo":"'$(basename "$(git rev-parse --show-toplevel 2>/dev/null)" 2>/dev/null || echo "unknown")'"}' >> ~/.gstack/analytics/skill-usage.jsonl 2>/dev/null || true
|
|
|
|
WARN_ESCAPED=$(printf '%s' "$WARN" | sed 's/"/\\"/g')
|
|
printf '{"permissionDecision":"ask","message":"[careful] %s"}\n' "$WARN_ESCAPED"
|
|
else
|
|
echo '{}'
|
|
fi
|