npm - @imdeadpool/guardex - Versions diffs - 7.0.3 → 7.0.5 - Mend

@imdeadpool/guardex 7.0.3 → 7.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +10 -0
package/bin/multiagent-safety.js +2 -0
package/package.json +1 -1
package/templates/githooks/pre-commit +13 -8
package/templates/githooks/pre-push +12 -0

package/README.md CHANGED Viewed

@@ -373,6 +373,16 @@ npm pack --dry-run
 ## Release notes
+### v7.0.5
+- **Added: `oh-my-claude` to `gx status` global-toolchain check.** The Claude-side mirror of `oh-my-codex` is now reported alongside the existing services (`oh-my-codex`, `@fission-ai/openspec`, `@imdeadpool/codex-account-switcher`, `gh`). Users who have not yet installed it will see a clear "inactive" line instead of silent omission, matching the existing codex detection contract.
+- **Added: `.omc/` to the managed `.gitignore` block.** `gx setup` / `gx doctor` write a `.omc/` entry next to `.omx/` so Claude-specific runtime state (notepad, worktrees landing there in a follow-up) stays out of commits by default, parity with the existing `.omx/` treatment.
+### v7.0.4
+- **Fixed: publish collision on npm.** Advanced the package metadata from `7.0.3` to `7.0.4` so `npm publish` no longer targets an already published version.
+- **Changed: release-note sync for versioning rule.** Added this versioned entry in README in the same change as the package bump to keep publish metadata and release notes aligned.
 ### v7.0.3
 - **Branch/worktree naming refactor.** `agent-branch-start.sh` now produces `agent/<role>/<task>-<YYYY-MM-DD>-<HH-MM>` instead of `agent/<role+account-email>/<snapshot-slug>-<task>-<cksum6>`. Codex account names (e.g. `Zeus Edix Hu`) and 6-hex checksums no longer leak into branch or worktree paths.

package/bin/multiagent-safety.js CHANGED Viewed

@@ -13,6 +13,7 @@ const LEGACY_NAMES = ['guardex', 'multiagent-safety'];
 const OPENSPEC_PACKAGE = '@fission-ai/openspec';
 const GLOBAL_TOOLCHAIN_PACKAGES = [
   'oh-my-codex',
+  'oh-my-claude',
   OPENSPEC_PACKAGE,
   '@imdeadpool/codex-account-switcher',
 ];
@@ -122,6 +123,7 @@ const GITIGNORE_MARKER_START = '# multiagent-safety:START';
 const GITIGNORE_MARKER_END = '# multiagent-safety:END';
 const MANAGED_GITIGNORE_PATHS = [
   '.omx/',
+  '.omc/',
   'scripts/agent-branch-start.sh',
   'scripts/agent-branch-finish.sh',
   'scripts/codex-agent.sh',

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@imdeadpool/guardex",
-  "version": "7.0.3",
+  "version": "7.0.5",
   "description": "GuardeX: the Guardian T-Rex for your repo, with hardened multi-agent git guardrails.",
   "license": "MIT",
   "preferGlobal": true,

package/templates/githooks/pre-commit CHANGED Viewed

@@ -23,6 +23,14 @@ if [[ -n "${CODEX_THREAD_ID:-}" || -n "${OMX_SESSION_ID:-}" || "${CODEX_CI:-0}"
   is_codex_session=1
 fi
+# Superset of is_codex_session that also covers Claude Code sessions so the
+# protected-branch gate below only triggers for automated agents — humans stay
+# free to commit directly on main/dev/master.
+is_agent_session=$is_codex_session
+if [[ -n "${CLAUDECODE:-}" || -n "${CLAUDE_CODE_SESSION_ID:-}" ]]; then
+  is_agent_session=1
+fi
 is_vscode_git_context=0
 if [[ -n "${VSCODE_GIT_IPC_HANDLE:-}" || -n "${VSCODE_GIT_ASKPASS_NODE:-}" || -n "${VSCODE_IPC_HOOK_CLI:-}" ]]; then
   is_vscode_git_context=1
@@ -124,10 +132,10 @@ MSG
 fi
 if [[ "$is_protected_branch" == "1" ]]; then
-  if [[ "$is_codex_session" != "1" && "$is_vscode_git_context" == "1" ]]; then
-    if [[ "$allow_vscode_protected_branch_writes" == "1" ]]; then
-      exit 0
-    fi
+  # Humans may commit directly on protected branches; only agent sessions
+  # (Codex / Claude Code / OMX) are blocked.
+  if [[ "$is_agent_session" != "1" ]]; then
+    exit 0
   fi
   if [[ "$is_unborn_branch" == "1" && "$is_codex_session" != "1" ]]; then
@@ -146,16 +154,13 @@ Use an agent branch first:
 After finishing work:
   bash scripts/agent-branch-finish.sh
-Optional repo opt-in for VS Code protected-branch commits:
-  git config multiagent.allowVscodeProtectedBranchWrites true
 Temporary bypass (not recommended):
   ALLOW_COMMIT_ON_PROTECTED_BRANCH=1 git commit ...
 MSG
   exit 1
 fi
-if [[ "$is_agent_context" == "1" && "$branch" != agent/* ]]; then
+if [[ "$is_agent_session" == "1" && "$branch" != agent/* ]]; then
   cat >&2 <<'MSG'
 [agent-branch-guard] Agent commits must run on dedicated agent/* branches.
 Start an agent branch first:

package/templates/githooks/pre-push CHANGED Viewed

@@ -28,6 +28,13 @@ if [[ -n "${CODEX_THREAD_ID:-}" || -n "${OMX_SESSION_ID:-}" || "${CODEX_CI:-0}"
   is_codex_session=1
 fi
+# Superset covering Claude Code so only agents are blocked from pushing to
+# protected refs; humans push directly from their primary checkout.
+is_agent_session=$is_codex_session
+if [[ -n "${CLAUDECODE:-}" || -n "${CLAUDE_CODE_SESSION_ID:-}" ]]; then
+  is_agent_session=1
+fi
 protected_branches_raw="${GUARDEX_PROTECTED_BRANCHES:-$(git config --get multiagent.protectedBranches || true)}"
 if [[ -z "$protected_branches_raw" ]]; then
   protected_branches_raw="dev main master"
@@ -69,6 +76,11 @@ if [[ "${#blocked_refs[@]}" -gt 0 ]]; then
     exit 1
   fi
+  # Humans may push directly to protected branches; only agent sessions are blocked.
+  if [[ "$is_agent_session" != "1" ]]; then
+    exit 0
+  fi
   if [[ "$is_vscode_git_context" == "1" && "$allow_vscode_protected_branch_writes" == "1" ]]; then
     exit 0
   fi