@seanmozeik/tripwire 0.1.0 → 0.4.0

package/src/lib/install.ts

@@ -0,0 +1,238 @@
+// Config installation module for tripwire hooks.
+// Parses and upserts hook configurations for Claude Code, Codex, and pi-guardrails.
+
+import { homedir } from 'node:os';
+
+import { file } from 'bun';
+
+interface ClaudeConfig {
+  hooks?: {
+    PreToolUse?: { hooks: { type: string; command: string }[] }[];
+    PostToolUse?: { hooks: { type: string; command: string }[] }[];
+  };
+}
+
+interface PiConfig {
+  hooks?: {
+    PreToolUse?: { hooks: { type: string; command: string }[] }[];
+    PostToolUse?: { hooks: { type: string; command: string }[] }[];
+  };
+}
+
+interface CodexHooksConfig {
+  hooks?: {
+    PreToolUse?: { hooks: { type: string; command: string; timeout?: number }[] }[];
+    PostToolUse?: { hooks: { type: string; command: string; timeout?: number }[] }[];
+  };
+}
+
+const TRIPWIRE_HOOK = 'tripwire-hook';
+
+const addHookIfMissing = (
+  hooks: { hooks: { type: string; command: string; timeout?: number }[] }[] | undefined,
+): [{ hooks: { type: string; command: string; timeout?: number }[] }[], boolean] => {
+  if (!hooks) {
+    const newHooks: { hooks: { type: string; command: string; timeout?: number }[] }[] = [
+      { hooks: [{ type: 'command', command: TRIPWIRE_HOOK }] },
+    ];
+    return [newHooks, false];
+  }
+
+  let needsNormalization = false;
+
+  const normalizedHooks = hooks.map((h) => ({
+    hooks: h.hooks.map((hook) => {
+      if (hook.command === TRIPWIRE_HOOK || hook.command.endsWith('/tripwire-hook')) {
+        if (hook.command !== TRIPWIRE_HOOK) {
+          needsNormalization = true;
+          return { ...hook, command: TRIPWIRE_HOOK };
+        }
+        return hook;
+      }
+      return hook;
+    }),
+  }));
+
+  const hasTripwire = normalizedHooks.some((h) =>
+    h.hooks.some((hook) => hook.command === TRIPWIRE_HOOK),
+  );
+
+  if (hasTripwire) {
+    return [normalizedHooks, !needsNormalization];
+  }
+
+  const newHooks: { hooks: { type: string; command: string; timeout?: number }[] }[] = [
+    ...normalizedHooks,
+    { hooks: [{ type: 'command', command: TRIPWIRE_HOOK }] },
+  ];
+  return [newHooks, false];
+};
+
+export const installClaude = async (): Promise<{ success: boolean; message: string }> => {
+  const configPath = `${homedir()}/.claude/settings.json`;
+  const configFile = file(configPath);
+
+  try {
+    const raw = await configFile.text();
+    const config = JSON.parse(raw) as ClaudeConfig;
+
+    config.hooks ??= {};
+    const [preToolUse, preSkipped] = addHookIfMissing(config.hooks.PreToolUse);
+    const [postToolUse, postSkipped] = addHookIfMissing(config.hooks.PostToolUse);
+
+    config.hooks.PreToolUse = preToolUse;
+    config.hooks.PostToolUse = postToolUse;
+
+    if (preSkipped && postSkipped) {
+      return { success: true, message: `Already configured: ${configPath}` };
+    }
+
+    await configFile.write(`${JSON.stringify(config, null, 2)}\n`);
+
+    return { success: true, message: `Updated ${configPath}` };
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    if (message.includes('No such file')) {
+      return { success: false, message: `Config file not found: ${configPath}` };
+    }
+    return { success: false, message: `Failed to update Claude config: ${message}` };
+  }
+};
+
+export const installPi = async (): Promise<{ success: boolean; message: string }> => {
+  const configPath = `${homedir()}/.pi/agent/settings.json`;
+  const configFile = file(configPath);
+
+  try {
+    const raw = await configFile.text();
+    const config = JSON.parse(raw) as PiConfig;
+
+    config.hooks ??= {};
+    const [preToolUse, preSkipped] = addHookIfMissing(config.hooks.PreToolUse);
+    const [postToolUse, postSkipped] = addHookIfMissing(config.hooks.PostToolUse);
+
+    config.hooks.PreToolUse = preToolUse;
+    config.hooks.PostToolUse = postToolUse;
+
+    if (preSkipped && postSkipped) {
+      return { success: true, message: `Already configured: ${configPath}` };
+    }
+
+    await configFile.write(`${JSON.stringify(config, null, 2)}\n`);
+
+    return { success: true, message: `Updated ${configPath}` };
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    if (message.includes('No such file')) {
+      return { success: false, message: `Config file not found: ${configPath}` };
+    }
+    return { success: false, message: `Failed to update pi config: ${message}` };
+  }
+};
+
+export const installCodex = async (): Promise<{ success: boolean; message: string }> => {
+  const configTomlPath = `${homedir()}/.codex/config.toml`;
+  const hooksJsonPath = `${homedir()}/.codex/hooks.json`;
+  const hooksJsonFile = file(hooksJsonPath);
+  const configTomlFile = file(configTomlPath);
+
+  let hooksUpdated = false;
+  let tomlUpdated = false;
+
+  // First, update hooks.json
+  try {
+    const raw = await hooksJsonFile.text();
+    const config = JSON.parse(raw) as CodexHooksConfig;
+
+    config.hooks ??= {};
+    const [preToolUse, preSkipped] = addHookIfMissing(config.hooks.PreToolUse);
+    const [postToolUse, postSkipped] = addHookIfMissing(config.hooks.PostToolUse);
+
+    config.hooks.PreToolUse = preToolUse;
+    config.hooks.PostToolUse = postToolUse;
+
+    if (!preSkipped || !postSkipped) {
+      hooksUpdated = true;
+    }
+
+    // Add timeout to tripwire-hook if not present
+    const addTimeout = (
+      hooks: { hooks: { type: string; command: string; timeout?: number }[] }[] | undefined,
+    ): { hooks: { type: string; command: string; timeout?: number }[] }[] => {
+      return (
+        hooks?.map((h) => ({
+          hooks: h.hooks.map((hook) => {
+            if (hook.command === TRIPWIRE_HOOK && hook.timeout === undefined) {
+              return { ...hook, timeout: 10 };
+            }
+            return hook;
+          }),
+        })) ?? []
+      );
+    };
+
+    config.hooks.PreToolUse = addTimeout(config.hooks.PreToolUse);
+    config.hooks.PostToolUse = addTimeout(config.hooks.PostToolUse);
+
+    if (hooksUpdated) {
+      await hooksJsonFile.write(`${JSON.stringify(config, null, 2)}\n`);
+    }
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    if (message.includes('No such file')) {
+      return { success: false, message: `Config file not found: ${hooksJsonPath}` };
+    }
+    return { success: false, message: `Failed to update Codex hooks.json: ${message}` };
+  }
+
+  // Then, update config.toml to enable hooks
+  try {
+    const raw = await configTomlFile.text();
+    let toml = raw;
+
+    // Enable hooks in [features] section
+    if (toml.includes('hooks = true')) {
+      // Already enabled, nothing to do
+    } else {
+      tomlUpdated = true;
+      if (toml.includes('[features]')) {
+        // Find [features] section and add hooks = true
+        const featuresIndex = toml.indexOf('[features]');
+        const nextSectionIndex = toml.indexOf('\n[', featuresIndex + 1);
+        if (nextSectionIndex === -1) {
+          toml += '\nhooks = true';
+        } else {
+          toml = `${toml.slice(0, nextSectionIndex)}\nhooks = true${toml.slice(nextSectionIndex)}`;
+        }
+      } else {
+        toml += '\n[features]\nhooks = true';
+      }
+    }
+
+    if (tomlUpdated) {
+      await configTomlFile.write(toml);
+    }
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    if (message.includes('No such file')) {
+      return { success: false, message: `Config file not found: ${configTomlPath}` };
+    }
+    return { success: false, message: `Failed to update Codex config.toml: ${message}` };
+  }
+
+  if (!hooksUpdated && !tomlUpdated) {
+    return { success: true, message: `Already configured: ${configTomlPath} and ${hooksJsonPath}` };
+  }
+
+  return { success: true, message: `Updated ${configTomlPath} and ${hooksJsonPath}` };
+};
+
+export const installAll = async (): Promise<
+  { target: string; success: boolean; message: string }[]
+> => {
+  return [
+    { target: 'claude', ...(await installClaude()) },
+    { target: 'codex', ...(await installCodex()) },
+    { target: 'pi', ...(await installPi()) },
+  ];
+};

package/src/rules/config-custom.ts

@@ -1,51 +1,160 @@
 // Config-based custom blocking/allowing rules.
 // Uses shell parsing utilities to match command patterns from config.
 
-import { parseCommand, type Segment } from '../lib/bash';
+import { hasBypass, parseCommand, type Segment } from '../lib/bash';
 import type { BlockRule } from '../lib/config';
 import { type Decision, allow, deny, ask } from '../lib/decision';
 
+const BYPASS_HELP = 'If this is intentional, append ` # tripwire-allow: <reason>` to the command.';
+
+const ALIASES: ReadonlyMap<string, string> = new Map([
+  ['add', 'create'],
+  ['new', 'create'],
+  ['edit', 'update'],
+  ['set', 'update'],
+  ['rm', 'delete'],
+  ['del', 'delete'],
+  ['remove', 'delete'],
+]);
+
+const canonical = (token: string): string => ALIASES.get(token) ?? token;
+
+// Strip directory prefix so an absolute or homebrew-style path matches its
+// Basename — `/opt/homebrew/bin/gog` and `gog` are the same command for
+// Policy purposes. shim's typed dispatcher resolves CLIs to absolute paths,
+// So matchers that compare `seg.head` literally would otherwise miss every
+// Rule for those invocations.
+const basename = (token: string): string => {
+  const idx = token.lastIndexOf('/');
+  return idx === -1 ? token : token.slice(idx + 1);
+};
+
+const flagPresent = (tokens: readonly string[], flag: string): boolean =>
+  tokens.some((t) => t === flag || t.startsWith(`${flag}=`));
+
+const flagValue = (tokens: readonly string[], flag: string): string | null => {
+  for (let i = 0; i < tokens.length; i++) {
+    const t = tokens[i]!;
+    if (t === flag) {
+      return tokens[i + 1] ?? '';
+    }
+    if (t.startsWith(`${flag}=`)) {
+      return t.slice(flag.length + 1);
+    }
+  }
+  return null;
+};
+
+const subcommandTokens = (seg: Segment): string[] => {
+  const out: string[] = [];
+  const tokens = seg.tokens.slice(1);
+  for (let i = 0; i < tokens.length; i++) {
+    const t = tokens[i]!;
+    if (t.startsWith('-')) {
+      // Without per-CLI flag metadata, we conservatively treat
+      // `--flag value` / `-f value` as one option pair and `--flag=value`
+      // As one token. This keeps global selectors like `--account X`
+      // Out of the subcommand path, at the cost of not distinguishing
+      // Boolean flags that precede positional args.
+      if (!t.includes('=') && tokens[i + 1] !== undefined && !tokens[i + 1]!.startsWith('-')) {
+        i++;
+      }
+      continue;
+    }
+    out.push(t);
+  }
+  return out;
+};
+
 // Match a pattern against parsed segments using shell parsing.
 // This is more powerful than simple regex because it uses the same
 // Parsing logic as the rest of tripwire.
-const matchPattern = (segments: readonly Segment[], pattern: string): boolean => {
+const matchPattern = (segments: readonly Segment[], rule: BlockRule): boolean => {
+  const pattern = rule.pattern;
   const patternSegs = parseCommand(pattern);
   if (patternSegs.length === 0) {
     return false;
   }
 
-  const patternHead = patternSegs[0]!.head;
+  const patternTokens = patternSegs[0]!.tokens;
+  const patternHead = patternTokens[0];
+  if (patternHead === undefined) {
+    return false;
+  }
+  const patternSubcommands = patternTokens.slice(1);
 
-  // Simple head match for now - can be extended to match flags, args, etc.
   for (const seg of segments) {
-    if (seg.head === patternHead) {
+    if (basename(seg.head) !== basename(patternHead)) {
+      continue;
+    }
+
+    if (patternSubcommands.length > 0) {
+      const actualSubcommands = subcommandTokens(seg);
+      const pathMatches = patternSubcommands.every(
+        (p, i) =>
+          actualSubcommands[i] !== undefined && canonical(actualSubcommands[i]) === canonical(p),
+      );
+      if (!pathMatches) {
+        continue;
+      }
+    }
+
+    if ((rule.requiresFlags ?? []).some((flag) => !flagPresent(seg.tokens, flag))) {
+      continue;
+    }
+
+    const valueChecks = rule.forbidsFlagValues ?? [];
+    const valuesMatch = valueChecks.every((check) => {
+      const value = flagValue(seg.tokens, check.flag);
+      return value !== null && check.values.includes(value);
+    });
+    if (!valuesMatch) {
+      continue;
+    }
+
+    if (
+      patternSubcommands.length === 0 &&
+      rule.requiresFlags === undefined &&
+      rule.forbidsFlagValues === undefined
+    ) {
       return true;
     }
+
+    return true;
   }
   return false;
 };
 
 export const configCustom = (
   segments: readonly Segment[],
-  _cmd: string,
+  cmd: string,
   blockedCommands: readonly BlockRule[],
   allowedCommands: readonly BlockRule[],
 ): Decision => {
+  if (hasBypass(cmd)) {
+    return allow('config-custom');
+  }
+
   // Check allowed first (overrides blocks)
   for (const allowRule of allowedCommands) {
-    if (matchPattern(segments, allowRule.pattern)) {
+    if (matchPattern(segments, allowRule)) {
       return allow('config-custom');
     }
   }
 
   // Then check blocked
   for (const blockRule of blockedCommands) {
-    if (matchPattern(segments, blockRule.pattern)) {
-      return blockRule.action === 'deny'
-        ? deny('config-custom', blockRule.message)
-        : ask('config-custom', blockRule.message);
+    if (matchPattern(segments, blockRule)) {
+      const message = blockRule.message.includes('tripwire-allow')
+        ? blockRule.message
+        : `${blockRule.message} ${BYPASS_HELP}`;
+      return blockRule.action === 'ask'
+        ? ask('config-custom', message)
+        : deny('config-custom', message);
     }
   }
 
   return allow('config-custom');
 };
+
+export { matchPattern };