@windyroad/itil 0.35.5 → 0.35.6-preview.363

package/.claude-plugin/plugin.json

@@ -484,5 +484,5 @@
     }
   },
   "name": "wr-itil",
-  "version": "0.35.5"
+  "version": "0.35.6"
 }

package/hooks/itil-changeset-discipline.sh

@@ -13,10 +13,19 @@
 # shape (no skill wrapper required — authoring a changeset is a
 # single command).
 #
+# Command-shape detection delegates to
+# `lib/command-detect.sh::command_invokes_git_commit`, which strips
+# common prefix shapes (leading whitespace, env-var assignments,
+# `cd <path> &&`) and checks whether the residual leading token pair
+# is literally `git commit`. P272: replaced the prior substring match
+# `*"git commit"*` that misfired on non-commit Bash whose argument
+# vectors merely mentioned the phrase (grep / sed / cat-heredoc /
+# echo / `git log --grep`).
+#
 # Allow paths (exit 0 silently per ADR-045 Pattern 1):
 #   - tool_name != "Bash"            (only Bash invocations are gated)
-#   - command does not contain      `git commit` substring (non-commit
-#                                   Bash bypasses entirely)
+#   - command is not a `git commit` invocation by leading-executable
+#                                   semantics (helper returns 1)
 #   - staged set is changeset-clean  (helper returns 0)
 #   - BYPASS_CHANGESET_GATE=1 env    (helper returns 0 first)
 #   - outside a git work tree        (helper fails-open)
@@ -41,10 +50,15 @@
 #             `.changeset/*.md`); composes-with as defence-in-depth.
 #   P125    — sibling staging-trap hook (same enforcement-layer shape).
 #   P141    — this hook.
+#   P268    — shared `command_invokes_git_commit` helper landed for
+#             `itil-readme-refresh-discipline.sh`; consumed here.
+#   P272    — sibling-hook refactor: substring-match → helper here.
 
 SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
 # shellcheck source=lib/changeset-detect.sh
 source "$SCRIPT_DIR/lib/changeset-detect.sh"
+# shellcheck source=lib/command-detect.sh
+source "$SCRIPT_DIR/lib/command-detect.sh"
 
 INPUT=$(cat)
 
@@ -71,13 +85,15 @@ except:
     print('')
 " 2>/dev/null || echo "")
 
-# Only fire on `git commit` invocations. Substring match catches common
-# shapes (`git commit -m`, `git commit --amend`, leading `cd && git
-# commit`, etc.) without over-matching unrelated bash.
-case "$COMMAND" in
-  *"git commit"*) ;;
-  *) exit 0 ;;
-esac
+# Only fire on actual `git commit` invocations. Delegates to
+# `lib/command-detect.sh::command_invokes_git_commit`, which strips
+# common prefix shapes (leading whitespace, env-var assignments,
+# `cd <path> &&`) and checks whether the residual leading token pair
+# is literally `git commit`. P272: replaced the prior substring match
+# `*"git commit"*` that misfired on non-commit Bash whose argument
+# vectors merely mentioned the phrase (grep / sed / cat-heredoc /
+# echo / `git log --grep`).
+command_invokes_git_commit "$COMMAND" || exit 0
 
 # Run detection. Helper echoes offending plugin slug on stdout when
 # detected; returns 1 in that case. Returns 0 (allow) on no-trap,

package/hooks/test/itil-changeset-discipline.bats

@@ -245,3 +245,112 @@ run_bash_hook() {
   [ "$status" -eq 0 ]
   [[ "$output" != *"\"permissionDecision\": \"deny\""* ]]
 }
+
+# --- P272: substring-vs-invocation regression coverage ---
+#
+# Prior to P272, the hook used `case "$COMMAND" in *"git commit"*) ;;`
+# which fired on ANY Bash command whose text contained the literal
+# phrase "git commit" — including grep patterns, sed substitutions,
+# cat heredoc bodies, echo strings, and `git log --grep` queries.
+# Workaround was stage-changeset-first-or-different-shell, observed
+# ≥3 events per session in the P268 sibling-hook class.
+# P272 replaces that match with a leading-executable-token check via
+# `lib/command-detect.sh::command_invokes_git_commit` (the shared
+# helper landed by P268). The tests below stage `@windyroad/itil/`
+# source (which would trigger deny if the gate fired) and run various
+# non-commit Bash commands whose argument vectors mention `git commit`.
+# The hook MUST pass silently.
+
+@test "P272 allow: grep with 'git commit' pattern does NOT trigger gate" {
+  echo "skill body" > packages/itil/skills/foo/SKILL.md
+  git add packages/itil/skills/foo/SKILL.md
+  run run_bash_hook "grep -n 'git commit' file.md"
+  [ "$status" -eq 0 ]
+  [[ "$output" != *"\"permissionDecision\": \"deny\""* ]]
+  # Silent pass per ADR-045 Pattern 1.
+  [ "${#output}" -eq 0 ]
+}
+
+@test "P272 allow: grep -rn 'git commit' packages/ (the recurring orchestrator surface)" {
+  echo "skill body" > packages/itil/skills/foo/SKILL.md
+  git add packages/itil/skills/foo/SKILL.md
+  run run_bash_hook "grep -rn 'git commit' packages/"
+  [ "$status" -eq 0 ]
+  [[ "$output" != *"\"permissionDecision\": \"deny\""* ]]
+  [ "${#output}" -eq 0 ]
+}
+
+@test "P272 allow: sed -i 's/git commit/.../' substitution does NOT trigger gate" {
+  echo "skill body" > packages/itil/skills/foo/SKILL.md
+  git add packages/itil/skills/foo/SKILL.md
+  run run_bash_hook "sed -i 's/git commit/git push/' file.md"
+  [ "$status" -eq 0 ]
+  [[ "$output" != *"\"permissionDecision\": \"deny\""* ]]
+  [ "${#output}" -eq 0 ]
+}
+
+@test "P272 allow: echo with 'git commit' inside string does NOT trigger gate" {
+  echo "skill body" > packages/itil/skills/foo/SKILL.md
+  git add packages/itil/skills/foo/SKILL.md
+  run run_bash_hook "echo 'the git commit gate fires here'"
+  [ "$status" -eq 0 ]
+  [[ "$output" != *"\"permissionDecision\": \"deny\""* ]]
+  [ "${#output}" -eq 0 ]
+}
+
+@test "P272 allow: git log --grep 'git commit' does NOT trigger gate (git log is leading)" {
+  echo "skill body" > packages/itil/skills/foo/SKILL.md
+  git add packages/itil/skills/foo/SKILL.md
+  run run_bash_hook "git log --grep 'git commit'"
+  [ "$status" -eq 0 ]
+  [[ "$output" != *"\"permissionDecision\": \"deny\""* ]]
+  [ "${#output}" -eq 0 ]
+}
+
+@test "P272 allow: cat heredoc whose body contains 'git commit' does NOT trigger gate (retro-write surface)" {
+  echo "skill body" > packages/itil/skills/foo/SKILL.md
+  git add packages/itil/skills/foo/SKILL.md
+  # Inline-build JSON with embedded newlines via python3 to mimic the
+  # Bash tool's multi-line command payload (the canonical retro-write
+  # surface that misfired in the P268 sibling).
+  local payload
+  payload=$(python3 -c "import json,sys; print(json.dumps({'tool_name':'Bash','tool_input':{'command':'cat >> docs/problems/README-history.md <<EOF\nFlow note: the git commit gate fires here.\nEOF'}}))")
+  run bash -c "echo '$payload' | bash $HOOK"
+  [ "$status" -eq 0 ]
+  [[ "$output" != *"\"permissionDecision\": \"deny\""* ]]
+  [ "${#output}" -eq 0 ]
+}
+
+@test "P272 allow: git commit-tree (boundary check — commit-tree is a different plumbing command)" {
+  echo "skill body" > packages/itil/skills/foo/SKILL.md
+  git add packages/itil/skills/foo/SKILL.md
+  run run_bash_hook "git commit-tree HEAD^{tree}"
+  [ "$status" -eq 0 ]
+  [[ "$output" != *"\"permissionDecision\": \"deny\""* ]]
+  [ "${#output}" -eq 0 ]
+}
+
+@test "P272 deny: actual git commit invocation with staged packages/<plugin>/ source still triggers gate (positive regression)" {
+  echo "skill body" > packages/itil/skills/foo/SKILL.md
+  git add packages/itil/skills/foo/SKILL.md
+  run run_bash_hook "git commit -m 'feat'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"\"permissionDecision\": \"deny\""* ]]
+  [[ "$output" == *"P141"* ]]
+}
+
+@test "P272 deny: cd <path> && git commit (prefix-strip path) still triggers gate" {
+  echo "skill body" > packages/itil/skills/foo/SKILL.md
+  git add packages/itil/skills/foo/SKILL.md
+  run run_bash_hook "cd . && git commit -m 'feat'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"\"permissionDecision\": \"deny\""* ]]
+}
+
+@test "P272 deny: GIT_AUTHOR_NAME=Test git commit (env-prefix path) still triggers gate" {
+  echo "skill body" > packages/itil/skills/foo/SKILL.md
+  git add packages/itil/skills/foo/SKILL.md
+  run run_bash_hook "GIT_AUTHOR_NAME=Test git commit -m 'feat'"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"\"permissionDecision\": \"deny\""* ]]
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@windyroad/itil",
-  "version": "0.35.5",
+  "version": "0.35.6-preview.363",
   "description": "ITIL-aligned IT service management for Claude Code (problem, and future incident/change skills)",
   "bin": {
     "windyroad-itil": "./bin/install.mjs"