npm - @windyroad/risk-scorer - Versions diffs - 0.11.3-preview.472 → 0.11.3-preview.484 - Mend

@windyroad/risk-scorer 0.11.3-preview.472 → 0.11.3-preview.484

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/hooks/external-comms-gate.sh +54 -7
package/hooks/test/external-comms-gate.bats +92 -0
package/package.json +1 -1

package/hooks/external-comms-gate.sh CHANGED Viewed

@@ -14,6 +14,14 @@
 #   - gh api .../comments                         (any REST surface accepting prose)
 #   - npm publish                                 (README / package metadata to npm)
 #   - PreToolUse:Write|Edit on .changeset/*.md    (P073 — gates author-time)
+#   - git commit -m / --message (incl. HEREDOC)   (P082 Phase 1 — commit message
+#                                                  body reaches every reader of git
+#                                                  log, PR commits tab, release-page
+#                                                  auto-notes, CHANGELOG. Editor
+#                                                  flow is out of scope per P082 SC1
+#                                                  — message is written to
+#                                                  .git/COMMIT_EDITMSG AFTER
+#                                                  PreToolUse, nothing to read.)
 #
 # Gate behaviour:
 #   1. BYPASS_RISK_GATE=1 short-circuits the gate (consistent with git-push-gate.sh).
@@ -144,20 +152,59 @@ except Exception:
             SURFACE="gh-api-comments"
         elif echo "$COMMAND" | grep -qE '(^|;|&&|\|\|)\s*npm publish(\s|$)'; then
             SURFACE="npm-publish"
+        elif echo "$COMMAND" | grep -qE '(^|;|&&|\|\|)\s*git commit(\s|$)'; then
+            # P082 Phase 1: gate `git commit -m / --message / HEREDOC` so commit
+            # message bodies are reviewed by the voice-tone + risk evaluators
+            # before they land in git log / PR commits tab / release notes /
+            # CHANGELOG. Editor flow (bare `git commit`) is out of scope per
+            # P082 SC1 — git writes .git/COMMIT_EDITMSG AFTER PreToolUse fires,
+            # so there's no body to extract at gate time. Skip silently when
+            # neither -m nor --message is present.
+            if echo "$COMMAND" | grep -qE '(\s|^)(-m|--message)(\s|=)'; then
+                SURFACE="git-commit-message"
+            else
+                exit 0
+            fi
         else
             exit 0
         fi
-        # Best-effort body extraction: --body 'TEXT' or --body "TEXT" or --field summary='TEXT'.
-        # When absent (npm publish, --body-file), DRAFT="" is acceptable: the agent will
-        # be invoked with command context and read whatever body source the call uses.
+        # Best-effort body extraction. Order matters — most-specific first.
+        #
+        #   HEREDOC first: `git commit -m "$(cat <<'EOF'\n...\nEOF\n)"` is the
+        #     AI-dominant form. Must precede --body "..." / -m "..." because
+        #     those would otherwise match the literal `$(cat <<'EOF'...EOF)`
+        #     text as the body, defeating the marker key match against the
+        #     subagent's <draft> body.
+        #   Then --body / --field for the gh + npm + security-advisories surfaces.
+        #   Then -m / --message for git commit (single-line literal forms).
+        #
+        # When absent (npm publish, --body-file, editor flow already filtered),
+        # DRAFT="" is acceptable: the agent will be invoked with command
+        # context and read whatever body source the call uses.
         DRAFT=$(printf '%s' "$COMMAND" | python3 -c "
 import sys, re
 cmd = sys.stdin.read()
-# Match --body '...' or --body \"...\" or --field summary='...'
-for pat in [r\"--body[= ]'([^']*)'\", r'--body[= ]\"([^\"]*)\"',
-            r\"--field [a-zA-Z_]+='([^']*)'\", r'--field [a-zA-Z_]+=\"([^\"]*)\"']:
-    m = re.search(pat, cmd)
+# (pattern, flags) — first match wins.
+patterns = [
+    # HEREDOC body — matches a here-doc with EOF delimiter (quoted or
+    # unquoted). The literal '<<' is written as the char-class pair
+    # [<][<] so bash's command-substitution parser does NOT mis-parse
+    # this regex as a real here-doc operator (P082 implementation note).
+    # DOTALL so the body can span newlines.
+    (r\"[<][<]\s*['\\\"]?EOF['\\\"]?\s*\n(.*?)\nEOF\", re.DOTALL),
+    # gh issue/pr + npm publish --body 'TEXT' / --body \"TEXT\" (existing).
+    (r\"--body[= ]'([^']*)'\", 0),
+    (r'--body[= ]\"([^\"]*)\"', 0),
+    # gh api --field summary='TEXT' / --field summary=\"TEXT\" (existing).
+    (r\"--field [a-zA-Z_]+='([^']*)'\", 0),
+    (r'--field [a-zA-Z_]+=\"([^\"]*)\"', 0),
+    # git commit -m / --message single-line literal forms (P082 Phase 1).
+    (r\"(?:-m|--message)[= ]'([^']*)'\", 0),
+    (r'(?:-m|--message)[= ]\"([^\"]*)\"', 0),
+]
+for pat, flags in patterns:
+    m = re.search(pat, cmd, flags)
     if m:
         print(m.group(1))
         break

package/hooks/test/external-comms-gate.bats CHANGED Viewed

@@ -224,3 +224,95 @@ run_hook() {
   [ "$status" -eq 0 ]
   [ -z "$output" ]
 }
+# ---------------------------------------------------------------------------
+# P082 Phase 1 — git commit message surface (risk evaluator).
+# Commit messages reach git log / PR commits tab / release notes /
+# CHANGELOG. The risk evaluator gates the body for leak patterns
+# (credentials, prod URLs, business-context-paired financials/user counts)
+# AND defers structured leak-free drafts to the wr-risk-scorer:external-comms
+# subagent. Editor flow (bare `git commit`) is out of scope per P082 SC1.
+# ---------------------------------------------------------------------------
+@test "P082: git commit -m with leak-shaped credential body denies via leak pre-filter" {
+  INPUT=$(build_bash_input "git commit -m \"docs: token=${GH_TOKEN_LIKE}\"")
+  run_hook "$INPUT"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"deny"* ]]
+  [[ "$output" == *"git-commit-message"* ]]
+  [[ "$output" == *"GitHub token"* ]] || [[ "$output" == *"credential"* ]]
+}
+@test "P082: git commit -m with leak-free body denies and delegates to risk evaluator" {
+  INPUT=$(build_bash_input "git commit -m \"fix(foo): handle null input\"")
+  run_hook "$INPUT"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"deny"* ]]
+  [[ "$output" == *"git-commit-message"* ]]
+  [[ "$output" == *"wr-risk-scorer:external-comms"* ]]
+}
+@test "P082: git commit --amend -m is intercepted (P082 SC2)" {
+  INPUT=$(build_bash_input "git commit --amend -m \"rewritten subject\"")
+  run_hook "$INPUT"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"deny"* ]]
+  [[ "$output" == *"git-commit-message"* ]]
+}
+@test "P082: git commit HEREDOC body is intercepted and the body becomes the marker key" {
+  # Build a HEREDOC-shaped command. The hook regex pulls the body BETWEEN
+  # the <<'EOF' opener and the closing EOF marker — the extracted DRAFT is
+  # the inner text, NOT the literal `$(cat <<'EOF' ... EOF)` wrapper.
+  BODY=$'feat(foo): add bar\n\nWe observed a build failure on Node 20.'
+  CMD=$'git commit -m "$(cat <<\'EOF\'\n'"$BODY"$'\nEOF\n)"'
+  INPUT=$(build_bash_input "$CMD")
+  run_hook "$INPUT"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"deny"* ]]
+  [[ "$output" == *"git-commit-message"* ]]
+  # Pre-place the per-evaluator marker keyed on the extracted HEREDOC body
+  # + the git-commit-message surface; the second run must permit silently.
+  SURFACE="git-commit-message"
+  KEY=$(printf '%s\n%s' "$BODY" "$SURFACE" | shasum -a 256 | cut -d' ' -f1)
+  touch "${RDIR}/external-comms-risk-reviewed-${KEY}"
+  run_hook "$INPUT"
+  [ "$status" -eq 0 ]
+  [ -z "$output" ]
+}
+@test "P082: bare git commit (editor flow) is silently allowed per SC1" {
+  # No -m / --message → .git/COMMIT_EDITMSG doesn't exist at PreToolUse
+  # time. Phase 1 skip is pragmatic; the editor flow has user-eyeballs.
+  INPUT=$(build_bash_input "git commit")
+  run_hook "$INPUT"
+  [ "$status" -eq 0 ]
+  [ -z "$output" ]
+}
+@test "P082: git merge is silently allowed (not a git commit verb, SC3)" {
+  INPUT=$(build_bash_input "git merge --no-ff feature-branch")
+  run_hook "$INPUT"
+  [ "$status" -eq 0 ]
+  [ -z "$output" ]
+}
+@test "P082: BYPASS_RISK_GATE=1 short-circuits the git commit gate" {
+  INPUT=$(build_bash_input "git commit -m \"fix(foo): handle null input\"")
+  run bash -c "cd '$TEST_PROJECT_DIR' && BYPASS_RISK_GATE=1 printf '%s' \"\$1\" | BYPASS_RISK_GATE=1 '$HOOK'" _ "$INPUT"
+  [ "$status" -eq 0 ]
+  [ -z "$output" ]
+}
+@test "P082: per-evaluator marker keyed on (body, git-commit-message) permits the call" {
+  BODY="docs(retro): close iter 3 ask-hygiene trail"
+  SURFACE="git-commit-message"
+  KEY=$(printf '%s\n%s' "$BODY" "$SURFACE" | shasum -a 256 | cut -d' ' -f1)
+  touch "${RDIR}/external-comms-risk-reviewed-${KEY}"
+  INPUT=$(build_bash_input "git commit -m \"$BODY\"")
+  run_hook "$INPUT"
+  [ "$status" -eq 0 ]
+  [ -z "$output" ]
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@windyroad/risk-scorer",
-  "version": "0.11.3-preview.472",
+  "version": "0.11.3-preview.484",
   "description": "Pipeline risk scoring, commit/push gates, and secret leak detection",
   "bin": {
     "windyroad-risk-scorer": "./bin/install.mjs"