@windyroad/risk-scorer 0.16.2-preview.902 → 0.16.3-preview.916
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/plugin.json +1 -1
- package/hooks/hooks.json +2 -1
- package/hooks/staleness-check.sh +70 -0
- package/package.json +1 -1
package/hooks/hooks.json
CHANGED
|
@@ -4,7 +4,8 @@
|
|
|
4
4
|
{ "matcher": "startup", "hooks": [{ "type": "command", "command": "${CLAUDE_PLUGIN_ROOT}/hooks/risk-scorer-scaffold-nudge.sh" }] }
|
|
5
5
|
],
|
|
6
6
|
"UserPromptSubmit": [
|
|
7
|
-
{ "hooks": [{ "type": "command", "command": "${CLAUDE_PLUGIN_ROOT}/hooks/risk-score.sh" }] }
|
|
7
|
+
{ "hooks": [{ "type": "command", "command": "${CLAUDE_PLUGIN_ROOT}/hooks/risk-score.sh" }] },
|
|
8
|
+
{ "hooks": [{ "type": "command", "command": "${CLAUDE_PLUGIN_ROOT}/hooks/staleness-check.sh" }] }
|
|
8
9
|
],
|
|
9
10
|
"PreToolUse": [
|
|
10
11
|
{ "matcher": "Edit|Write", "hooks": [{ "type": "command", "command": "${CLAUDE_PLUGIN_ROOT}/hooks/secret-leak-gate.sh" }, { "type": "command", "command": "${CLAUDE_PLUGIN_ROOT}/hooks/wip-risk-gate.sh" }] },
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
#!/bin/bash
|
|
2
|
+
# Plugin-staleness surfacer — UserPromptSubmit hook (ADR-088 / RFC-036 / P045 / P375).
|
|
3
|
+
#
|
|
4
|
+
# Every turn, compare THIS session's running plugin version (inferred from the
|
|
5
|
+
# hook's own script path in the plugin cache) against the highest version
|
|
6
|
+
# installed on disk for the same plugin key. When the session is behind, emit
|
|
7
|
+
# ONE advisory line telling the user to restart to pick up the newer code.
|
|
8
|
+
#
|
|
9
|
+
# Network-free (own version from script path vs highest semver cache dir),
|
|
10
|
+
# warn-only (never installs or restarts — P343 restart-required means an
|
|
11
|
+
# auto-refresh can't help THIS session anyway), fails quiet on any error
|
|
12
|
+
# (fail-open), silent when the session is current, and emits at most once per
|
|
13
|
+
# newly-detected version (a version-keyed extension of ADR-038's per-session
|
|
14
|
+
# announcement marker) so it costs ~0 tokens on unchanged turns.
|
|
15
|
+
#
|
|
16
|
+
# Each plugin ships its own copy and emits its own line independently — no
|
|
17
|
+
# cross-plugin coordination (eliminates the P260 shared-marker race).
|
|
18
|
+
#
|
|
19
|
+
# Canonical source: packages/shared/hooks/staleness-check.sh. Synced to each
|
|
20
|
+
# consumer plugin by scripts/sync-staleness-check.sh (ADR-017); CI
|
|
21
|
+
# `npm run check:staleness-check` fails on drift.
|
|
22
|
+
|
|
23
|
+
# Fail-open: any unexpected error → silent success, never block a turn.
|
|
24
|
+
set +e
|
|
25
|
+
|
|
26
|
+
# AFK-launched sessions suppress the advisory: the orchestrator handles cache
|
|
27
|
+
# refresh (work-problems Step 6.5) and an AFK subprocess cannot restart itself,
|
|
28
|
+
# so the line would be pure noise. Reuses the established AFK-suppress marker.
|
|
29
|
+
[ "${WR_SUPPRESS_OVERSIGHT_NUDGE:-}" = "1" ] && exit 0
|
|
30
|
+
|
|
31
|
+
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" 2>/dev/null && pwd)" || exit 0
|
|
32
|
+
[ -n "$SCRIPT_DIR" ] || exit 0
|
|
33
|
+
|
|
34
|
+
# Installed layout: <cache>/windyroad/<key>/<version>/hooks/staleness-check.sh
|
|
35
|
+
# → version = basename(dirname(SCRIPT_DIR)); key = basename(dirname(dirname)).
|
|
36
|
+
VERSION_DIR="$(dirname "$SCRIPT_DIR")" # <cache>/windyroad/<key>/<version>
|
|
37
|
+
SELF_VERSION="$(basename "$VERSION_DIR")"
|
|
38
|
+
KEY_DIR="$(dirname "$VERSION_DIR")" # <cache>/windyroad/<key>
|
|
39
|
+
KEY="$(basename "$KEY_DIR")"
|
|
40
|
+
|
|
41
|
+
# Not running from the versioned plugin cache (e.g. source-repo dogfooding at
|
|
42
|
+
# packages/shared/hooks) → own version isn't strict semver → silent.
|
|
43
|
+
case "$SELF_VERSION" in
|
|
44
|
+
[0-9]*.[0-9]*.[0-9]*) : ;;
|
|
45
|
+
*) exit 0 ;;
|
|
46
|
+
esac
|
|
47
|
+
|
|
48
|
+
# Highest strict-semver cache dir for this key. The semver filter drops
|
|
49
|
+
# SHA-named git-source residual dirs that would otherwise win `sort -V` (the
|
|
50
|
+
# recurring cache-refresh trap — see /install-updates / feedback memory).
|
|
51
|
+
HIGHEST="$(ls "$KEY_DIR" 2>/dev/null | grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | sort -V | tail -1)"
|
|
52
|
+
[ -n "$HIGHEST" ] || exit 0
|
|
53
|
+
|
|
54
|
+
# Session is current, or somehow ahead of the highest installed → silent.
|
|
55
|
+
[ "$SELF_VERSION" = "$HIGHEST" ] && exit 0
|
|
56
|
+
[ "$(printf '%s\n%s\n' "$SELF_VERSION" "$HIGHEST" | sort -V | tail -1)" = "$HIGHEST" ] || exit 0
|
|
57
|
+
|
|
58
|
+
# Emit once per (session, key, detected-version): a version-keyed extension of
|
|
59
|
+
# ADR-038's /tmp/${SYSTEM}-announced-${SESSION_ID} marker. A newer version
|
|
60
|
+
# detected mid-session yields a new marker key → re-emitted once. Empty
|
|
61
|
+
# SESSION_ID (test/manual) → no marker written, no dedup.
|
|
62
|
+
SESSION_ID="$(cat 2>/dev/null | jq -r '.session_id // empty' 2>/dev/null)"
|
|
63
|
+
if [ -n "$SESSION_ID" ]; then
|
|
64
|
+
MARKER="/tmp/wr-staleness-announced-${SESSION_ID}-${KEY}-${HIGHEST}"
|
|
65
|
+
[ -f "$MARKER" ] && exit 0
|
|
66
|
+
: > "$MARKER" 2>/dev/null
|
|
67
|
+
fi
|
|
68
|
+
|
|
69
|
+
echo "${KEY}: this session is on ${SELF_VERSION}, ${HIGHEST} installed — restart to pick it up"
|
|
70
|
+
exit 0
|
package/package.json
CHANGED