agileflow 2.80.0 → 2.81.0

package/scripts/lib/damage-control-utils.js

@@ -0,0 +1,251 @@
+/**
+ * damage-control-utils.js - Shared utilities for damage-control hooks
+ *
+ * IMPORTANT: These scripts must FAIL OPEN (exit 0 on error)
+ * to avoid blocking users when config is broken.
+ *
+ * This module is copied to .agileflow/scripts/lib/ at install time
+ * and used by damage-control-bash.js, damage-control-edit.js, damage-control-write.js
+ */
+
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+// Inline colors (no external dependency - keeps scripts standalone)
+const c = {
+  coral: '\x1b[38;5;203m',
+  dim: '\x1b[2m',
+  reset: '\x1b[0m',
+};
+
+// Shared constants
+const CONFIG_PATHS = [
+  '.agileflow/config/damage-control-patterns.yaml',
+  '.agileflow/config/damage-control-patterns.yml',
+  '.agileflow/templates/damage-control-patterns.yaml',
+];
+
+const STDIN_TIMEOUT_MS = 4000;
+
+/**
+ * Find project root by looking for .agileflow directory
+ * @returns {string} Project root path or current working directory
+ */
+function findProjectRoot() {
+  let dir = process.cwd();
+  while (dir !== '/') {
+    if (fs.existsSync(path.join(dir, '.agileflow'))) {
+      return dir;
+    }
+    dir = path.dirname(dir);
+  }
+  return process.cwd();
+}
+
+/**
+ * Expand ~ to home directory
+ * @param {string} p - Path that may start with ~/
+ * @returns {string} Expanded path
+ */
+function expandPath(p) {
+  if (p.startsWith('~/')) {
+    return path.join(os.homedir(), p.slice(2));
+  }
+  return p;
+}
+
+/**
+ * Load patterns configuration from YAML file
+ * Returns empty config if not found (fail-open)
+ *
+ * @param {string} projectRoot - Project root directory
+ * @param {function} parseYAML - Function to parse YAML content
+ * @param {object} defaultConfig - Default config if no file found
+ * @returns {object} Parsed configuration
+ */
+function loadPatterns(projectRoot, parseYAML, defaultConfig = {}) {
+  for (const configPath of CONFIG_PATHS) {
+    const fullPath = path.join(projectRoot, configPath);
+    if (fs.existsSync(fullPath)) {
+      try {
+        const content = fs.readFileSync(fullPath, 'utf8');
+        return parseYAML(content);
+      } catch (e) {
+        // Continue to next path
+      }
+    }
+  }
+
+  // Return empty config if no file found (fail-open)
+  return defaultConfig;
+}
+
+/**
+ * Check if a file path matches any of the protected patterns
+ *
+ * @param {string} filePath - File path to check
+ * @param {string[]} patterns - Array of patterns to match against
+ * @returns {string|null} Matched pattern or null
+ */
+function pathMatches(filePath, patterns) {
+  if (!filePath) return null;
+
+  const normalizedPath = path.resolve(filePath);
+  const relativePath = path.relative(process.cwd(), normalizedPath);
+
+  for (const pattern of patterns) {
+    const expandedPattern = expandPath(pattern);
+
+    // Check if pattern is a directory prefix
+    if (pattern.endsWith('/')) {
+      const patternDir = expandedPattern.slice(0, -1);
+      if (normalizedPath.startsWith(patternDir)) {
+        return pattern;
+      }
+    }
+
+    // Check exact match
+    if (normalizedPath === expandedPattern) {
+      return pattern;
+    }
+
+    // Check if normalized path ends with pattern (for filenames like "id_rsa")
+    if (normalizedPath.endsWith(pattern) || relativePath.endsWith(pattern)) {
+      return pattern;
+    }
+
+    // Check if pattern appears in path (for patterns like "*.pem")
+    if (pattern.startsWith('*')) {
+      const ext = pattern.slice(1);
+      if (normalizedPath.endsWith(ext) || relativePath.endsWith(ext)) {
+        return pattern;
+      }
+    }
+
+    // Check if path contains pattern (for things like ".env.production")
+    const patternBase = path.basename(pattern);
+    if (path.basename(normalizedPath) === patternBase) {
+      return pattern;
+    }
+  }
+
+  return null;
+}
+
+/**
+ * Output blocked message to stderr
+ *
+ * @param {string} reason - Main reason for blocking
+ * @param {string} [detail] - Additional detail
+ * @param {string} [context] - Context info (file path or command)
+ */
+function outputBlocked(reason, detail, context) {
+  console.error(`${c.coral}[BLOCKED]${c.reset} ${reason}`);
+  if (detail) {
+    console.error(`${c.dim}${detail}${c.reset}`);
+  }
+  if (context) {
+    console.error(`${c.dim}${context}${c.reset}`);
+  }
+  // Help message for AI and user
+  console.error('');
+  console.error(
+    `${c.dim}This is intentional - AgileFlow Damage Control blocked a potentially dangerous operation.${c.reset}`
+  );
+  console.error(
+    `${c.dim}DO NOT retry this command. Ask the user if they want to proceed manually.${c.reset}`
+  );
+  console.error(`${c.dim}To disable: run /configure → Infrastructure → Damage Control${c.reset}`);
+}
+
+/**
+ * Run damage control hook with stdin parsing
+ * Handles common error cases and timeout
+ *
+ * @param {object} options - Hook options
+ * @param {function} options.getInputValue - Extract value from parsed input (input) => value
+ * @param {function} options.loadConfig - Load configuration () => config
+ * @param {function} options.validate - Validate input (value, config) => { action, reason, detail? }
+ * @param {function} options.onBlock - Handle blocked result (result, value) => void
+ * @param {function} [options.onAsk] - Handle ask result (result, value) => void (optional)
+ */
+function runDamageControlHook(options) {
+  const { getInputValue, loadConfig, validate, onBlock, onAsk } = options;
+
+  let inputData = '';
+
+  process.stdin.setEncoding('utf8');
+
+  process.stdin.on('data', chunk => {
+    inputData += chunk;
+  });
+
+  process.stdin.on('end', () => {
+    try {
+      // Parse tool input from Claude Code
+      const input = JSON.parse(inputData);
+      const value = getInputValue(input);
+
+      if (!value) {
+        // No value to validate - allow
+        process.exit(0);
+      }
+
+      // Load patterns and validate
+      const config = loadConfig();
+      const result = validate(value, config);
+
+      switch (result.action) {
+        case 'block':
+          onBlock(result, value);
+          process.exit(2);
+          break;
+
+        case 'ask':
+          if (onAsk) {
+            onAsk(result, value);
+          } else {
+            // Default ask behavior - output JSON
+            console.log(
+              JSON.stringify({
+                result: 'ask',
+                message: result.reason,
+              })
+            );
+          }
+          process.exit(0);
+          break;
+
+        case 'allow':
+        default:
+          process.exit(0);
+      }
+    } catch (e) {
+      // Parse error or other issue - fail open
+      process.exit(0);
+    }
+  });
+
+  // Handle no stdin (direct invocation)
+  process.stdin.on('error', () => {
+    process.exit(0);
+  });
+
+  // Set timeout to prevent hanging
+  setTimeout(() => {
+    process.exit(0);
+  }, STDIN_TIMEOUT_MS);
+}
+
+module.exports = {
+  c,
+  findProjectRoot,
+  expandPath,
+  loadPatterns,
+  pathMatches,
+  outputBlocked,
+  runDamageControlHook,
+  CONFIG_PATHS,
+  STDIN_TIMEOUT_MS,
+};

package/scripts/obtain-context.js

@@ -19,12 +19,13 @@ const fs = require('fs');
 const path = require('path');
 const { execSync } = require('child_process');
 const { c: C, box } = require('../lib/colors');
+const { isValidCommandName } = require('../lib/validate');
 
 const DISPLAY_LIMIT = 30000; // Claude Code's Bash tool display limit
 
 // Optional: Register command for PreCompact context preservation
 const commandName = process.argv[2];
-if (commandName) {
+if (commandName && isValidCommandName(commandName)) {
   const sessionStatePath = 'docs/09-agents/session-state.json';
   if (fs.existsSync(sessionStatePath)) {
     try {
@@ -378,7 +379,61 @@ function generateFullContent() {
     content += `${C.dim}No session-state.json found${C.reset}\n`;
   }
 
-  // 4. INTERACTION MODE (AskUserQuestion guidance)
+  // 4. SESSION CONTEXT (multi-session awareness)
+  content += `\n${C.skyBlue}${C.bold}═══ Session Context ═══${C.reset}\n`;
+  const sessionManagerPath = path.join(__dirname, 'session-manager.js');
+  const altSessionManagerPath = '.agileflow/scripts/session-manager.js';
+
+  if (fs.existsSync(sessionManagerPath) || fs.existsSync(altSessionManagerPath)) {
+    const managerPath = fs.existsSync(sessionManagerPath)
+      ? sessionManagerPath
+      : altSessionManagerPath;
+    const sessionStatus = safeExec(`node "${managerPath}" status`);
+
+    if (sessionStatus) {
+      try {
+        const statusData = JSON.parse(sessionStatus);
+        if (statusData.current) {
+          const session = statusData.current;
+          const isMain = session.is_main === true;
+
+          if (isMain) {
+            content += `Session: ${C.mintGreen}Main project${C.reset} (Session ${session.id || 1})\n`;
+          } else {
+            // NON-MAIN SESSION - Show prominent banner
+            const sessionName = session.nickname
+              ? `${session.id} "${session.nickname}"`
+              : `${session.id}`;
+            content += `${C.teal}${C.bold}🔀 SESSION ${sessionName} (worktree)${C.reset}\n`;
+            content += `Branch: ${C.skyBlue}${session.branch || 'unknown'}${C.reset}\n`;
+            content += `Path: ${C.dim}${session.path || process.cwd()}${C.reset}\n`;
+
+            // Calculate relative path to main
+            const mainPath = process.cwd().replace(/-[^/]+$/, ''); // Heuristic: strip session suffix
+            content += `Main project: ${C.dim}${mainPath}${C.reset}\n`;
+
+            // Remind about merge flow
+            content += `${C.lavender}💡 When done: /agileflow:session:end → merge to main${C.reset}\n`;
+          }
+
+          // Show other active sessions
+          if (statusData.otherActive > 0) {
+            content += `${C.peach}⚠️ ${statusData.otherActive} other session(s) active${C.reset}\n`;
+          }
+        } else {
+          content += `${C.dim}No session registered${C.reset}\n`;
+        }
+      } catch (e) {
+        content += `${C.dim}Session manager available but status parse failed${C.reset}\n`;
+      }
+    } else {
+      content += `${C.dim}Session manager available${C.reset}\n`;
+    }
+  } else {
+    content += `${C.dim}Multi-session not configured${C.reset}\n`;
+  }
+
+  // 5. INTERACTION MODE (AskUserQuestion guidance)
   const metadata = safeReadJSON('docs/00-meta/agileflow-metadata.json');
   const askUserQuestionConfig = metadata?.features?.askUserQuestion;