cc-safe-setup 10.3.0 → 10.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +3 -1
  2. package/examples/git-author-guard.sh +31 -0
  3. package/examples/permission-cache.sh +37 -0
  4. package/package.json +1 -1
package/README.md CHANGED
@@ -6,7 +6,7 @@
6
6
 
7
7
  **One command to make Claude Code safe for autonomous operation.** [日本語](docs/README.ja.md)
8
8
 
9
- 8 built-in + 104 examples = **116 hooks**. 36 CLI commands. 531 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
9
+ 8 built-in + 104 examples = **118 hooks**. 37 CLI commands. 531 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
10
10
 
11
11
  ```bash
12
12
  npx cc-safe-setup
@@ -105,6 +105,8 @@ Safe to run multiple times. Existing settings are preserved. A backup is created
105
105
 
106
106
  **Maximum safety:** `npx cc-safe-setup --shield` — one command: fix environment, install hooks, detect stack, configure settings, generate CLAUDE.md.
107
107
 
108
+ **Instant rule:** `npx cc-safe-setup --guard "never touch the database"` — generates, installs, activates a hook instantly from plain English.
109
+
108
110
  **Team setup:** `npx cc-safe-setup --team` — copy hooks to `.claude/hooks/` with relative paths, commit to repo for team sharing.
109
111
 
110
112
  **Preview first:** `npx cc-safe-setup --dry-run`
package/examples/git-author-guard.sh ADDED
@@ -0,0 +1,31 @@
1
+ #!/bin/bash
2
+ # ================================================================
3
+ # git-author-guard.sh — Verify commit author is configured correctly
4
+ # ================================================================
5
+ # PURPOSE:
6
+ # Claude Code sometimes commits with incorrect or default
7
+ # git author settings. This hook checks that user.name and
8
+ # user.email are set before allowing commits.
9
+ #
10
+ # TRIGGER: PreToolUse MATCHER: "Bash"
11
+ # ================================================================
12
+
13
+ COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
14
+ [ -z "$COMMAND" ] && exit 0
15
+ echo "$COMMAND" | grep -qE '^\s*git\s+commit' || exit 0
16
+
17
+ NAME=$(git config user.name 2>/dev/null)
18
+ EMAIL=$(git config user.email 2>/dev/null)
19
+
20
+ if [ -z "$NAME" ] || [ -z "$EMAIL" ]; then
21
+ echo "WARNING: Git author not configured." >&2
22
+ [ -z "$NAME" ] && echo " Missing: git config user.name" >&2
23
+ [ -z "$EMAIL" ] && echo " Missing: git config user.email" >&2
24
+ fi
25
+
26
+ # Warn on common placeholder values
27
+ if echo "$EMAIL" | grep -qE '(example\.com|noreply|placeholder)' 2>/dev/null; then
28
+ echo "WARNING: Git email looks like a placeholder: $EMAIL" >&2
29
+ fi
30
+
31
+ exit 0
package/examples/permission-cache.sh ADDED
@@ -0,0 +1,37 @@
1
+ #!/bin/bash
2
+ # ================================================================
3
+ # permission-cache.sh — Remember approved commands in session
4
+ # ================================================================
5
+ # PURPOSE:
6
+ # Claude asks permission for the same safe command repeatedly.
7
+ # This hook caches approved command patterns within a session,
8
+ # auto-approving on subsequent calls. Resets when the state
9
+ # file is deleted (new session).
10
+ #
11
+ # TRIGGER: PreToolUse MATCHER: "Bash"
12
+ #
13
+ # Only caches commands that match safe patterns (not destructive).
14
+ # ================================================================
15
+
16
+ COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
17
+ [ -z "$COMMAND" ] && exit 0
18
+
19
+ # Never cache destructive commands
20
+ echo "$COMMAND" | grep -qE '(rm\s+-rf|git\s+reset|git\s+clean|git\s+push.*--force|sudo|chmod\s+777)' && exit 0
21
+
22
+ STATE="/tmp/cc-permission-cache-$(echo "$PWD" | md5sum | cut -c1-8)"
23
+
24
+ # Normalize command (strip args that change, keep base command)
25
+ BASE=$(echo "$COMMAND" | awk '{print $1, $2}' | head -c 40)
26
+ HASH=$(echo "$BASE" | md5sum | cut -c1-12)
27
+
28
+ if grep -q "^$HASH$" "$STATE" 2>/dev/null; then
29
+ # Already approved in this session
30
+ echo "{\"decision\":\"approve\",\"reason\":\"Previously approved in this session\"}"
31
+ exit 0
32
+ fi
33
+
34
+ # Record for future calls (will be approved by the normal flow)
35
+ echo "$HASH" >> "$STATE" 2>/dev/null
36
+
37
+ exit 0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "cc-safe-setup",
3
- "version": "10.3.0",
3
+ "version": "10.4.0",
4
4
  "description": "One command to make Claude Code safe. 59 hooks (8 built-in + 51 examples). 26 CLI commands: dashboard, create, audit, lint, diff, migrate, compare, generate-ci. 284 tests.",
5
5
  "main": "index.mjs",
6
6
  "bin": {