cc-safe-setup 28.7.0 → 28.9.0

package/README.md

@@ -87,7 +87,7 @@ Each hook exists because a real incident happened without it.
 | `--scan [--apply]` | Tech stack detection |
 | `--export / --import` | Team config sharing |
 | `--verify` | Test each hook |
-| `--install-example <name>` | Install from 333 examples |
+| `--install-example <name>` | Install from 336 examples |
 | `--examples [filter]` | Browse examples by keyword |
 | `--full` | All-in-one setup |
 | `--status` | Check installed hooks |

package/examples/auto-approve-compound-git.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+# auto-approve-compound-git.sh — PermissionRequest hook
+# Trigger: PermissionRequest
+# Matcher: Bash
+#
+# Auto-approves compound git commands that the built-in permission
+# system fails to match. The wildcard pattern Bash(git:*) only matches
+# simple commands like "git status" but not "cd src && git log" or
+# "git add file.txt && git commit -m 'fix'".
+#
+# This hook runs AFTER the built-in permission check fails (because
+# compound commands don't match Bash(git:*)), and approves if ALL
+# individual commands in the chain are safe git operations.
+#
+# See: https://github.com/anthropics/claude-code/issues/30519
+# See: https://github.com/anthropics/claude-code/issues/16561
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+[ -z "$COMMAND" ] && exit 0
+
+# Split on && ; || and check each part
+# Only approve if EVERY component is a safe git command or cd
+SAFE=true
+while IFS= read -r part; do
+  # Trim whitespace
+  part=$(echo "$part" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
+  [ -z "$part" ] && continue
+
+  # Allow: cd, git (read ops), git add, git commit, git stash, git branch
+  if echo "$part" | grep -qE '^(cd |git (status|log|diff|show|branch|tag|stash|add|commit|fetch|pull|checkout|switch|restore|rebase|merge|cherry-pick|remote|config) )'; then
+    continue
+  fi
+  # Allow simple git commands without args
+  if echo "$part" | grep -qE '^git (status|log|diff|show|branch|tag|stash|fetch|pull)$'; then
+    continue
+  fi
+  # Any non-git command = not safe
+  SAFE=false
+  break
+done < <(echo "$COMMAND" | tr '&' '\n' | tr ';' '\n' | tr '|' '\n')
+
+if [ "$SAFE" = "true" ]; then
+  jq -n '{
+    hookSpecificOutput: {
+      hookEventName: "PermissionRequest",
+      permissionDecision: "allow",
+      permissionDecisionReason: "Allowed: compound git command (all parts are safe git ops)"
+    }
+  }'
+fi
+
+exit 0

package/index.mjs

@@ -421,6 +421,10 @@ function examples() {
       'auto-approve-maven.sh': 'Auto-approve mvn compile/test/verify',
       'permission-cache.sh': 'Auto-approve previously approved commands in session',
       'auto-approve-readonly.sh': 'Auto-approve 50+ read-only commands (cat, ls, grep, find)',
+      'auto-approve-compound-git.sh': 'PermissionRequest: auto-approve compound git commands (cd && git)',
+      'allow-git-hooks-dir.sh': 'PermissionRequest: allow writes to .git/hooks/ directory',
+      'allow-claude-settings.sh': 'PermissionRequest: allow writes to .claude/ (isolated environments)',
+      'allow-protected-dirs.sh': 'PermissionRequest: allow ALL protected directory writes (containers only)',
     },
     'Quality': {
       'branch-name-check.sh': 'Warn on non-conventional branch names',

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "cc-safe-setup",
-  "version": "28.7.0",
-  "description": "One command to make Claude Code safe. 339 hooks (8 built-in + 333 examples). 49 CLI commands. 1009 tests. 5 languages.",
+  "version": "28.9.0",
+  "description": "One command to make Claude Code safe. 344 hooks (8 built-in + 336 examples). 49 CLI commands. 1018 tests. 5 languages.",
   "main": "index.mjs",
   "bin": {
     "cc-safe-setup": "index.mjs"