npm - cc-safe-setup - Versions diffs - 5.1.0 → 5.2.0 - Mend

cc-safe-setup 5.1.0 → 5.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +3 -0
package/examples/binary-file-guard.sh +32 -0
package/examples/stale-branch-guard.sh +44 -0
package/examples/symlink-guard.sh +78 -0
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -224,6 +224,9 @@ Or browse all available examples in [`examples/`](examples/):
 - **session-handoff.sh** — Auto-save git state and session info to `~/.claude/session-handoff.md` on session end
 - **diff-size-guard.sh** — Warn/block when committing too many files at once (default: warn at 10, block at 50)
 - **dependency-audit.sh** — Warn when installing packages not in manifest (npm/pip/cargo supply chain awareness)
+- **symlink-guard.sh** — Detect symlink/junction traversal in rm targets ([#36339](https://github.com/anthropics/claude-code/issues/36339) [#764](https://github.com/anthropics/claude-code/issues/764))
+- **binary-file-guard.sh** — Warn when Write targets binary file types (images, archives)
+- **stale-branch-guard.sh** — Warn when working branch is far behind default
 - **cost-tracker.sh** — Estimate session token cost and warn at thresholds ($1, $5)
 - **read-before-edit.sh** — Warn when editing files not recently read (prevents old_string mismatches)

package/examples/binary-file-guard.sh ADDED Viewed

@@ -0,0 +1,32 @@
+#!/bin/bash
+# ================================================================
+# binary-file-guard.sh — Warn when Write creates binary/large files
+# ================================================================
+# PURPOSE:
+#   Claude Code sometimes tries to Write binary content (images,
+#   archives, compiled files) which produces corrupted output.
+#   This hook detects binary patterns in Write content.
+#
+# TRIGGER: PreToolUse
+# MATCHER: "Write"
+# ================================================================
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+CONTENT=$(echo "$INPUT" | jq -r '.tool_input.content // empty' 2>/dev/null)
+if [[ -z "$FILE" ]]; then
+    exit 0
+fi
+# Check file extension for binary types
+EXT="${FILE##*.}"
+BINARY_EXTS="png|jpg|jpeg|gif|bmp|ico|webp|svg|mp3|mp4|wav|zip|tar|gz|rar|7z|exe|dll|so|dylib|class|pyc|wasm|pdf|doc|docx|xls|xlsx|ppt|pptx"
+if echo "$EXT" | grep -qiE "^($BINARY_EXTS)$"; then
+    echo "WARNING: Writing to binary file type: $FILE" >&2
+    echo "Claude Code cannot reliably create binary files." >&2
+    echo "Use a proper tool (ImageMagick, ffmpeg, etc.) instead." >&2
+fi
+exit 0

package/examples/stale-branch-guard.sh ADDED Viewed

@@ -0,0 +1,44 @@
+#!/bin/bash
+# ================================================================
+# stale-branch-guard.sh — Warn when working on a stale branch
+# ================================================================
+# PURPOSE:
+#   Claude Code can work on a branch that's far behind main,
+#   creating merge conflicts. This hook warns when the current
+#   branch is 50+ commits behind the default branch.
+#
+# TRIGGER: PostToolUse
+# MATCHER: ""
+#
+# Only checks every 20 tool calls to avoid overhead.
+# ================================================================
+COUNTER_FILE="/tmp/cc-stale-branch-check"
+COUNT=$(cat "$COUNTER_FILE" 2>/dev/null || echo 0)
+COUNT=$((COUNT + 1))
+echo "$COUNT" > "$COUNTER_FILE"
+# Only check every 20 tool calls
+[ $((COUNT % 20)) -ne 0 ] && exit 0
+# Only check in git repos
+[ -d .git ] || exit 0
+# Get default branch
+DEFAULT=$(git symbolic-ref refs/remotes/origin/HEAD 2>/dev/null | sed 's@^refs/remotes/origin/@@')
+[ -z "$DEFAULT" ] && DEFAULT="main"
+CURRENT=$(git branch --show-current 2>/dev/null)
+[ -z "$CURRENT" ] || [ "$CURRENT" = "$DEFAULT" ] && exit 0
+# Count commits behind
+BEHIND=$(git rev-list --count HEAD..origin/"$DEFAULT" 2>/dev/null || echo 0)
+if [ "$BEHIND" -ge 50 ]; then
+    echo "WARNING: Branch '$CURRENT' is $BEHIND commits behind $DEFAULT." >&2
+    echo "Consider rebasing: git rebase origin/$DEFAULT" >&2
+elif [ "$BEHIND" -ge 20 ]; then
+    echo "NOTE: Branch '$CURRENT' is $BEHIND commits behind $DEFAULT." >&2
+fi
+exit 0

package/examples/symlink-guard.sh ADDED Viewed

@@ -0,0 +1,78 @@
+#!/bin/bash
+# ================================================================
+# symlink-guard.sh — Detect symlink/junction traversal before rm
+# ================================================================
+# PURPOSE:
+#   rm -rf on a directory containing symlinks can follow them and
+#   delete data outside the target. NTFS junctions on WSL2 are
+#   especially dangerous (#36339: entire C:\Users deleted).
+#
+#   This hook checks if the rm target contains symlinks pointing
+#   outside the current project.
+#
+# TRIGGER: PreToolUse
+# MATCHER: "Bash"
+#
+# WHAT IT BLOCKS:
+#   - rm -rf on directories containing symlinks to outside paths
+#   - rm on targets that are themselves symlinks to sensitive dirs
+#
+# GitHub Issues: #36339 (93r), #764 (63r), #24964 (135r)
+# ================================================================
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+if [[ -z "$COMMAND" ]]; then
+    exit 0
+fi
+# Only check rm commands with recursive flags
+if ! echo "$COMMAND" | grep -qE '^\s*rm\s+.*-[rf]'; then
+    exit 0
+fi
+# Extract target path
+TARGET=$(echo "$COMMAND" | grep -oP 'rm\s+(-[rf]+\s+)*\K\S+' | tail -1)
+if [[ -z "$TARGET" ]] || [[ ! -e "$TARGET" ]]; then
+    exit 0
+fi
+# Check 1: Is the target itself a symlink?
+if [ -L "$TARGET" ]; then
+    REAL=$(readlink -f "$TARGET" 2>/dev/null)
+    echo "WARNING: rm target is a symlink." >&2
+    echo "  Target: $TARGET" >&2
+    echo "  Points to: $REAL" >&2
+    echo "  rm -rf will follow and delete the real path." >&2
+    # Don't block, just warn — user may intend to delete the link
+fi
+# Check 2: Does the target directory contain symlinks to outside?
+if [ -d "$TARGET" ]; then
+    PROJECT_DIR=$(pwd)
+    DANGEROUS_LINKS=$(find "$TARGET" -maxdepth 3 -type l 2>/dev/null | while read link; do
+        REAL=$(readlink -f "$link" 2>/dev/null)
+        # Check if symlink points outside the project
+        if [[ -n "$REAL" ]] && [[ "$REAL" != "$PROJECT_DIR"* ]]; then
+            echo "$link -> $REAL"
+        fi
+    done | head -3)
+    if [[ -n "$DANGEROUS_LINKS" ]]; then
+        echo "BLOCKED: rm target contains symlinks pointing outside project." >&2
+        echo "" >&2
+        echo "Command: $COMMAND" >&2
+        echo "Dangerous links:" >&2
+        echo "$DANGEROUS_LINKS" | while read line; do
+            echo "  $line" >&2
+        done
+        echo "" >&2
+        echo "rm -rf would follow these links and delete external data." >&2
+        echo "Remove the symlinks first, then delete the directory." >&2
+        exit 2
+    fi
+fi
+exit 0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "cc-safe-setup",
-  "version": "5.1.0",
+  "version": "5.2.0",
   "description": "One command to make Claude Code safe for autonomous operation. 8 built-in + 39 examples. 23 commands including dashboard, issues, create, audit, lint, diff. 260 tests. 2,500+ daily npm downloads.",
   "main": "index.mjs",
   "bin": {