claude-dev-env 1.40.0 → 1.42.0

package/_shared/pr-loop/scripts/grant_project_claude_permissions.py

@@ -9,23 +9,42 @@ the changes applied. No-op when the entries already exist.
 import sys
 from pathlib import Path
 
-sys.modules.pop("config", None)
-if str(Path(__file__).resolve().parent) not in sys.path:
-    sys.path.insert(0, str(Path(__file__).resolve().parent))
+parent_directory = str(Path(__file__).absolute().parent)
+try:
+    sys.path.remove(parent_directory)
+except ValueError:
+    pass
+if parent_directory not in sys.path:
+    sys.path.insert(0, parent_directory)
+
+for each_cached_module_name in [
+    each_module_key
+    for each_module_key in list(sys.modules)
+    if each_module_key == "config"
+    or each_module_key.startswith("config.")
+    or each_module_key == "_claude_permissions_common"
+]:
+    sys.modules.pop(each_cached_module_name, None)
 
 from _claude_permissions_common import (  # noqa: E402
     append_if_missing,
+    build_agent_config_deny_rules,
     build_permission_rules,
     ensure_dict_section,
     ensure_list_entry,
     exit_with_error,
     get_current_project_path,
+    is_trust_entry_for_project,
     is_valid_project_root,
     load_settings,
+    remove_matching_entries_from_list,
     save_settings,
 )
 from config.claude_permissions_constants import (  # noqa: E402
+    ALL_AGENT_CONFIG_DENY_TOOLS,
+    ALL_AGENT_CONFIG_PATH_PATTERNS,
     ALL_PERMISSION_ALLOW_TOOLS,
+    AUTO_MODE_ENVIRONMENT_ENTRY_PREFIX,
     AUTO_MODE_ENVIRONMENT_ENTRY_TEMPLATE,
     get_claude_user_settings_path,
 )
@@ -33,6 +52,7 @@ from config.claude_settings_keys_constants import (  # noqa: E402
     CLAUDE_SETTINGS_ADDITIONAL_DIRECTORIES_KEY,
     CLAUDE_SETTINGS_ALLOW_KEY,
     CLAUDE_SETTINGS_AUTO_MODE_KEY,
+    CLAUDE_SETTINGS_DENY_KEY,
     CLAUDE_SETTINGS_ENVIRONMENT_KEY,
     CLAUDE_SETTINGS_PERMISSIONS_KEY,
 )
@@ -41,6 +61,15 @@ from config.claude_settings_keys_constants import (  # noqa: E402
 def add_rules_to_allow_list(
     all_settings: dict[str, object], all_rules_to_add: list[str]
 ) -> int:
+    """Add permission rules to the settings allow list.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        all_rules_to_add: Permission rule strings to append.
+
+    Returns:
+        Number of rules actually added (new entries).
+    """
     permissions_section = ensure_dict_section(
         all_settings, CLAUDE_SETTINGS_PERMISSIONS_KEY
     )
@@ -54,9 +83,47 @@ def add_rules_to_allow_list(
     )
 
 
+def add_rules_to_deny_list(
+    all_settings: dict[str, object], all_rules_to_add: list[str]
+) -> int:
+    """Add permission rules to the settings deny list.
+
+    Deny rules take precedence over allow rules in Claude Code's permission
+    matching, so writing agent-config paths into the deny list forces a
+    per-edit user approval even when a broader allow rule would cover them.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        all_rules_to_add: Permission rule strings to append.
+
+    Returns:
+        Number of rules actually added (new entries).
+    """
+    permissions_section = ensure_dict_section(
+        all_settings, CLAUDE_SETTINGS_PERMISSIONS_KEY
+    )
+    existing_deny_list = ensure_list_entry(
+        permissions_section, CLAUDE_SETTINGS_DENY_KEY
+    )
+    return sum(
+        1
+        for each_rule in all_rules_to_add
+        if append_if_missing(existing_deny_list, each_rule)
+    )
+
+
 def add_directory_to_additional_directories(
     all_settings: dict[str, object], directory_path: str
 ) -> int:
+    """Add a project path to the additionalDirectories allow list.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        directory_path: The project directory path to add.
+
+    Returns:
+        1 when the entry was added, 0 when it already existed.
+    """
     permissions_section = ensure_dict_section(
         all_settings, CLAUDE_SETTINGS_PERMISSIONS_KEY
     )
@@ -71,6 +138,15 @@ def add_directory_to_additional_directories(
 def add_auto_mode_environment_entry(
     all_settings: dict[str, object], entry_text: str
 ) -> int:
+    """Add an auto-mode environment entry for the project.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        entry_text: The environment entry text to add.
+
+    Returns:
+        1 when the entry was added, 0 when it already existed.
+    """
     auto_mode_section = ensure_dict_section(
         all_settings, CLAUDE_SETTINGS_AUTO_MODE_KEY
     )
@@ -82,7 +158,69 @@ def add_auto_mode_environment_entry(
     return 0
 
 
+def purge_stale_trust_entries(
+    all_settings: dict[str, object],
+    project_path: str,
+    prefix: str,
+    protected_entry: str | None = None,
+) -> int:
+    """Remove every prior trust entry for the project from autoMode.environment.
+
+    A trust entry is any string in autoMode.environment whose prefix matches
+    the trust-entry marker and that contains the project's .claude/** path.
+    Purging stale entries before adding the current template prevents
+    accumulation across template revisions. The optional protected_entry
+    survives the purge so an entry byte-identical to the one about to be
+    re-added is not removed and re-added on every invocation, preserving the
+    idempotency contract documented on grant_permissions_for_current_directory.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        project_path: The POSIX-style project root path.
+        prefix: The literal prefix that marks a trust entry.
+        protected_entry: Optional entry text that, when byte-equal to a
+            candidate, prevents removal. Pass the freshly-formatted current
+            template entry from grant to preserve idempotency. Revoke passes
+            None so every matching entry is removed.
+
+    Returns:
+        Number of stale entries removed.
+    """
+    auto_mode_section = all_settings.get(CLAUDE_SETTINGS_AUTO_MODE_KEY)
+    if not isinstance(auto_mode_section, dict):
+        return 0
+    existing_environment = auto_mode_section.get(CLAUDE_SETTINGS_ENVIRONMENT_KEY)
+    if not isinstance(existing_environment, list):
+        return 0
+
+    def _should_purge_candidate(candidate_entry: object) -> bool:
+        if not is_trust_entry_for_project(candidate_entry, project_path, prefix):
+            return False
+        if protected_entry is not None and candidate_entry == protected_entry:
+            return False
+        return True
+
+    return remove_matching_entries_from_list(
+        existing_environment,
+        _should_purge_candidate,
+    )
+
+
 def grant_permissions_for_current_directory() -> None:
+    """Grant Edit/Write/Read permissions for the current project directory.
+
+    Reads the current project path, constructs permission rules from config
+    constants, and writes them to ~/.claude/settings.json atomically. Adds
+    deny rules for agent-config paths so edits to settings, hooks, commands,
+    agents, skills, mcp.json, and CLAUDE.md still require per-edit user
+    approval. Purges any prior trust entries for this project before writing
+    the current template to prevent accumulation across template revisions.
+
+    Raises:
+        SystemExit: When the current directory is not a valid project root.
+        ValueError: Propagated from get_current_project_path() when the path
+                    contains glob metacharacters.
+    """
     claude_user_settings_path: Path = get_claude_user_settings_path()
     project_root_path = Path.cwd()
     if not is_valid_project_root(project_root_path):
@@ -96,19 +234,37 @@ def grant_permissions_for_current_directory() -> None:
     all_permission_rules = build_permission_rules(
         project_path, ALL_PERMISSION_ALLOW_TOOLS
     )
+    all_agent_config_deny_rules = build_agent_config_deny_rules(
+        project_path,
+        ALL_AGENT_CONFIG_DENY_TOOLS,
+        ALL_AGENT_CONFIG_PATH_PATTERNS,
+    )
     environment_entry = AUTO_MODE_ENVIRONMENT_ENTRY_TEMPLATE.format(
         project_path=project_path
     )
     settings = load_settings(claude_user_settings_path)
-    rules_added_count = add_rules_to_allow_list(settings, all_permission_rules)
+    allow_rules_added_count = add_rules_to_allow_list(settings, all_permission_rules)
+    deny_rules_added_count = add_rules_to_deny_list(
+        settings, all_agent_config_deny_rules
+    )
     directories_added_count = add_directory_to_additional_directories(
         settings, project_path
     )
+    stale_trust_entries_purged_count = purge_stale_trust_entries(
+        settings,
+        project_path,
+        AUTO_MODE_ENVIRONMENT_ENTRY_PREFIX,
+        protected_entry=environment_entry,
+    )
     environment_entries_added_count = add_auto_mode_environment_entry(
         settings, environment_entry
     )
     total_changes_count = (
-        rules_added_count + directories_added_count + environment_entries_added_count
+        allow_rules_added_count
+        + deny_rules_added_count
+        + directories_added_count
+        + stale_trust_entries_purged_count
+        + environment_entries_added_count
     )
     if total_changes_count == 0:
         print(f"Project path: {project_path}")
@@ -118,8 +274,19 @@ def grant_permissions_for_current_directory() -> None:
     save_settings(claude_user_settings_path, settings)
     print(f"Project path: {project_path}")
     print(f"Settings file: {claude_user_settings_path}")
-    print(f"Allow rules added: {rules_added_count} of {len(all_permission_rules)}")
+    print(
+        f"Allow rules added: {allow_rules_added_count} of {len(all_permission_rules)}"
+    )
+    print(
+        f"Deny rules added: {deny_rules_added_count} of "
+        f"{len(all_agent_config_deny_rules)}"
+    )
     print(f"Additional directories added: {directories_added_count}")
+    if stale_trust_entries_purged_count > 0:
+        print(
+            f"Stale auto-mode environment entries purged: "
+            f"{stale_trust_entries_purged_count}"
+        )
     print(f"Auto-mode environment entries added: {environment_entries_added_count}")
 
 

package/_shared/pr-loop/scripts/post_audit_thread.py

@@ -33,8 +33,8 @@ from pathlib import Path
 from typing import NoReturn
 
 sys.modules.pop("config", None)
-if str(Path(__file__).resolve().parent) not in sys.path:
-    sys.path.insert(0, str(Path(__file__).resolve().parent))
+if str(Path(__file__).absolute().parent) not in sys.path:
+    sys.path.insert(0, str(Path(__file__).absolute().parent))
 
 from config.post_audit_thread_constants import (
     ALL_GH_API_COMMAND_PARTS,

package/_shared/pr-loop/scripts/revoke_project_claude_permissions.py

@@ -10,28 +10,47 @@ autoMode sections so repeated grant/revoke cycles leave no dead structure.
 import sys
 from pathlib import Path
 
-sys.modules.pop("config", None)
-if str(Path(__file__).resolve().parent) not in sys.path:
-    sys.path.insert(0, str(Path(__file__).resolve().parent))
+parent_directory = str(Path(__file__).absolute().parent)
+try:
+    sys.path.remove(parent_directory)
+except ValueError:
+    pass
+if parent_directory not in sys.path:
+    sys.path.insert(0, parent_directory)
+
+for each_cached_module_name in [
+    each_module_key
+    for each_module_key in list(sys.modules)
+    if each_module_key == "config"
+    or each_module_key.startswith("config.")
+    or each_module_key == "_claude_permissions_common"
+]:
+    sys.modules.pop(each_cached_module_name, None)
 
 from _claude_permissions_common import (  # noqa: E402
+    build_agent_config_deny_rules,
     build_permission_rules,
     exit_with_error,
     get_current_project_path,
+    is_trust_entry_for_project,
     is_valid_project_root,
     load_settings,
     prune_empty_list_then_empty_section,
+    remove_matching_entries_from_list,
     save_settings,
 )
 from config.claude_permissions_constants import (  # noqa: E402
+    ALL_AGENT_CONFIG_DENY_TOOLS,
+    ALL_AGENT_CONFIG_PATH_PATTERNS,
     ALL_PERMISSION_ALLOW_TOOLS,
-    AUTO_MODE_ENVIRONMENT_ENTRY_TEMPLATE,
+    AUTO_MODE_ENVIRONMENT_ENTRY_PREFIX,
     get_claude_user_settings_path,
 )
 from config.claude_settings_keys_constants import (  # noqa: E402
     CLAUDE_SETTINGS_ADDITIONAL_DIRECTORIES_KEY,
     CLAUDE_SETTINGS_ALLOW_KEY,
     CLAUDE_SETTINGS_AUTO_MODE_KEY,
+    CLAUDE_SETTINGS_DENY_KEY,
     CLAUDE_SETTINGS_ENVIRONMENT_KEY,
     CLAUDE_SETTINGS_PERMISSIONS_KEY,
 )
@@ -40,6 +59,15 @@ from config.claude_settings_keys_constants import (  # noqa: E402
 def remove_values_from_list(
     all_target_list: list[object], all_values_to_remove: set[str]
 ) -> int:
+    """Remove matching values from a list in place.
+
+    Args:
+        all_target_list: The list to remove values from.
+        all_values_to_remove: Set of string values to remove.
+
+    Returns:
+        Number of values removed.
+    """
     original_length = len(all_target_list)
     all_target_list[:] = [
         each_value
@@ -52,6 +80,15 @@ def remove_values_from_list(
 def remove_rules_from_allow_list(
     all_settings: dict[str, object], all_rules_to_remove: list[str]
 ) -> int:
+    """Remove matching permission rules from the settings allow list.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        all_rules_to_remove: Permission rule strings to remove.
+
+    Returns:
+        Number of rules removed.
+    """
     permissions_section = all_settings.get(CLAUDE_SETTINGS_PERMISSIONS_KEY)
     if not isinstance(permissions_section, dict):
         return 0
@@ -61,9 +98,39 @@ def remove_rules_from_allow_list(
     return remove_values_from_list(existing_allow_list, set(all_rules_to_remove))
 
 
+def remove_rules_from_deny_list(
+    all_settings: dict[str, object], all_rules_to_remove: list[str]
+) -> int:
+    """Remove matching permission rules from the settings deny list.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        all_rules_to_remove: Permission rule strings to remove.
+
+    Returns:
+        Number of rules removed.
+    """
+    permissions_section = all_settings.get(CLAUDE_SETTINGS_PERMISSIONS_KEY)
+    if not isinstance(permissions_section, dict):
+        return 0
+    existing_deny_list = permissions_section.get(CLAUDE_SETTINGS_DENY_KEY)
+    if not isinstance(existing_deny_list, list):
+        return 0
+    return remove_values_from_list(existing_deny_list, set(all_rules_to_remove))
+
+
 def remove_directory_from_additional_directories(
     all_settings: dict[str, object], directory_path: str
 ) -> int:
+    """Remove a project path from the additionalDirectories list.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        directory_path: The project directory path to remove.
+
+    Returns:
+        1 when the entry was removed, 0 when not found.
+    """
     permissions_section = all_settings.get(CLAUDE_SETTINGS_PERMISSIONS_KEY)
     if not isinstance(permissions_section, dict):
         return 0
@@ -75,24 +142,54 @@ def remove_directory_from_additional_directories(
     return remove_values_from_list(existing_directories, {directory_path})
 
 
-def remove_auto_mode_environment_entry(
-    all_settings: dict[str, object], entry_text: str
+def remove_trust_entries_for_project(
+    all_settings: dict[str, object], project_path: str, prefix: str
 ) -> int:
+    """Remove every trust entry for the project from autoMode.environment.
+
+    Matches any string in autoMode.environment whose prefix matches the
+    trust-entry marker and that contains the project's .claude/** path.
+    The match is wording-agnostic so prior template revisions are removed
+    cleanly even when the current template differs.
+
+    Args:
+        all_settings: The parsed settings dictionary.
+        project_path: The POSIX-style project root path.
+        prefix: The literal prefix that marks a trust entry.
+
+    Returns:
+        Number of entries removed.
+    """
     auto_mode_section = all_settings.get(CLAUDE_SETTINGS_AUTO_MODE_KEY)
     if not isinstance(auto_mode_section, dict):
         return 0
     existing_environment = auto_mode_section.get(CLAUDE_SETTINGS_ENVIRONMENT_KEY)
     if not isinstance(existing_environment, list):
         return 0
-    return remove_values_from_list(existing_environment, {entry_text})
+    return remove_matching_entries_from_list(
+        existing_environment,
+        lambda candidate_entry: is_trust_entry_for_project(
+            candidate_entry, project_path, prefix
+        ),
+    )
 
 
 def prune_settings_after_revoke(all_settings: dict[str, object]) -> None:
+    """Remove empty lists and their parent sections after revoking entries.
+
+    Args:
+        all_settings: The parsed settings dictionary to prune in place.
+    """
     prune_empty_list_then_empty_section(
         all_settings,
         CLAUDE_SETTINGS_PERMISSIONS_KEY,
         CLAUDE_SETTINGS_ALLOW_KEY,
     )
+    prune_empty_list_then_empty_section(
+        all_settings,
+        CLAUDE_SETTINGS_PERMISSIONS_KEY,
+        CLAUDE_SETTINGS_DENY_KEY,
+    )
     prune_empty_list_then_empty_section(
         all_settings,
         CLAUDE_SETTINGS_PERMISSIONS_KEY,
@@ -106,6 +203,18 @@ def prune_settings_after_revoke(all_settings: dict[str, object]) -> None:
 
 
 def revoke_permissions_for_current_directory() -> None:
+    """Revoke permissions previously granted for the current project directory.
+
+    Reads the current project path, constructs the matching allow and deny
+    permission rules, removes them from ~/.claude/settings.json, removes
+    every trust entry for the project from autoMode.environment, and prunes
+    any newly empty sections.
+
+    Raises:
+        SystemExit: When the current directory is not a valid project root.
+        ValueError: Propagated from get_current_project_path() when the path
+                    contains glob metacharacters.
+    """
     claude_user_settings_path: Path = get_claude_user_settings_path()
     project_root_path = Path.cwd()
     if not is_valid_project_root(project_root_path):
@@ -117,19 +226,25 @@ def revoke_permissions_for_current_directory() -> None:
         raise SystemExit(1)
     project_path = get_current_project_path()
     permission_rules = build_permission_rules(project_path, ALL_PERMISSION_ALLOW_TOOLS)
-    environment_entry = AUTO_MODE_ENVIRONMENT_ENTRY_TEMPLATE.format(
-        project_path=project_path
+    all_agent_config_deny_rules = build_agent_config_deny_rules(
+        project_path,
+        ALL_AGENT_CONFIG_DENY_TOOLS,
+        ALL_AGENT_CONFIG_PATH_PATTERNS,
     )
     settings = load_settings(claude_user_settings_path)
-    rules_removed_count = remove_rules_from_allow_list(settings, permission_rules)
+    allow_rules_removed_count = remove_rules_from_allow_list(settings, permission_rules)
+    deny_rules_removed_count = remove_rules_from_deny_list(
+        settings, all_agent_config_deny_rules
+    )
     directories_removed_count = remove_directory_from_additional_directories(
         settings, project_path
     )
-    environment_entries_removed_count = remove_auto_mode_environment_entry(
-        settings, environment_entry
+    environment_entries_removed_count = remove_trust_entries_for_project(
+        settings, project_path, AUTO_MODE_ENVIRONMENT_ENTRY_PREFIX
     )
     total_changes_count = (
-        rules_removed_count
+        allow_rules_removed_count
+        + deny_rules_removed_count
         + directories_removed_count
         + environment_entries_removed_count
     )
@@ -142,7 +257,13 @@ def revoke_permissions_for_current_directory() -> None:
     save_settings(claude_user_settings_path, settings)
     print(f"Project path: {project_path}")
     print(f"Settings file: {claude_user_settings_path}")
-    print(f"Allow rules removed: {rules_removed_count} of {len(permission_rules)}")
+    print(
+        f"Allow rules removed: {allow_rules_removed_count} of {len(permission_rules)}"
+    )
+    print(
+        f"Deny rules removed: {deny_rules_removed_count} of "
+        f"{len(all_agent_config_deny_rules)}"
+    )
     print(f"Additional directories removed: {directories_removed_count}")
     print(
         f"Auto-mode environment entries removed: {environment_entries_removed_count}"