claude-dev-env 1.73.0 → 1.75.0

package/hooks/hooks_constants/multi_edit_reconstruction.py

@@ -0,0 +1,56 @@
+"""Shared helpers that reconstruct the post-edit content of an Edit or MultiEdit.
+
+Several PreToolUse blockers judge the content a write would leave on disk rather
+than the raw payload fragment, so an edit on a line the blocker watches still
+participates even when an untouched line elsewhere supplies the context. Both the
+edit-replacement applier and the edit-list extractor are identical across those
+blockers, so they live here once and are imported from each.
+"""
+
+from __future__ import annotations
+
+__all__ = [
+    "apply_edits",
+    "edits_for_tool",
+]
+
+
+def apply_edits(existing_content: str, all_edits: list[dict]) -> str:
+    """Return *existing_content* with each Edit/MultiEdit replacement applied in order.
+
+    Args:
+        existing_content: The current on-disk file content.
+        all_edits: The Edit payload (as a single-element list) or MultiEdit
+            ``edits`` list, each a mapping with an ``old_string`` and a
+            ``new_string``.
+
+    Returns:
+        The content after replacing the first occurrence of each edit's
+        ``old_string`` with its ``new_string``, in list order.
+    """
+    edited_content = existing_content
+    for each_edit in all_edits:
+        if not isinstance(each_edit, dict):
+            continue
+        old_string = each_edit.get("old_string", "")
+        new_string = each_edit.get("new_string", "")
+        if isinstance(old_string, str) and isinstance(new_string, str) and old_string:
+            edited_content = edited_content.replace(old_string, new_string, 1)
+    return edited_content
+
+
+def edits_for_tool(tool_name: str, tool_input: dict) -> list[dict]:
+    """Return the edit mappings an Edit or MultiEdit payload carries.
+
+    Args:
+        tool_name: The intercepted tool — ``Edit`` or ``MultiEdit``.
+        tool_input: The tool's input payload.
+
+    Returns:
+        A single-element list holding the Edit payload, or the MultiEdit
+        ``edits`` list when it is present as a list; an empty list otherwise.
+    """
+    if tool_name == "Edit":
+        return [tool_input]
+    all_edits = tool_input.get("edits", [])
+    return all_edits if isinstance(all_edits, list) else []

package/hooks/hooks_constants/package_inventory_stale_blocker_constants.py

@@ -0,0 +1,111 @@
+"""Constants for the package-inventory stale-entry blocker.
+
+A package directory documents its own files in a sibling inventory document —
+a ``README.md`` Layout table or a ``CLAUDE.md`` "Key files" list — whose entries
+name each file in backticks. When a new production code file lands in that
+directory and the inventory carries no entry naming it, the inventory disagrees
+with the directory on the package's file set, and a reader trusting the
+inventory to map the directory misses the new file. This module holds the
+inventory document names, the production code extensions that earn an inventory
+entry, the backtick pattern that finds an inventory's named files, the code-fence
+pattern that marks lines to skip, the glob-metacharacter pattern that rejects
+pattern tokens, the non-filename pattern that rejects command-example and
+path-bearing prose spans, the minimum inventory size that marks a document as a
+maintained inventory, the filenames exempt from an entry, the scan budget, and
+the block-message text the hook emits.
+"""
+
+import re
+
+__all__ = [
+    "ALL_INVENTORY_DOCUMENT_NAMES",
+    "ALL_PRODUCTION_CODE_EXTENSIONS",
+    "PYTHON_FILE_EXTENSION",
+    "ALL_TEST_FILE_MARKERS",
+    "BACKTICK_TOKEN_PATTERN",
+    "CODE_FENCE_PATTERN",
+    "GLOB_METACHARACTER_PATTERN",
+    "NON_FILENAME_TOKEN_PATTERN",
+    "MINIMUM_INVENTORY_ENTRY_COUNT",
+    "ALL_EXEMPT_BASENAMES",
+    "ALL_EXEMPT_DIRECTORY_NAMES",
+    "MAX_INVENTORY_FILE_BYTES",
+    "STALE_INVENTORY_MESSAGE_TEMPLATE",
+    "STALE_INVENTORY_SYSTEM_MESSAGE",
+    "STALE_INVENTORY_ADDITIONAL_CONTEXT",
+]
+
+ALL_INVENTORY_DOCUMENT_NAMES: frozenset[str] = frozenset({"README.md", "CLAUDE.md"})
+
+PYTHON_FILE_EXTENSION: str = ".py"
+
+ALL_TEST_FILE_MARKERS: tuple[str, ...] = (".spec.", ".test.")
+
+ALL_PRODUCTION_CODE_EXTENSIONS: frozenset[str] = frozenset(
+    {
+        ".py",
+        ".mjs",
+        ".js",
+        ".ts",
+        ".ps1",
+        ".sh",
+    }
+)
+
+BACKTICK_TOKEN_PATTERN: re.Pattern[str] = re.compile(r"`([^`]+)`")
+
+CODE_FENCE_PATTERN: re.Pattern[str] = re.compile(r"^\s*(?:```|~~~)")
+
+GLOB_METACHARACTER_PATTERN: re.Pattern[str] = re.compile(r"[*?{}\[\]]")
+
+NON_FILENAME_TOKEN_PATTERN: re.Pattern[str] = re.compile(r"[\s:$<>]")
+
+MINIMUM_INVENTORY_ENTRY_COUNT: int = 2
+
+ALL_EXEMPT_BASENAMES: frozenset[str] = frozenset(
+    {
+        "__init__.py",
+        "conftest.py",
+        "setup.py",
+        "_path_setup.py",
+    }
+)
+
+ALL_EXEMPT_DIRECTORY_NAMES: frozenset[str] = frozenset(
+    {
+        "config",
+        "tests",
+        "__pycache__",
+        ".git",
+        "node_modules",
+        ".pytest_cache",
+        ".ruff_cache",
+    }
+)
+
+MAX_INVENTORY_FILE_BYTES: int = 200_000
+
+STALE_INVENTORY_MESSAGE_TEMPLATE: str = (
+    "New production file `{filename}` lands in {directory}, whose inventory "
+    "document(s) ({inventories}) name {entry_count} sibling files but no entry "
+    "for `{filename}`. A package inventory names every production file in its "
+    "directory; a new file the inventory omits leaves the inventory and the "
+    "directory disagreeing on the package's file set. Add an entry naming "
+    "`{filename}` to the inventory in this same change."
+)
+
+STALE_INVENTORY_SYSTEM_MESSAGE: str = (
+    "New production file is absent from its package inventory (README.md / "
+    "CLAUDE.md) - add the inventory entry in this same change"
+)
+
+STALE_INVENTORY_ADDITIONAL_CONTEXT: str = (
+    "A package directory whose README.md or CLAUDE.md lists its files in "
+    "backticks is a maintained inventory of the package's file set. A new "
+    "production code file (.py, .mjs, .js, .ts, .ps1, .sh) in that directory "
+    "carries one inventory entry naming it. Add a row to the README.md table or "
+    "a bullet to the CLAUDE.md list naming this file, describing what it does, "
+    "in the same change that creates the file. Exempt files (no entry needed): "
+    "__init__.py, conftest.py, setup.py, _path_setup.py, files under config/ or "
+    "tests/, and test files (test_*.py, *_test.py, *.spec.*, *.test.*)."
+)

package/hooks/hooks_constants/post_tool_use_dispatcher_constants.py

@@ -2,8 +2,7 @@
 
 Holds the ordered hosted-hook list with each hook's extra command-line
 arguments and blocking flag, the PostToolUse block-decision string and key,
-and the hook-event name. The dispatcher imports these; no literals appear
-inline in the dispatcher script.
+and the hook-event name. The dispatcher imports each of these by name.
 """
 
 from __future__ import annotations
@@ -16,6 +15,7 @@ __all__ = [
     "REASON_KEY",
     "HOOK_EVENT_NAME",
     "EMPTY_REASON_BLOCK_FALLBACK",
+    "BLOCKING_CRASH_DENY_REASON",
     "PLUGIN_ROOT_PLACEHOLDER",
     "PostHostedHookEntry",
     "ALL_POST_HOSTED_HOOK_ENTRIES",
@@ -26,6 +26,7 @@ DECISION_KEY = "decision"
 REASON_KEY = "reason"
 HOOK_EVENT_NAME = "PostToolUse"
 EMPTY_REASON_BLOCK_FALLBACK = "[dispatcher] hook blocked with no reason — write blocked"
+BLOCKING_CRASH_DENY_REASON = "[dispatcher] hook crash in blocking hook — write blocked for safety"
 
 PLUGIN_ROOT_PLACEHOLDER = "${CLAUDE_PLUGIN_ROOT}"
 

package/hooks/hooks_constants/pre_tool_use_dispatcher_constants.py

@@ -2,7 +2,7 @@
 
 Holds the ordered hosted-hook list with per-hook applicable-tool sets, the
 special exit codes, the deny decision string, and the hook-event name. The
-dispatcher imports these; no literals appear inline in the dispatcher script.
+dispatcher imports each of these by name.
 """
 
 from __future__ import annotations
@@ -15,6 +15,7 @@ __all__ = [
     "HOOK_EVENT_NAME",
     "BLOCKING_CRASH_EXIT_CODE",
     "EXIT_CODE_TWO_DENY_REASON",
+    "BLOCKING_CRASH_DENY_REASON",
     "WRITE_TOOL_NAME",
     "EDIT_TOOL_NAME",
     "MULTI_EDIT_TOOL_NAME",
@@ -31,6 +32,7 @@ ALLOW_DECISION = "allow"
 HOOK_EVENT_NAME = "PreToolUse"
 BLOCKING_CRASH_EXIT_CODE = 2
 EXIT_CODE_TWO_DENY_REASON = "[dispatcher] hook denied via exit code 2 — write blocked"
+BLOCKING_CRASH_DENY_REASON = "[dispatcher] hook crash in blocking hook — write blocked for safety"
 
 WRITE_TOOL_NAME = "Write"
 EDIT_TOOL_NAME = "Edit"
@@ -59,8 +61,8 @@ class HostedHookEntry:
         native_module_name: The importable module name whose evaluate function
             the dispatcher calls in-process for this hook, or None when the hook
             runs via runpy under __main__. The named module exposes a function
-            named NATIVE_EVALUATE_FUNCTION_NAME taking the payload dict and
-            returning a deny-reason string or None.
+            named `evaluate` taking the payload dict and returning a deny-reason
+            string or None.
     """
 
     script_relative_path: str
@@ -94,6 +96,10 @@ ALL_HOSTED_HOOK_ENTRIES: tuple[HostedHookEntry, ...] = (
         script_relative_path="blocking/windows_rmtree_blocker.py",
         applicable_tool_names=ALL_WRITE_AND_EDIT_TOOL_NAMES,
     ),
+    HostedHookEntry(
+        script_relative_path="blocking/duplicate_rmtree_helper_blocker.py",
+        applicable_tool_names=ALL_WRITE_AND_EDIT_TOOL_NAMES,
+    ),
     HostedHookEntry(
         script_relative_path="blocking/state_description_blocker.py",
         applicable_tool_names=ALL_WRITE_AND_EDIT_TOOL_NAMES,
@@ -119,6 +125,10 @@ ALL_HOSTED_HOOK_ENTRIES: tuple[HostedHookEntry, ...] = (
         script_relative_path="blocking/claude_md_orphan_file_blocker.py",
         applicable_tool_names=ALL_WRITE_EDIT_MULTI_EDIT_TOOL_NAMES,
     ),
+    HostedHookEntry(
+        script_relative_path="blocking/package_inventory_stale_blocker.py",
+        applicable_tool_names=ALL_WRITE_EDIT_MULTI_EDIT_TOOL_NAMES,
+    ),
     HostedHookEntry(
         script_relative_path="blocking/pytest_testpaths_orphan_blocker.py",
         applicable_tool_names=ALL_WRITE_EDIT_MULTI_EDIT_TOOL_NAMES,
@@ -127,6 +137,10 @@ ALL_HOSTED_HOOK_ENTRIES: tuple[HostedHookEntry, ...] = (
         script_relative_path="blocking/open_questions_in_plans_blocker.py",
         applicable_tool_names=ALL_WRITE_EDIT_MULTI_EDIT_TOOL_NAMES,
     ),
+    HostedHookEntry(
+        script_relative_path="blocking/docstring_rule_gate_count_blocker.py",
+        applicable_tool_names=ALL_WRITE_EDIT_MULTI_EDIT_TOOL_NAMES,
+    ),
     HostedHookEntry(
         script_relative_path="blocking/plain_language_blocker.py",
         applicable_tool_names=ALL_WRITE_EDIT_MULTI_EDIT_TOOL_NAMES,

package/hooks/hooks_constants/send_user_file_open_locally_blocker_constants.py

@@ -0,0 +1,18 @@
+"""Configuration constants for the send_user_file_open_locally_blocker PreToolUse hook."""
+
+TOOL_NAME: str = "SendUserFile"
+
+PROACTIVE_STATUS: str = "proactive"
+
+CORRECTIVE_MESSAGE: str = (
+    "BLOCKED [open-locally]: SendUserFile attaches a file to the session, which "
+    "does not let the user see it while they are at the terminal. Open the file on "
+    "screen in its own viewer:\n"
+    "  Start-Process pwsh -WindowStyle Hidden -ArgumentList "
+    "'-NoProfile','-File',\"$HOME\\.claude\\scripts\\Show-Asset.ps1\","
+    "'<path 1>','<path 2>'\n"
+    "Show-Asset.ps1 sizes each image window to the image and opens every other file "
+    "type in its default app. Pass every path the user named.\n"
+    "The one allowed attach is a phone push: when the user has stepped away and you "
+    'want the file to reach their phone, call SendUserFile with status "proactive".'
+)

package/hooks/hooks_constants/test_dispatcher_constants_docstrings.py

@@ -0,0 +1,44 @@
+"""Regression tests proving the dispatcher constants docstrings clear the O6 gate.
+
+The PreToolUse and PostToolUse dispatcher constants modules each carry a module
+docstring stating what the module centralizes. Neither docstring may assert that
+no literals appear inline in its companion dispatcher script — that completeness
+claim about a sibling file is the deterministic Category O6 drift the enforcer's
+check_docstring_no_inline_literal_claim blocks. These tests load the real
+modules' source and assert the check returns no issues for either.
+"""
+
+from __future__ import annotations
+
+import importlib.util
+from pathlib import Path
+from types import ModuleType
+
+
+def _load_enforcer_module() -> ModuleType:
+    enforcer_path = Path(__file__).resolve().parent.parent / "blocking" / "code_rules_enforcer.py"
+    enforcer_spec = importlib.util.spec_from_file_location("code_rules_enforcer", enforcer_path)
+    assert enforcer_spec is not None
+    assert enforcer_spec.loader is not None
+    enforcer_module = importlib.util.module_from_spec(enforcer_spec)
+    enforcer_spec.loader.exec_module(enforcer_module)
+    return enforcer_module
+
+
+code_rules_enforcer = _load_enforcer_module()
+
+
+def _check_issues_for(module_filename: str) -> list[str]:
+    module_path = Path(__file__).resolve().parent / module_filename
+    module_source = module_path.read_text(encoding="utf-8")
+    return code_rules_enforcer.check_docstring_no_inline_literal_claim(
+        module_source, str(module_path)
+    )
+
+
+def test_pre_tool_use_dispatcher_constants_docstring_clears_o6_gate() -> None:
+    assert _check_issues_for("pre_tool_use_dispatcher_constants.py") == []
+
+
+def test_post_tool_use_dispatcher_constants_docstring_clears_o6_gate() -> None:
+    assert _check_issues_for("post_tool_use_dispatcher_constants.py") == []

package/hooks/hooks_constants/test_hook_block_logger.py

@@ -0,0 +1,159 @@
+"""Tests for the shared hook block logger."""
+
+from __future__ import annotations
+
+import datetime
+import json
+import stat
+import sys
+from pathlib import Path
+from unittest.mock import patch
+
+import pytest
+
+sys.path.insert(0, str(Path(__file__).resolve().parent.parent))
+
+from hooks_constants.hook_block_logger import log_hook_block  # noqa: E402
+
+
+def test_log_hook_block_writes_parseable_json_line(tmp_path: Path) -> None:
+    with patch.object(Path, "home", return_value=tmp_path):
+        log_hook_block(
+            calling_hook_name="test_hook.py",
+            hook_event="PreToolUse",
+            block_reason="test block reason",
+            tool_name="Bash",
+            offending_input_preview="echo hello",
+        )
+
+    log_path = tmp_path / ".claude" / "logs" / "hook-blocks.log"
+    assert log_path.exists()
+    line = log_path.read_text(encoding="utf-8").strip()
+    parsed = json.loads(line)
+
+    assert "timestamp" in parsed
+    assert parsed["hook"] == "test_hook.py"
+    assert parsed["event"] == "PreToolUse"
+    assert parsed["tool"] == "Bash"
+    assert parsed["reason"] == "test block reason"
+    assert parsed["preview"] == "echo hello"
+
+
+def test_log_hook_block_creates_logs_directory(tmp_path: Path) -> None:
+    with patch.object(Path, "home", return_value=tmp_path):
+        log_hook_block(
+            calling_hook_name="some_hook.py",
+            hook_event="Stop",
+            block_reason="stop reason",
+        )
+
+    log_path = tmp_path / ".claude" / "logs" / "hook-blocks.log"
+    assert log_path.exists()
+
+
+def test_log_hook_block_omits_none_fields(tmp_path: Path) -> None:
+    with patch.object(Path, "home", return_value=tmp_path):
+        log_hook_block(
+            calling_hook_name="minimal_hook.py",
+            hook_event="PreToolUse",
+            block_reason="some reason",
+        )
+
+    log_path = tmp_path / ".claude" / "logs" / "hook-blocks.log"
+    line = log_path.read_text(encoding="utf-8").strip()
+    parsed = json.loads(line)
+    assert "tool" not in parsed
+    assert "preview" not in parsed
+
+
+def test_log_hook_block_appends_multiple_records(tmp_path: Path) -> None:
+    with patch.object(Path, "home", return_value=tmp_path):
+        log_hook_block(
+            calling_hook_name="hook_a.py",
+            hook_event="PreToolUse",
+            block_reason="first",
+        )
+        log_hook_block(
+            calling_hook_name="hook_b.py",
+            hook_event="Stop",
+            block_reason="second",
+        )
+
+    log_path = tmp_path / ".claude" / "logs" / "hook-blocks.log"
+    all_lines = log_path.read_text(encoding="utf-8").strip().splitlines()
+    assert len(all_lines) == 2
+    first_parsed = json.loads(all_lines[0])
+    second_parsed = json.loads(all_lines[1])
+    assert first_parsed["hook"] == "hook_a.py"
+    assert second_parsed["hook"] == "hook_b.py"
+
+
+def test_log_hook_block_swallows_io_error_on_unwritable_log(tmp_path: Path) -> None:
+    logs_dir = tmp_path / ".claude" / "logs"
+    logs_dir.mkdir(parents=True, exist_ok=True)
+    log_path = logs_dir / "hook-blocks.log"
+    log_path.write_text("", encoding="utf-8")
+    log_path.chmod(stat.S_IREAD)
+
+    try:
+        with patch.object(Path, "home", return_value=tmp_path):
+            log_hook_block(
+                calling_hook_name="any_hook.py",
+                hook_event="PreToolUse",
+                block_reason="reason",
+            )
+    except OSError:
+        pytest.fail("log_hook_block raised OSError on unwritable log file")
+    finally:
+        log_path.chmod(stat.S_IREAD | stat.S_IWRITE)
+
+
+def test_log_hook_block_swallows_runtime_error_when_home_unresolvable() -> None:
+    def raise_home_resolution_failure() -> Path:
+        raise RuntimeError("Could not determine home directory.")
+
+    with patch.object(Path, "home", side_effect=raise_home_resolution_failure):
+        try:
+            returned_nothing = log_hook_block(
+                calling_hook_name="any_hook.py",
+                hook_event="PreToolUse",
+                block_reason="reason",
+            )
+        except RuntimeError:
+            pytest.fail("log_hook_block raised RuntimeError when home was unresolvable")
+
+    assert returned_nothing is None
+
+
+def test_log_hook_block_truncates_long_preview(tmp_path: Path) -> None:
+    long_input = "x" * 600
+
+    with patch.object(Path, "home", return_value=tmp_path):
+        log_hook_block(
+            calling_hook_name="hook.py",
+            hook_event="PreToolUse",
+            block_reason="reason",
+            offending_input_preview=long_input,
+        )
+
+    log_path = tmp_path / ".claude" / "logs" / "hook-blocks.log"
+    line = log_path.read_text(encoding="utf-8").strip()
+    parsed = json.loads(line)
+    assert len(parsed["preview"]) <= 500
+
+
+def test_log_hook_block_timestamp_is_iso8601(tmp_path: Path) -> None:
+    before = datetime.datetime.now()
+    with patch.object(Path, "home", return_value=tmp_path):
+        log_hook_block(
+            calling_hook_name="ts_hook.py",
+            hook_event="PreToolUse",
+            block_reason="ts test",
+        )
+    after = datetime.datetime.now()
+
+    log_path = tmp_path / ".claude" / "logs" / "hook-blocks.log"
+    line = log_path.read_text(encoding="utf-8").strip()
+    parsed = json.loads(line)
+    parsed_timestamp = datetime.datetime.fromisoformat(parsed["timestamp"])
+    assert before <= parsed_timestamp <= after

package/hooks/hooks_constants/test_post_tool_use_dispatcher_constants.py

@@ -0,0 +1,43 @@
+"""Tests for the PostToolUse dispatcher constants module."""
+
+import pathlib
+import sys
+
+_HOOKS_ROOT = pathlib.Path(__file__).resolve().parent.parent
+if str(_HOOKS_ROOT) not in sys.path:
+    sys.path.insert(0, str(_HOOKS_ROOT))
+
+_VALIDATION_DIR = _HOOKS_ROOT / "validation"
+if str(_VALIDATION_DIR) not in sys.path:
+    sys.path.insert(0, str(_VALIDATION_DIR))
+
+from post_tool_use_dispatcher import (
+    PostHostedHookResult,
+    aggregate_post_hosted_hook_results,
+)
+
+from hooks_constants.post_tool_use_dispatcher_constants import (
+    BLOCKING_CRASH_DENY_REASON,
+)
+
+
+def test_blocking_hook_crash_block_reason_surfaces_the_constant() -> None:
+    crash_result = PostHostedHookResult(
+        captured_stdout="",
+        did_crash=True,
+        is_blocking=True,
+    )
+    decision = aggregate_post_hosted_hook_results([crash_result])
+    assert decision.should_block
+    assert BLOCKING_CRASH_DENY_REASON in decision.all_block_reasons
+
+
+def test_non_blocking_hook_crash_does_not_surface_the_constant() -> None:
+    crash_result = PostHostedHookResult(
+        captured_stdout="",
+        did_crash=True,
+        is_blocking=False,
+    )
+    decision = aggregate_post_hosted_hook_results([crash_result])
+    assert not decision.should_block
+    assert BLOCKING_CRASH_DENY_REASON not in decision.all_block_reasons

package/hooks/hooks_constants/test_pre_tool_use_dispatcher_constants.py

@@ -0,0 +1,99 @@
+"""Tests for the PreToolUse dispatcher hosted-hook roster."""
+
+import importlib
+import pathlib
+import sys
+
+_HOOKS_ROOT = pathlib.Path(__file__).resolve().parent.parent
+if str(_HOOKS_ROOT) not in sys.path:
+    sys.path.insert(0, str(_HOOKS_ROOT))
+
+_BLOCKING_DIR = _HOOKS_ROOT / "blocking"
+if str(_BLOCKING_DIR) not in sys.path:
+    sys.path.insert(0, str(_BLOCKING_DIR))
+
+from hooks_constants.pre_tool_use_dispatcher_constants import (
+    ALL_HOSTED_HOOK_ENTRIES,
+    ALL_WRITE_AND_EDIT_TOOL_NAMES,
+    BLOCKING_CRASH_DENY_REASON,
+    EDIT_TOOL_NAME,
+    WRITE_TOOL_NAME,
+)
+from pre_tool_use_dispatcher import (
+    HostedHookResult,
+    aggregate_hosted_hook_results,
+)
+
+
+def _entry_for(script_relative_path: str):
+    matching_entries = [
+        each_entry
+        for each_entry in ALL_HOSTED_HOOK_ENTRIES
+        if each_entry.script_relative_path == script_relative_path
+    ]
+    return matching_entries[0] if matching_entries else None
+
+
+def test_roster_includes_duplicate_rmtree_helper_blocker_script_path() -> None:
+    all_registered_script_paths = [
+        each_entry.script_relative_path for each_entry in ALL_HOSTED_HOOK_ENTRIES
+    ]
+    assert "blocking/duplicate_rmtree_helper_blocker.py" in all_registered_script_paths, (
+        "duplicate_rmtree_helper_blocker must be hosted by the dispatcher so a local "
+        "re-definition of the Windows-safe rmtree helper trio is blocked at Write time"
+    )
+
+
+def test_duplicate_rmtree_helper_blocker_applies_to_write_and_edit() -> None:
+    entry = _entry_for("blocking/duplicate_rmtree_helper_blocker.py")
+    assert entry is not None
+    assert WRITE_TOOL_NAME in entry.applicable_tool_names
+    assert EDIT_TOOL_NAME in entry.applicable_tool_names
+
+
+def test_duplicate_rmtree_helper_blocker_is_blocking() -> None:
+    entry = _entry_for("blocking/duplicate_rmtree_helper_blocker.py")
+    assert entry is not None
+    assert entry.is_blocking is True
+
+
+def test_duplicate_rmtree_helper_blocker_runs_via_runpy() -> None:
+    entry = _entry_for("blocking/duplicate_rmtree_helper_blocker.py")
+    assert entry is not None
+    assert entry.native_module_name is None
+
+
+def test_windows_rmtree_blocker_still_registered() -> None:
+    entry = _entry_for("blocking/windows_rmtree_blocker.py")
+    assert entry is not None
+    assert entry.applicable_tool_names == ALL_WRITE_AND_EDIT_TOOL_NAMES
+
+
+def test_blocking_hook_crash_deny_reason_surfaces_the_constant() -> None:
+    crash_result = HostedHookResult(
+        exit_code=0,
+        captured_stdout="",
+        did_crash=True,
+        is_blocking=True,
+    )
+    decision = aggregate_hosted_hook_results([crash_result])
+    assert decision.should_deny
+    assert BLOCKING_CRASH_DENY_REASON in decision.all_deny_reasons
+
+
+def test_every_native_module_exposes_a_callable_evaluate() -> None:
+    nativized_entries = [
+        each_entry
+        for each_entry in ALL_HOSTED_HOOK_ENTRIES
+        if each_entry.native_module_name is not None
+    ]
+    assert nativized_entries, (
+        "the roster must carry at least one nativized hook for this test to lock the contract"
+    )
+    for each_entry in nativized_entries:
+        native_module = importlib.import_module(each_entry.native_module_name)
+        evaluate_function = getattr(native_module, "evaluate", None)
+        assert callable(evaluate_function), (
+            f"{each_entry.native_module_name} must expose a callable named evaluate, "
+            "matching the native_module_name docstring contract"
+        )

package/hooks/hooks_constants/test_text_stripping.py

@@ -0,0 +1,39 @@
+"""Tests for the shared strip_code_and_quotes helper."""
+
+import pathlib
+import sys
+
+_HOOKS_ROOT = pathlib.Path(__file__).resolve().parent.parent
+if str(_HOOKS_ROOT) not in sys.path:
+    sys.path.insert(0, str(_HOOKS_ROOT))
+
+from hooks_constants.text_stripping import strip_code_and_quotes
+
+
+def test_removes_fenced_code_block() -> None:
+    text = "before\n```python\nshould I run this?\n```\nafter"
+    stripped = strip_code_and_quotes(text)
+    assert "should I run this?" not in stripped
+    assert "before" in stripped
+    assert "after" in stripped
+
+
+def test_removes_inline_code_span() -> None:
+    text = "the function `would you like` is named oddly"
+    stripped = strip_code_and_quotes(text)
+    assert "would you like" not in stripped
+    assert "the function" in stripped
+    assert "is named oddly" in stripped
+
+
+def test_removes_leading_blockquote_lines() -> None:
+    text = "real line\n> should I proceed?\nfinal line"
+    stripped = strip_code_and_quotes(text)
+    assert "should I proceed?" not in stripped
+    assert "real line" in stripped
+    assert "final line" in stripped
+
+
+def test_leaves_plain_prose_unchanged() -> None:
+    text = "This sentence carries no code or quotes."
+    assert strip_code_and_quotes(text) == text