npm - claude-warden - Versions diffs - 1.8.3 → 2.0.1 - Mend

claude-warden 1.8.3 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/.claude-plugin/marketplace.json +1 -1
package/.claude-plugin/plugin.json +2 -2
package/README.md +47 -3
package/config/warden.default.yaml +28 -1
package/dist/codex-export.cjs +20234 -0
package/dist/index.cjs +162 -10
package/package.json +2 -1

package/.claude-plugin/marketplace.json CHANGED Viewed

@@ -6,7 +6,7 @@
   },
   "plugins": [
     {
-      "name": "claude-warden",
+      "name": "warden",
       "description": "Auto-approves safe commands, blocks dangerous ones, prompts for the rest",
       "version": "1.0.1",
       "author": {

package/.claude-plugin/plugin.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
-  "name": "claude-warden",
-  "version": "1.8.3",
+  "name": "warden",
+  "version": "2.0.1",
   "description": "Smart command safety filter for Claude Code — parses shell pipelines and evaluates per-command safety rules to auto-approve safe commands and block dangerous ones",
   "author": {
     "name": "banyudu"

package/README.md CHANGED Viewed

@@ -48,7 +48,7 @@ Two commands inside Claude Code:
 ```
 /plugin marketplace add banyudu/claude-warden
-/plugin install claude-warden@claude-warden
+/plugin install warden@claude-warden
 ```
 That's it. Restart Claude Code and Warden is active.
@@ -68,6 +68,27 @@ cd claude-warden && npm install && npm run build
 claude --plugin-dir ./claude-warden
 ```
+## Codex CLI (experimental)
+Codex currently uses `execpolicy` (`.rules` files) for command approvals. Warden can export your effective command-level decisions to a Codex rules file:
+```bash
+pnpm run build
+pnpm run codex:export-rules
+```
+This writes `.codex/rules/warden.rules` in the current project by default.
+- Use `--cwd <dir>` to choose which workspace config to load.
+- Use `--out <path>` to choose an output path.
+- Use `--stdout` to print the generated rules.
+Example:
+```bash
+node dist/codex-export.cjs --cwd . --out .codex/rules/warden.rules
+```
 ## Configure
 Warden works out of the box with sensible defaults. To customize, create a config file:
@@ -133,14 +154,37 @@ rules:
         description: Read-only docker commands
 ```
-## Feedback and `/claude-warden:warden-allow`
+## YOLO mode
+Need to temporarily bypass all permission prompts? YOLO mode auto-allows all commands for a limited time or the full session — while still blocking always-deny commands (like `sudo`, `shutdown`) for safety.
+### Activate via slash command
+```
+/warden:yolo session    # Full session, no expiry
+/warden:yolo 5m         # 5 minutes
+/warden:yolo 15m        # 15 minutes
+/warden:yolo off        # Turn off immediately
+```
+Running `/warden:yolo` with no arguments shows a menu of duration options.
+### How it works
+YOLO mode is **session-scoped** — it only affects the current Claude Code session. The hook intercepts special activation commands and stores state in a temp file keyed by session ID. When a command is evaluated during YOLO mode, the hook skips normal rule evaluation and auto-allows (except always-deny commands). Expired YOLO states are cleaned up automatically.
+### Discovery
+When Warden prompts you for permission (`ask` decision), the system message includes a tip about YOLO mode so you can discover it when you need it most.
+## Feedback and `/warden:allow`
 When Warden blocks or flags a command, it includes a system message explaining:
 1. **Why** the command was blocked/flagged (per-command reasons)
 2. **How to allow it** — a ready-to-use YAML snippet for your config
-Use the `/claude-warden:warden-allow` slash command to apply the suggested config change. It will ask which scope (project or user) to use.
+Use the `/warden:allow` slash command to apply the suggested config change. It will ask which scope (project or user) to use.
 ## Built-in defaults

package/config/warden.default.yaml CHANGED Viewed

@@ -86,9 +86,36 @@ notifyOnDeny: true
 # Command-specific rules (override built-in rules by command name).
 # The first scope (project > user > default) with a rule for a given command wins.
+#
+# IMPORTANT: Rules are matched by the command being executed, not by arguments.
+# For example, when Claude runs `python -c "import foo"`, warden looks up rules
+# for command: "python" — NOT "bash" or "sh". A common mistake is writing rules
+# for "bash" with argPatterns matching "python"; this won't work because warden
+# sees the command as "python".
+#
 # rules:
+#   # Allow all python commands
+#   - command: python
+#     default: allow
+#
+#   # Allow python -c but ask for other python usage
+#   - command: python
+#     default: ask
+#     argPatterns:
+#       - match:
+#           anyArgMatches: ['^-c$']
+#         decision: allow
+#         description: Allow python -c inline scripts
+#
+#   # Allow all node.js execution
+#   - command: node
+#     default: allow
+#
+#   # Trust all npx in this project
 #   - command: npx
-#     default: allow          # Trust all npx in this project
+#     default: allow
+#
+#   # Docker with selective allow
 #   - command: docker
 #     default: ask
 #     argPatterns: