npm - claudepod - Versions diffs - 1.2.3 → 1.3.1 - Mend

claudepod 1.2.3 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

package/.devcontainer/plugins/devs-marketplace/plugins/auto-linter/scripts/lint-file.py ADDED Viewed

@@ -0,0 +1,137 @@
+#!/usr/bin/env python3
+"""
+Auto-lint files after editing.
+Reads tool input from stdin, detects file type by extension,
+runs appropriate linter if available.
+Outputs JSON with additionalContext containing lint warnings.
+Non-blocking: exit 0 regardless of lint result.
+"""
+import json
+import os
+import subprocess
+import sys
+from pathlib import Path
+# Linter configuration: extension -> (command, args, name, parser)
+PYTHON_EXTENSIONS = {".py", ".pyi"}
+def lint_python(file_path: str) -> tuple[bool, str]:
+    """Run pyright on a Python file.
+    Returns:
+        (success, message)
+    """
+    pyright_cmd = "pyright"
+    # Check if pyright is available
+    try:
+        subprocess.run(
+            ["which", pyright_cmd],
+            capture_output=True,
+            check=True
+        )
+    except subprocess.CalledProcessError:
+        return True, ""  # Pyright not available
+    try:
+        result = subprocess.run(
+            [pyright_cmd, "--outputjson", file_path],
+            capture_output=True,
+            text=True,
+            timeout=55
+        )
+        # Parse pyright JSON output
+        try:
+            output = json.loads(result.stdout)
+            diagnostics = output.get("generalDiagnostics", [])
+            if not diagnostics:
+                return True, "[Auto-linter] Pyright: No issues found"
+            # Format diagnostics
+            issues = []
+            for diag in diagnostics[:5]:  # Limit to first 5 issues
+                severity = diag.get("severity", "info")
+                message = diag.get("message", "")
+                line = diag.get("range", {}).get("start", {}).get("line", 0) + 1
+                if severity == "error":
+                    icon = "✗"
+                elif severity == "warning":
+                    icon = "!"
+                else:
+                    icon = "•"
+                issues.append(f"  {icon} Line {line}: {message}")
+            total = len(diagnostics)
+            shown = min(5, total)
+            header = f"[Auto-linter] Pyright: {total} issue(s)"
+            if total > shown:
+                header += f" (showing first {shown})"
+            return True, header + "\n" + "\n".join(issues)
+        except json.JSONDecodeError:
+            # Pyright output not JSON, might be an error
+            if result.stderr:
+                return True, f"[Auto-linter] Pyright error: {result.stderr.strip()[:100]}"
+            return True, ""
+    except subprocess.TimeoutExpired:
+        return True, "[Auto-linter] Pyright timed out"
+    except Exception as e:
+        return True, f"[Auto-linter] Error: {e}"
+def lint_file(file_path: str) -> tuple[bool, str]:
+    """Run appropriate linter for file.
+    Returns:
+        (success, message)
+    """
+    ext = Path(file_path).suffix.lower()
+    if ext in PYTHON_EXTENSIONS:
+        return lint_python(file_path)
+    # No linter available for this file type
+    return True, ""
+def main():
+    try:
+        input_data = json.load(sys.stdin)
+        tool_input = input_data.get("tool_input", {})
+        file_path = tool_input.get("file_path", "")
+        if not file_path:
+            sys.exit(0)
+        # Check if file exists
+        if not os.path.exists(file_path):
+            sys.exit(0)
+        _, message = lint_file(file_path)
+        if message:
+            # Output context for Claude
+            print(json.dumps({
+                "additionalContext": message
+            }))
+        sys.exit(0)
+    except json.JSONDecodeError:
+        sys.exit(0)
+    except Exception as e:
+        print(f"Hook error: {e}", file=sys.stderr)
+        sys.exit(0)
+if __name__ == "__main__":
+    main()

package/.devcontainer/plugins/devs-marketplace/plugins/claudepod-lsp/.claude-plugin/plugin.json ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "name": "claudepod-lsp",
+  "description": "LSP servers for ClaudePod (Python, TypeScript, Go)",
+  "author": {
+    "name": "AnExiledDev"
+  }
+}

package/.devcontainer/plugins/devs-marketplace/plugins/dangerous-command-blocker/.claude-plugin/plugin.json ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "name": "dangerous-command-blocker",
+  "description": "Blocks dangerous bash commands (rm -rf, sudo rm, chmod 777, force push)",
+  "author": {
+    "name": "AnExiledDev"
+  }
+}

package/.devcontainer/plugins/devs-marketplace/plugins/dangerous-command-blocker/hooks/hooks.json ADDED Viewed

@@ -0,0 +1,17 @@
+{
+  "description": "Block dangerous bash commands before execution",
+  "hooks": {
+    "PreToolUse": [
+      {
+        "matcher": "Bash",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "python3 ${CLAUDE_PLUGIN_ROOT}/scripts/block-dangerous.py",
+            "timeout": 5
+          }
+        ]
+      }
+    ]
+  }
+}

package/.devcontainer/plugins/devs-marketplace/plugins/dangerous-command-blocker/scripts/block-dangerous.py ADDED Viewed

@@ -0,0 +1,110 @@
+#!/usr/bin/env python3
+"""
+Block dangerous bash commands before execution.
+Reads tool input from stdin, checks against dangerous patterns.
+Exit code 2 blocks the command with error message.
+Exit code 0 allows the command to proceed.
+"""
+import json
+import re
+import sys
+DANGEROUS_PATTERNS = [
+    # Destructive filesystem deletion
+    (r'\brm\s+.*-[^\s]*r[^\s]*f[^\s]*\s+[/~](?:\s|$)',
+     "Blocked: rm -rf on root or home directory"),
+    (r'\brm\s+.*-[^\s]*f[^\s]*r[^\s]*\s+[/~](?:\s|$)',
+     "Blocked: rm -rf on root or home directory"),
+    (r'\brm\s+-rf\s+/(?:\s|$)',
+     "Blocked: rm -rf /"),
+    (r'\brm\s+-rf\s+~(?:\s|$)',
+     "Blocked: rm -rf ~"),
+    # Root-level file removal
+    (r'\bsudo\s+rm\b',
+     "Blocked: sudo rm - use caution with privileged deletion"),
+    # World-writable permissions
+    (r'\bchmod\s+777\b',
+     "Blocked: chmod 777 creates security vulnerability"),
+    (r'\bchmod\s+-R\s+777\b',
+     "Blocked: recursive chmod 777 creates security vulnerability"),
+    # Force push to main/master
+    (r'\bgit\s+push\s+.*--force.*\s+(origin\s+)?(main|master)\b',
+     "Blocked: force push to main/master destroys history"),
+    (r'\bgit\s+push\s+.*-f\s+.*\s+(origin\s+)?(main|master)\b',
+     "Blocked: force push to main/master destroys history"),
+    (r'\bgit\s+push\s+-f\s+(origin\s+)?(main|master)\b',
+     "Blocked: force push to main/master destroys history"),
+    (r'\bgit\s+push\s+--force\s+(origin\s+)?(main|master)\b',
+     "Blocked: force push to main/master destroys history"),
+    # System directory modification
+    (r'>\s*/usr/',
+     "Blocked: writing to /usr system directory"),
+    (r'>\s*/etc/',
+     "Blocked: writing to /etc system directory"),
+    (r'>\s*/bin/',
+     "Blocked: writing to /bin system directory"),
+    (r'>\s*/sbin/',
+     "Blocked: writing to /sbin system directory"),
+    # Disk formatting
+    (r'\bmkfs\.\w+',
+     "Blocked: disk formatting command"),
+    (r'\bdd\s+.*of=/dev/',
+     "Blocked: dd writing to device"),
+    # History manipulation
+    (r'\bgit\s+reset\s+--hard\s+origin/(main|master)\b',
+     "Blocked: hard reset to remote main/master - destructive operation"),
+]
+def check_command(command: str) -> tuple[bool, str]:
+    """Check if command matches any dangerous pattern.
+    Returns:
+        (is_dangerous, message)
+    """
+    for pattern, message in DANGEROUS_PATTERNS:
+        if re.search(pattern, command, re.IGNORECASE):
+            return True, message
+    return False, ""
+def main():
+    try:
+        input_data = json.load(sys.stdin)
+        tool_input = input_data.get("tool_input", {})
+        command = tool_input.get("command", "")
+        if not command:
+            sys.exit(0)
+        is_dangerous, message = check_command(command)
+        if is_dangerous:
+            # Output error message and exit 2 to block
+            print(json.dumps({
+                "error": message
+            }))
+            sys.exit(2)
+        # Allow command to proceed
+        sys.exit(0)
+    except json.JSONDecodeError:
+        # If we can't parse input, allow by default
+        sys.exit(0)
+    except Exception as e:
+        # Log error but don't block on hook failure
+        print(f"Hook error: {e}", file=sys.stderr)
+        sys.exit(0)
+if __name__ == "__main__":
+    main()

package/.devcontainer/plugins/devs-marketplace/plugins/notify-hook/.claude-plugin/plugin.json ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "name": "notify-hook",
+  "description": "Desktop notifications and audio chime when Claude finishes responding",
+  "author": {
+    "name": "AnExiledDev"
+  }
+}

package/.devcontainer/plugins/devs-marketplace/plugins/notify-hook/hooks/hooks.json ADDED Viewed

@@ -0,0 +1,16 @@
+{
+  "description": "Notification when Claude finishes responding",
+  "hooks": {
+    "Stop": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "/usr/local/bin/claude-notify",
+            "timeout": 5
+          }
+        ]
+      }
+    ]
+  }
+}

package/.devcontainer/plugins/devs-marketplace/plugins/planning-reminder/.claude-plugin/plugin.json ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "name": "planning-reminder",
+  "description": "Injects planning-first workflow reminder on every prompt",
+  "author": {
+    "name": "AnExiledDev"
+  }
+}

package/.devcontainer/plugins/devs-marketplace/plugins/planning-reminder/hooks/hooks.json ADDED Viewed

@@ -0,0 +1,17 @@
+{
+  "description": "Inject planning workflow reminder on user prompt submission",
+  "hooks": {
+    "UserPromptSubmit": [
+      {
+        "matcher": "*",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "echo '{\"systemMessage\": \"<system-reminder>If the user is asking a question rather than requesting implementation, respond directly and offer to create a plan if relevant. For implementation requests: if no plan exists or the previous plan is complete, use EnterPlanMode to gather requirements and design an approach before writing code. Use AskUserQuestion to clarify ambiguities. Only implement after explicit user approval.</system-reminder>\"}'",
+            "timeout": 5
+          }
+        ]
+      }
+    ]
+  }
+}

package/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/.claude-plugin/plugin.json ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "name": "protected-files-guard",
+  "description": "Blocks modifications to .env, lock files, .git/, and credentials",
+  "author": {
+    "name": "AnExiledDev"
+  }
+}

package/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/hooks/hooks.json ADDED Viewed

@@ -0,0 +1,17 @@
+{
+  "description": "Block modifications to protected files",
+  "hooks": {
+    "PreToolUse": [
+      {
+        "matcher": "Edit|Write",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "python3 ${CLAUDE_PLUGIN_ROOT}/scripts/guard-protected.py",
+            "timeout": 5
+          }
+        ]
+      }
+    ]
+  }
+}

package/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/scripts/guard-protected.py ADDED Viewed

@@ -0,0 +1,108 @@
+#!/usr/bin/env python3
+"""
+Block modifications to protected files.
+Reads tool input from stdin, checks file path against protected patterns.
+Exit code 2 blocks the edit with error message.
+Exit code 0 allows the edit to proceed.
+"""
+import json
+import re
+import sys
+# Patterns that should be protected from modification
+PROTECTED_PATTERNS = [
+    # Environment secrets
+    (r'(^|/)\.env$', "Blocked: .env contains secrets - edit manually if needed"),
+    (r'(^|/)\.env\.[^/]+$', "Blocked: .env.* files contain secrets - edit manually if needed"),
+    # Git internals
+    (r'(^|/)\.git/', "Blocked: .git/ directory is managed by git"),
+    # Lock files (should be modified via package manager)
+    (r'(^|/)package-lock\.json$', "Blocked: package-lock.json - use npm install instead"),
+    (r'(^|/)yarn\.lock$', "Blocked: yarn.lock - use yarn install instead"),
+    (r'(^|/)pnpm-lock\.yaml$', "Blocked: pnpm-lock.yaml - use pnpm install instead"),
+    (r'(^|/)Gemfile\.lock$', "Blocked: Gemfile.lock - use bundle install instead"),
+    (r'(^|/)poetry\.lock$', "Blocked: poetry.lock - use poetry install instead"),
+    (r'(^|/)Cargo\.lock$', "Blocked: Cargo.lock - use cargo build instead"),
+    (r'(^|/)composer\.lock$', "Blocked: composer.lock - use composer install instead"),
+    (r'(^|/)uv\.lock$', "Blocked: uv.lock - use uv sync instead"),
+    # Certificates and keys
+    (r'\.pem$', "Blocked: .pem files contain sensitive cryptographic material"),
+    (r'\.key$', "Blocked: .key files contain sensitive cryptographic material"),
+    (r'\.crt$', "Blocked: .crt certificate files should not be edited directly"),
+    (r'\.p12$', "Blocked: .p12 files contain sensitive cryptographic material"),
+    (r'\.pfx$', "Blocked: .pfx files contain sensitive cryptographic material"),
+    # Credential files
+    (r'(^|/)credentials\.json$', "Blocked: credentials.json contains secrets"),
+    (r'(^|/)secrets\.yaml$', "Blocked: secrets.yaml contains secrets"),
+    (r'(^|/)secrets\.yml$', "Blocked: secrets.yml contains secrets"),
+    (r'(^|/)secrets\.json$', "Blocked: secrets.json contains secrets"),
+    (r'(^|/)\.secrets$', "Blocked: .secrets file contains secrets"),
+    # Auth directories and files
+    (r'(^|/)\.ssh/', "Blocked: .ssh/ contains sensitive authentication data"),
+    (r'(^|/)\.aws/', "Blocked: .aws/ contains AWS credentials"),
+    (r'(^|/)\.netrc$', "Blocked: .netrc contains authentication credentials"),
+    (r'(^|/)\.npmrc$', "Blocked: .npmrc may contain auth tokens - edit manually if needed"),
+    (r'(^|/)\.pypirc$', "Blocked: .pypirc contains PyPI credentials"),
+    # Other sensitive files
+    (r'(^|/)id_rsa', "Blocked: SSH private key file"),
+    (r'(^|/)id_ed25519', "Blocked: SSH private key file"),
+    (r'(^|/)id_ecdsa', "Blocked: SSH private key file"),
+]
+def check_path(file_path: str) -> tuple[bool, str]:
+    """Check if file path matches any protected pattern.
+    Returns:
+        (is_protected, message)
+    """
+    # Normalize path for consistent matching
+    normalized = file_path.replace('\\', '/')
+    for pattern, message in PROTECTED_PATTERNS:
+        if re.search(pattern, normalized, re.IGNORECASE):
+            return True, message
+    return False, ""
+def main():
+    try:
+        input_data = json.load(sys.stdin)
+        tool_input = input_data.get("tool_input", {})
+        file_path = tool_input.get("file_path", "")
+        if not file_path:
+            sys.exit(0)
+        is_protected, message = check_path(file_path)
+        if is_protected:
+            # Output error message and exit 2 to block
+            print(json.dumps({
+                "error": message
+            }))
+            sys.exit(2)
+        # Allow edit to proceed
+        sys.exit(0)
+    except json.JSONDecodeError:
+        # If we can't parse input, allow by default
+        sys.exit(0)
+    except Exception as e:
+        # Log error but don't block on hook failure
+        print(f"Hook error: {e}", file=sys.stderr)
+        sys.exit(0)
+if __name__ == "__main__":
+    main()