create-tigra 2.1.1 → 2.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/template/_claude/hooks/restrict-paths.sh +8 -26
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "create-tigra",
3
- "version": "2.1.1",
3
+ "version": "2.1.2",
4
4
  "type": "module",
5
5
  "description": "Create a production-ready full-stack app with Next.js 16 + Fastify 5 + Prisma + Redis",
6
6
  "bin": {
package/template/_claude/hooks/restrict-paths.sh CHANGED
@@ -3,6 +3,9 @@
3
3
  # Claude can always READ any file for full project context.
4
4
  # Only Edit/Write operations are blocked on the other side's directory.
5
5
  #
6
+ # NOTE: settings.json matcher already filters for Edit|Write only,
7
+ # so this script does NOT need to check the tool name.
8
+ #
6
9
  # To switch roles, either:
7
10
  # 1. Edit .developer-role and type: frontend, backend, or fullstack
8
11
  # 2. Use /role command in Claude
@@ -23,32 +26,9 @@ if [ -z "$ROLE" ] || [ "$ROLE" = "fullstack" ]; then
23
26
  exit 0
24
27
  fi
25
28
 
26
- # Read stdin (JSON from Claude Code)
29
+ # Read the full JSON input from Claude Code
27
30
  INPUT=$(cat)
28
31
 
29
- # Extract tool_name from JSON
30
- TOOL_NAME=$(echo "$INPUT" | grep -oP '"tool_name"\s*:\s*"[^"]*"' | head -1 | sed 's/.*:.*"\(.*\)"/\1/')
31
-
32
- # Only block write operations (Edit, Write). Allow Read, Glob, Grep.
33
- if [ "$TOOL_NAME" != "Edit" ] && [ "$TOOL_NAME" != "Write" ]; then
34
- exit 0
35
- fi
36
-
37
- # Extract file_path or path from JSON
38
- FILE_PATH=""
39
- for field in file_path path; do
40
- value=$(echo "$INPUT" | grep -oP "\"${field}\"\s*:\s*\"[^\"]*\"" | head -1 | sed 's/.*:.*"\(.*\)"/\1/')
41
- if [ -n "$value" ]; then
42
- FILE_PATH="$value"
43
- break
44
- fi
45
- done
46
-
47
- # No file path found = allow
48
- if [ -z "$FILE_PATH" ]; then
49
- exit 0
50
- fi
51
-
52
32
  deny_with_reason() {
53
33
  cat <<DENY_EOF
54
34
  {"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"deny","permissionDecisionReason":"$1"}}
@@ -56,12 +36,14 @@ DENY_EOF
56
36
  exit 0
57
37
  }
58
38
 
39
+ # Simple path check against the raw JSON input.
40
+ # No JSON parsing needed — just check if the input contains server/ or client/ paths.
59
41
  if [ "$ROLE" = "frontend" ]; then
60
- if echo "$FILE_PATH" | grep -qiE "(^|/|\\\\)server(/|\\\\|$)"; then
42
+ if echo "$INPUT" | grep -qiE "server[/\\\\]"; then
61
43
  deny_with_reason "BLOCKED: Role is set to frontend. You can read server/ files but cannot modify them. Only the backend developer can edit server/ code."
62
44
  fi
63
45
  elif [ "$ROLE" = "backend" ]; then
64
- if echo "$FILE_PATH" | grep -qiE "(^|/|\\\\)client(/|\\\\|$)"; then
46
+ if echo "$INPUT" | grep -qiE "client[/\\\\]"; then
65
47
  deny_with_reason "BLOCKED: Role is set to backend. You can read client/ files but cannot modify them. Only the frontend developer can edit client/ code."
66
48
  fi
67
49
  fi