deepflow 0.1.105 → 0.1.106

package/hooks/df-command-usage.js

@@ -18,24 +18,20 @@
 
 const fs = require('fs');
 const path = require('path');
+const { readStdinIfMain } = require('./lib/hook-stdin');
 
 const event = process.env.CLAUDE_HOOK_EVENT || '';
 
-// Read stdin for hook payload
-let raw = '';
-process.stdin.setEncoding('utf8');
-process.stdin.on('data', d => raw += d);
-process.stdin.on('end', () => {
+readStdinIfMain(module, (data) => {
   try {
-    main();
+    main(data);
   } catch (_e) {
     // REQ-8: never break Claude Code
   }
-  process.exit(0);
 });
 
-function main() {
-  const baseDir = findProjectDir();
+function main(data) {
+  const baseDir = findProjectDir(data);
   if (!baseDir) return;
 
   const deepflowDir = path.join(baseDir, '.deepflow');
@@ -44,20 +40,18 @@ function main() {
   const tokenHistoryPath = path.join(deepflowDir, 'token-history.jsonl');
 
   if (event === 'PreToolUse') {
-    handlePreToolUse(deepflowDir, markerPath, usagePath, tokenHistoryPath);
+    handlePreToolUse(data, deepflowDir, markerPath, usagePath, tokenHistoryPath);
   } else if (event === 'PostToolUse') {
-    handlePostToolUse(markerPath);
+    handlePostToolUse(data, markerPath);
   } else if (event === 'SessionStart') {
-    handleSessionStart(markerPath, usagePath, tokenHistoryPath);
+    handleSessionStart(data, markerPath, usagePath, tokenHistoryPath);
   } else if (event === 'SessionEnd') {
     handleSessionEnd(deepflowDir, markerPath, usagePath, tokenHistoryPath);
   }
 }
 
-function handlePreToolUse(deepflowDir, markerPath, usagePath, tokenHistoryPath) {
-  let payload;
-  try { payload = JSON.parse(raw); } catch { return; }
-
+function handlePreToolUse(data, deepflowDir, markerPath, usagePath, tokenHistoryPath) {
+  const payload = data;
   const toolName = payload.tool_name || '';
   const toolInput = payload.tool_input || {};
 
@@ -96,12 +90,11 @@ function handlePreToolUse(deepflowDir, markerPath, usagePath, tokenHistoryPath)
   safeWriteFile(markerPath, JSON.stringify(marker, null, 2));
 }
 
-function handlePostToolUse(markerPath) {
+function handlePostToolUse(data, markerPath) {
   if (!safeExists(markerPath)) return;
 
   // Don't count the Skill call itself (the one that opened the marker)
-  let payload;
-  try { payload = JSON.parse(raw); } catch { return; }
+  const payload = data;
   const toolName = payload.tool_name || '';
   const toolInput = payload.tool_input || {};
   if (toolName === 'Skill' && (toolInput.skill || '').startsWith('df:')) return;
@@ -119,10 +112,9 @@ function handlePostToolUse(markerPath) {
  * On /clear or /compact, context resets — close any orphaned marker.
  * Only fires for source=clear|compact (not startup/resume).
  */
-function handleSessionStart(markerPath, usagePath, tokenHistoryPath) {
+function handleSessionStart(data, markerPath, usagePath, tokenHistoryPath) {
   if (!safeExists(markerPath)) return;
-  let payload;
-  try { payload = JSON.parse(raw); } catch { return; }
+  const payload = data;
   const source = payload.source || '';
   if (source === 'clear' || source === 'compact') {
     closeCommand(markerPath, usagePath, tokenHistoryPath);
@@ -250,11 +242,10 @@ function parseTranscriptOutputTokens(transcriptPath, offset) {
 /**
  * Find the project directory from hook payload or environment.
  */
-function findProjectDir() {
+function findProjectDir(data) {
   try {
-    const payload = JSON.parse(raw);
-    if (payload.cwd) return payload.cwd;
-    if (payload.workspace && payload.workspace.current_dir) return payload.workspace.current_dir;
+    if (data && data.cwd) return data.cwd;
+    if (data && data.workspace && data.workspace.current_dir) return data.workspace.current_dir;
   } catch (_e) {
     // fall through
   }

package/hooks/df-execution-history.js

@@ -14,6 +14,7 @@
 
 const fs = require('fs');
 const path = require('path');
+const { readStdinIfMain } = require('./lib/hook-stdin');
 
 /**
  * Extract task_id from Agent prompt.
@@ -61,61 +62,50 @@ function resolveProjectRoot(cwd) {
   return cwd;
 }
 
-// Read all stdin, then process
-let raw = '';
-process.stdin.setEncoding('utf8');
-process.stdin.on('data', chunk => { raw += chunk; });
-process.stdin.on('end', () => {
-  try {
-    const data = JSON.parse(raw);
-
-    // Only fire for Agent tool calls
-    if (data.tool_name !== 'Agent') {
-      process.exit(0);
-    }
-
-    const prompt = (data.tool_input && data.tool_input.prompt) || '';
-    const taskId = extractTaskId(prompt);
-
-    // Only record if we have a task_id
-    if (!taskId) {
-      process.exit(0);
-    }
-
-    const cwd = data.cwd || process.cwd();
-    const projectRoot = resolveProjectRoot(cwd);
-    const historyFile = path.join(projectRoot, '.deepflow', 'execution-history.jsonl');
-
-    const timestamp = new Date().toISOString();
-    const sessionId = data.session_id || null;
-    const spec = extractSpec(prompt);
-    const status = extractStatus(data.tool_response);
-
-    const startRecord = {
-      type: 'task_start',
-      task_id: taskId,
-      spec,
-      session_id: sessionId,
-      timestamp,
-    };
+readStdinIfMain(module, (data) => {
+  // Only fire for Agent tool calls
+  if (data.tool_name !== 'Agent') {
+    return;
+  }
 
-    const endRecord = {
-      type: 'task_end',
-      task_id: taskId,
-      session_id: sessionId,
-      status,
-      timestamp,
-    };
+  const prompt = (data.tool_input && data.tool_input.prompt) || '';
+  const taskId = extractTaskId(prompt);
 
-    const logDir = path.dirname(historyFile);
-    if (!fs.existsSync(logDir)) {
-      fs.mkdirSync(logDir, { recursive: true });
-    }
+  // Only record if we have a task_id
+  if (!taskId) {
+    return;
+  }
 
-    fs.appendFileSync(historyFile, JSON.stringify(startRecord) + '\n');
-    fs.appendFileSync(historyFile, JSON.stringify(endRecord) + '\n');
-  } catch (_e) {
-    // Fail silently — never break tool execution (REQ-8)
+  const cwd = data.cwd || process.cwd();
+  const projectRoot = resolveProjectRoot(cwd);
+  const historyFile = path.join(projectRoot, '.deepflow', 'execution-history.jsonl');
+
+  const timestamp = new Date().toISOString();
+  const sessionId = data.session_id || null;
+  const spec = extractSpec(prompt);
+  const status = extractStatus(data.tool_response);
+
+  const startRecord = {
+    type: 'task_start',
+    task_id: taskId,
+    spec,
+    session_id: sessionId,
+    timestamp,
+  };
+
+  const endRecord = {
+    type: 'task_end',
+    task_id: taskId,
+    session_id: sessionId,
+    status,
+    timestamp,
+  };
+
+  const logDir = path.dirname(historyFile);
+  if (!fs.existsSync(logDir)) {
+    fs.mkdirSync(logDir, { recursive: true });
   }
-  process.exit(0);
+
+  fs.appendFileSync(historyFile, JSON.stringify(startRecord) + '\n');
+  fs.appendFileSync(historyFile, JSON.stringify(endRecord) + '\n');
 });

package/hooks/df-explore-protocol.js

@@ -18,6 +18,7 @@
 const fs = require('fs');
 const path = require('path');
 const os = require('os');
+const { readStdinIfMain } = require('./lib/hook-stdin');
 
 /**
  * Locate the explore-protocol.md template.
@@ -34,50 +35,40 @@ function findProtocol(cwd) {
   return null;
 }
 
-let raw = '';
-process.stdin.setEncoding('utf8');
-process.stdin.on('data', chunk => raw += chunk);
-process.stdin.on('end', () => {
-  try {
-    const payload = JSON.parse(raw);
-    const { tool_name, tool_input, cwd } = payload;
+readStdinIfMain(module, (payload) => {
+  const { tool_name, tool_input, cwd } = payload;
 
-    // Only intercept Agent calls with subagent_type "Explore"
-    if (tool_name !== 'Agent') {
-      process.exit(0);
-    }
-    const subagentType = (tool_input.subagent_type || '').toLowerCase();
-    if (subagentType !== 'explore') {
-      process.exit(0);
-    }
+  // Only intercept Agent calls with subagent_type "Explore"
+  if (tool_name !== 'Agent') {
+    return;
+  }
+  const subagentType = (tool_input.subagent_type || '').toLowerCase();
+  if (subagentType !== 'explore') {
+    return;
+  }
 
-    const protocolPath = findProtocol(cwd || process.cwd());
-    if (!protocolPath) {
-      // No template found — allow without modification
-      process.exit(0);
-    }
+  const protocolPath = findProtocol(cwd || process.cwd());
+  if (!protocolPath) {
+    // No template found — allow without modification
+    return;
+  }
 
-    const protocol = fs.readFileSync(protocolPath, 'utf8').trim();
-    const originalPrompt = tool_input.prompt || '';
+  const protocol = fs.readFileSync(protocolPath, 'utf8').trim();
+  const originalPrompt = tool_input.prompt || '';
 
-    // Append protocol as a system-level suffix the agent must follow
-    const updatedPrompt = `${originalPrompt}\n\n---\n## Search Protocol (auto-injected — MUST follow)\n\n${protocol}`;
+  // Append protocol as a system-level suffix the agent must follow
+  const updatedPrompt = `${originalPrompt}\n\n---\n## Search Protocol (auto-injected — MUST follow)\n\n${protocol}`;
 
-    const result = {
-      hookSpecificOutput: {
-        hookEventName: 'PreToolUse',
-        permissionDecision: 'allow',
-        updatedInput: {
-          ...tool_input,
-          prompt: updatedPrompt,
-        },
+  const result = {
+    hookSpecificOutput: {
+      hookEventName: 'PreToolUse',
+      permissionDecision: 'allow',
+      updatedInput: {
+        ...tool_input,
+        prompt: updatedPrompt,
       },
-    };
+    },
+  };
 
-    process.stdout.write(JSON.stringify(result));
-    process.exit(0);
-  } catch {
-    // Never break Claude Code
-    process.exit(0);
-  }
+  process.stdout.write(JSON.stringify(result));
 });

package/hooks/df-invariant-check.js

@@ -18,6 +18,7 @@ const fs = require('fs');
 const path = require('path');
 const { execFileSync } = require('child_process');
 const { extractSection } = require('./df-spec-lint');
+const { readStdinIfMain } = require('./lib/hook-stdin');
 
 // ── LSP availability check (REQ-5, AC-11) ────────────────────────────────────
 
@@ -141,6 +142,7 @@ const TAGS = {
   STUB: 'STUB',               // Incomplete stub left in production code
   PHANTOM: 'PHANTOM',         // Reference to non-existent symbol/file/function
   SCOPE_GAP: 'SCOPE_GAP',     // Implementation goes beyond or falls short of spec scope
+  CONFIG_GUARD: 'CONFIG_GUARD', // config.yaml/yml modified inside a worktree path
 };
 
 // ── Diff parsing ──────────────────────────────────────────────────────────────
@@ -947,6 +949,43 @@ function formatOutput(results) {
 
 // ── Core API ──────────────────────────────────────────────────────────────────
 
+/**
+ * REQ-3: Guard against creation or modification of .deepflow/config.yaml (or config.yml)
+ * inside worktree paths. Agents must never alter project-level config from a worktree.
+ *
+ * Matches `+++ b/` diff header lines whose path contains `.deepflow/config.yaml` or
+ * `.deepflow/config.yml`, regardless of worktree depth.
+ *
+ * Always HARD severity — no advisory variant. Tag: [CONFIG_GUARD]
+ *
+ * @param {Array} files - Parsed diff files
+ * @param {string} specContent - Raw spec markdown (unused, kept for uniform signature)
+ * @param {string} taskType - Task type (unused, check always runs)
+ * @returns {Array<{ file: string, line: number, tag: string, description: string }>}
+ */
+function checkConfigYamlGuard(files, specContent, taskType) { // eslint-disable-line no-unused-vars
+  const violations = [];
+
+  // Pattern matches .deepflow/config.yaml or .deepflow/config.yml anywhere in the path,
+  // which covers worktree sub-paths like .claude/worktrees/agent-xyz/.deepflow/config.yaml
+  const CONFIG_PATTERN = /\.deepflow\/config\.ya?ml$/;
+
+  for (const f of files) {
+    if (CONFIG_PATTERN.test(f.file)) {
+      violations.push({
+        file: f.file,
+        line: 1,
+        tag: TAGS.CONFIG_GUARD,
+        description:
+          `[CONFIG_GUARD] Modification of "${f.file}" detected inside a worktree. ` +
+          'Agents must not create or modify .deepflow/config.yaml from within a worktree.',
+      });
+    }
+  }
+
+  return violations;
+}
+
 /**
  * Check implementation diffs against spec invariants.
  *
@@ -1011,6 +1050,10 @@ function checkInvariants(diff, specContent, opts = {}) {
   const reqOnlyInTestsViolations = checkReqOnlyInTests(files, specContent, taskType);
   hard.push(...reqOnlyInTestsViolations);
 
+  // REQ-3: config.yaml guard — always hard, no advisory variant
+  const configGuardViolations = checkConfigYamlGuard(files, specContent, taskType);
+  hard.push(...configGuardViolations);
+
   // ── Auto-mode escalation (REQ-9) ─────────────────────────────────────────
   // In auto mode (non-interactive CI/hook runs), all advisory items are promoted
   // to hard failures so the pipeline blocks on any violation.
@@ -1080,78 +1123,63 @@ function isGitCommitBash(toolName, toolInput) {
   return /git\s+commit\b/.test(cmd);
 }
 
-// Run hook mode when stdin is not a TTY (i.e., piped payload from Claude Code)
-if (!process.stdin.isTTY) {
-  let raw = '';
-  process.stdin.setEncoding('utf8');
-  process.stdin.on('data', (chunk) => { raw += chunk; });
-  process.stdin.on('end', () => {
-    let data;
-    try {
-      data = JSON.parse(raw);
-    } catch (_) {
-      // Not valid JSON — not a hook payload, exit silently
-      process.exit(0);
-    }
+// Run hook mode when called as main module (stdin payload from Claude Code).
+// readStdinIfMain guards against hanging when required by tests.
+readStdinIfMain(module, (data) => {
+  // CLI --invariants mode is handled separately below; if we're here,
+  // we got a JSON payload on stdin (PostToolUse hook invocation).
+  if (process.argv.includes('--invariants')) return;
 
-    try {
-      const toolName = data.tool_name || '';
-      const toolInput = data.tool_input || {};
+  const toolName = data.tool_name || '';
+  const toolInput = data.tool_input || {};
 
-      // Only run after a git commit bash call
-      if (!isGitCommitBash(toolName, toolInput)) {
-        process.exit(0);
-      }
+  // Only run after a git commit bash call
+  if (!isGitCommitBash(toolName, toolInput)) {
+    process.exit(0);
+  }
 
-      const cwd = data.cwd || process.cwd();
+  const cwd = data.cwd || process.cwd();
 
-      const diff = extractDiffFromLastCommit(cwd);
-      if (!diff) {
-        // No diff available (e.g. initial commit) — pass through
-        process.exit(0);
-      }
+  const diff = extractDiffFromLastCommit(cwd);
+  if (!diff) {
+    // No diff available (e.g. initial commit) — pass through
+    process.exit(0);
+  }
 
-      const specContent = loadActiveSpec(cwd);
-      if (!specContent) {
-        // No active spec found — not a deepflow project or no spec in progress
-        process.exit(0);
-      }
+  const specContent = loadActiveSpec(cwd);
+  if (!specContent) {
+    // No active spec found — not a deepflow project or no spec in progress
+    process.exit(0);
+  }
 
-      const results = checkInvariants(diff, specContent, { mode: 'auto', taskType: 'implementation', projectRoot: cwd });
+  const results = checkInvariants(diff, specContent, { mode: 'auto', taskType: 'implementation', projectRoot: cwd });
 
-      if (results.hard.length > 0) {
-        console.error('[df-invariant-check] Hard invariant failures detected:');
-        const outputLines = formatOutput(results);
-        for (const line of outputLines) {
-          if (results.hard.some((v) => formatViolation(v) === line)) {
-            console.error(`  ${line}`);
-          }
-        }
-        process.exit(1);
-      }
-
-      if (results.advisory.length > 0) {
-        console.warn('[df-invariant-check] Advisory warnings:');
-        for (const v of results.advisory) {
-          console.warn(`  ${formatViolation(v)}`);
-        }
+  if (results.hard.length > 0) {
+    console.error('[df-invariant-check] Hard invariant failures detected:');
+    const outputLines = formatOutput(results);
+    for (const line of outputLines) {
+      if (results.hard.some((v) => formatViolation(v) === line)) {
+        console.error(`  ${line}`);
       }
+    }
+    process.exit(1);
+  }
 
-      process.exit(0);
-    } catch (_err) {
-      // Unexpected error — fail open so we never break non-deepflow projects
-      process.exit(0);
+  if (results.advisory.length > 0) {
+    console.warn('[df-invariant-check] Advisory warnings:');
+    for (const v of results.advisory) {
+      console.warn(`  ${formatViolation(v)}`);
     }
-  });
-} else {
+  }
+});
 
 // ── CLI entry point (REQ-6) ───────────────────────────────────────────────────
-if (require.main === module) {
+if (require.main === module && process.argv.includes('--invariants')) {
   const args = process.argv.slice(2);
 
   // Parse --invariants <spec-path> <diff-file>
   const invariantsIdx = args.indexOf('--invariants');
-  if (invariantsIdx === -1 || args.length < invariantsIdx + 3) {
+  if (args.length < invariantsIdx + 3) {
     console.error('Usage: df-invariant-check.js --invariants <spec-file.md> <diff-file>');
     console.error('');
     console.error('Options:');
@@ -1216,8 +1244,6 @@ if (require.main === module) {
   process.exit(results.hard.length > 0 ? 1 : 0);
 }
 
-} // end else (TTY / CLI mode)
-
 module.exports = {
   checkInvariants,
   checkLspAvailability,
@@ -1231,4 +1257,5 @@ module.exports = {
   checkReqOnlyInTests,
   checkPhantoms,
   checkScopeGaps,
+  checkConfigYamlGuard,
 };