hardstop 1.4.2 ā†’ 1.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/.claude-plugin/marketplace.json +1 -1
  2. package/.claude-plugin/plugin.json +1 -1
  3. package/CHANGELOG.md +21 -0
  4. package/README.md +5 -2
  5. package/bin/install.js +1 -1
  6. package/bin/postinstall.js +10 -0
  7. package/commands/hs_cmd.py +5 -0
  8. package/hooks/pre_tool_use.py +13 -0
  9. package/package.json +2 -2
package/.claude-plugin/marketplace.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "$schema": "https://claude.ai/schemas/plugin-manifest-v1.json",
3
3
  "name": "hardstop",
4
- "version": "1.4.2",
4
+ "version": "1.4.3",
5
5
  "description": "Pre-execution safety layer that blocks dangerous shell commands and credential file reads using pattern matching + LLM analysis. Fail-closed design.",
6
6
  "author": "Francesco Marinoni Moretto",
7
7
  "license": "CC-BY-4.0",
package/.claude-plugin/plugin.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "hs",
3
- "version": "1.4.2",
3
+ "version": "1.4.3",
4
4
  "description": "Pre-execution safety layer that blocks dangerous shell commands and credential file reads using pattern matching + LLM analysis. Fail-closed design.",
5
5
  "author": {
6
6
  "name": "Francesco Marinoni Moretto",
package/CHANGELOG.md CHANGED
@@ -2,6 +2,27 @@
2
2
 
3
3
  All notable changes to Hardstop will be documented in this file.
4
4
 
5
+ ## [1.4.3] - 2026-02-14
6
+
7
+ ### Growth Features
8
+
9
+ Adds GitHub star calls-to-action at key user touchpoints.
10
+
11
+ ### Added
12
+ - **bin/postinstall.js**: Post-install message with GitHub star CTA
13
+ - Shows after `npm install hardstop`
14
+ - Welcomes users and directs to quick start
15
+ - **hooks/pre_tool_use.py**: First-block celebration message
16
+ - Shows once per installation after first blocked command
17
+ - "šŸŽ‰ Hardstop just protected you!" with star link
18
+ - **commands/hs_cmd.py**: GitHub star CTA in `/hs status` output
19
+ - Reminds users to star when checking status
20
+ - **README.md**: GitHub stars badge and prominent CTA
21
+ - Social proof badge showing current star count
22
+ - "šŸ‘‰ Star on GitHub if Hardstop keeps you safe!"
23
+
24
+ ---
25
+
5
26
  ## [1.4.2] - 2026-02-14
6
27
 
7
28
  ### UX Workflow Enhancement & Ecosystem Cross-Links
package/README.md CHANGED
@@ -2,6 +2,7 @@
2
2
 
3
3
  [![npm version](https://img.shields.io/npm/v/hardstop.svg)](https://www.npmjs.com/package/hardstop)
4
4
  [![npm downloads](https://img.shields.io/npm/dm/hardstop.svg)](https://www.npmjs.com/package/hardstop)
5
+ [![GitHub stars](https://img.shields.io/github/stars/frmoretto/hardstop?style=social)](https://github.com/frmoretto/hardstop/stargazers)
5
6
  [![license](https://img.shields.io/npm/l/hardstop.svg)](LICENSE)
6
7
  [![node](https://img.shields.io/node/v/hardstop.svg)](https://www.npmjs.com/package/hardstop)
7
8
  [![Tests](https://github.com/frmoretto/hardstop/workflows/Tests/badge.svg)](https://github.com/frmoretto/hardstop/actions/workflows/test.yml)
@@ -10,6 +11,8 @@
10
11
  [![Platform](https://img.shields.io/badge/platform-macOS_%7C_Linux_%7C_Windows-lightgrey)](https://github.com/frmoretto/hardstop)
11
12
  [![SLSA Provenance](https://img.shields.io/badge/SLSA-Build_Provenance-green?logo=sigstore)](https://github.com/frmoretto/hardstop/attestations)
12
13
 
14
+ > šŸ‘‰ **[ā­ Star on GitHub](https://github.com/frmoretto/hardstop)** if Hardstop keeps you safe!
15
+
13
16
  Pre-execution safety validation for AI coding agents. Validates every shell command against 428 security patterns before execution ā€” blocking destructive operations, credential theft, infrastructure teardown, and prompt injection. Fail-closed: blocks by default when uncertain.
14
17
 
15
18
  **Ecosystem:** The detection patterns are published separately as [hardstop-patterns](https://www.npmjs.com/package/hardstop-patterns) ([GitHub](https://github.com/frmoretto/hardstop-patterns)) ā€” reusable in any Node.js tool.
@@ -46,7 +49,7 @@ $ Read ~/.aws/credentials
46
49
 
47
50
  # You check the status
48
51
  $ /hs status
49
- Hardstop v1.4.2
52
+ Hardstop v1.4.3
50
53
  Status: šŸŸ¢ Enabled
51
54
  Session Risk: Moderate (35/100)
52
55
  Blocked: 2 commands this session
@@ -154,7 +157,7 @@ powershell -ExecutionPolicy Bypass -File install.ps1
154
157
 
155
158
  You should see:
156
159
  ```
157
- Hardstop v1.4.2
160
+ Hardstop v1.4.3
158
161
  Status: šŸŸ¢ Enabled
159
162
  Session Risk: Low (0/100)
160
163
  262 patterns loaded (MITRE ATT&CK mapped)
package/bin/install.js CHANGED
@@ -263,7 +263,7 @@ function getVersion() {
263
263
  } catch (e) {
264
264
  // Ignore errors
265
265
  }
266
- return 'v1.4.2';
266
+ return 'v1.4.3';
267
267
  }
268
268
 
269
269
  // Main installation flow
package/bin/postinstall.js ADDED
@@ -0,0 +1,10 @@
1
+ #!/usr/bin/env node
2
+
3
+ console.log('\nāœ… Hardstop installed successfully!\n');
4
+ console.log('šŸ›”ļø Your commands are now protected.\n');
5
+ console.log('ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”');
6
+ console.log('ā­ Star us on GitHub:');
7
+ console.log(' https://github.com/frmoretto/hardstop\n');
8
+ console.log('šŸ“š Quick start: npx hardstop install');
9
+ console.log('šŸ“– Documentation: https://github.com/frmoretto/hardstop#readme');
10
+ console.log('ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”\n');
package/commands/hs_cmd.py CHANGED
@@ -153,6 +153,11 @@ def cmd_status():
153
153
  except Exception:
154
154
  pass
155
155
 
156
+ # GitHub star CTA
157
+ print()
158
+ print(" ā­ Enjoying Hardstop? Star us on GitHub!")
159
+ print(" https://github.com/frmoretto/hardstop")
160
+
156
161
 
157
162
  def cmd_log():
158
163
  """Show recent audit log entries."""
package/hooks/pre_tool_use.py CHANGED
@@ -788,6 +788,19 @@ def block_command(message: str, command: str, layer: str, cwd: str, pattern_data
788
788
  }
789
789
 
790
790
  print(json.dumps(output))
791
+
792
+ # Show first-block message (once per installation)
793
+ first_block_file = STATE_DIR / "first_block_shown"
794
+ if not first_block_file.exists():
795
+ try:
796
+ print("\nā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”", file=sys.stderr)
797
+ print("šŸŽ‰ Hardstop just protected you from a dangerous command!", file=sys.stderr)
798
+ print("ā­ Enjoying it? Star us: https://github.com/frmoretto/hardstop", file=sys.stderr)
799
+ print("ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”\n", file=sys.stderr)
800
+ first_block_file.touch()
801
+ except:
802
+ pass # Don't fail if we can't write
803
+
791
804
  sys.exit(0)
792
805
 
793
806
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "hardstop",
3
- "version": "1.4.2",
3
+ "version": "1.4.3",
4
4
  "description": "Pre-execution safety layer for Claude Code - blocks dangerous commands before they run. Part of the Hardstop ecosystem.",
5
5
  "keywords": [
6
6
  "claude-code",
@@ -61,7 +61,7 @@
61
61
  },
62
62
  "scripts": {
63
63
  "test": "echo \"Use pytest for testing: cd hardstop && pytest tests/\"",
64
- "postinstall": "echo \"Run 'npx hardstop install' to install the plugin\""
64
+ "postinstall": "node bin/postinstall.js"
65
65
  },
66
66
  "dependencies": {},
67
67
  "devDependencies": {}