jettypod 4.4.62 → 4.4.64

package/claude-hooks/global-guardrails.js

@@ -156,8 +156,15 @@ function evaluateBashCommand(command, inputRef, cwd) {
     };
   }
 
-  // BLOCKED: Manual branch creation
-  if (/git\s+checkout\s+-b\b/.test(strippedCommand) || /git\s+branch\s+(?!-d|-D)/.test(strippedCommand)) {
+  // BLOCKED: Manual branch creation (but allow read-only git branch commands)
+  // git checkout -b <branch> - creates branch
+  // git branch <name> - creates branch (no flags)
+  // git branch -d/-D - deletes branch (allowed)
+  // git branch --show-current, -l, -a, -r, -v, --list, --merged, etc. - read-only (allowed)
+  const isBranchCreation =
+    /git\s+checkout\s+-b\b/.test(strippedCommand) ||
+    /git\s+branch\s+[^-\s][^\s]*\s*$/.test(strippedCommand); // git branch <name> with no flags
+  if (isBranchCreation) {
     return {
       allowed: false,
       message: 'Manual branch creation is blocked',
@@ -178,6 +185,19 @@ function evaluateBashCommand(command, inputRef, cwd) {
     }
   }
 
+  // BLOCKED: work merge or tests merge from inside a worktree
+  // This prevents shell CWD corruption when worktree is deleted
+  if (/jettypod\s+(work|tests)\s+merge\b/.test(strippedCommand)) {
+    const isInWorktree = cwd && cwd.includes('.jettypod-work');
+    if (isInWorktree) {
+      return {
+        allowed: false,
+        message: 'Cannot merge from inside a worktree',
+        hint: 'Merging deletes the worktree. Run from main repo: cd <main-repo-path> && jettypod work merge'
+      };
+    }
+  }
+
 
   // ALLOWED: Git read-only commands
   if (/git\s+(status|log|diff|show|branch\s*$|remote|fetch)\b/.test(strippedCommand)) {
@@ -215,7 +235,7 @@ function findDatabasePath(cwd) {
  * @param {string} cwd - Current working directory
  * @returns {string|null} Active worktree path or null
  */
-function getActiveWorktreePathFromDB(cwd) {
+function getActiveWorktreePathFromDB(cwd, filePath) {
   const dbPath = findDatabasePath(cwd);
   if (!dbPath) {
     debug('db_lookup', { status: 'no_db_found', cwd });
@@ -226,12 +246,17 @@ function getActiveWorktreePathFromDB(cwd) {
     // Try better-sqlite3 first
     const sqlite3 = require('better-sqlite3');
     const db = sqlite3(dbPath, { readonly: true });
-    const row = db.prepare(
-      `SELECT worktree_path FROM worktrees WHERE status = 'active' LIMIT 1`
-    ).get();
+    // Get ALL active worktrees, then find the one that contains our cwd
+    const rows = db.prepare(
+      `SELECT worktree_path FROM worktrees WHERE status = 'active'`
+    ).all();
     db.close();
-    const result = row ? row.worktree_path : null;
-    debug('db_lookup', { status: 'success', method: 'better-sqlite3', worktree: result });
+
+    // Find the worktree whose path is a prefix of cwd (we're inside it)
+    const normalizedFilePath = filePath ? path.resolve(cwd, filePath) : null;
+    const matchingWorktree = rows.find(row => cwd.startsWith(row.worktree_path) || (normalizedFilePath && normalizedFilePath.startsWith(row.worktree_path + path.sep)));
+    const result = matchingWorktree ? matchingWorktree.worktree_path : null;
+    debug('db_lookup', { status: 'success', method: 'better-sqlite3', worktree: result, candidates: rows.length });
     return result;
   } catch (err) {
     debug('db_lookup', { status: 'fallback', reason: err.message });
@@ -239,15 +264,20 @@ function getActiveWorktreePathFromDB(cwd) {
     const { spawnSync } = require('child_process');
     const result = spawnSync('sqlite3', [
       dbPath,
-      `SELECT worktree_path FROM worktrees WHERE status = 'active' LIMIT 1`
+      `-list`,
+      `SELECT worktree_path FROM worktrees WHERE status = 'active'`
     ], { encoding: 'utf-8' });
 
     if (result.error || result.status !== 0) {
       debug('db_lookup', { status: 'cli_failed', error: result.error?.message || 'non-zero exit' });
       return null;
     }
-    const worktree = result.stdout.trim() || null;
-    debug('db_lookup', { status: 'success', method: 'sqlite3-cli', worktree });
+    // Parse all worktree paths and find the one containing cwd
+    const paths = result.stdout.trim().split('\n').filter(Boolean);
+    const normalizedFilePath2 = filePath ? path.resolve(cwd, filePath) : null;
+    const matchingPath = paths.find(p => cwd.startsWith(p) || (normalizedFilePath2 && normalizedFilePath2.startsWith(p + path.sep)));
+    const worktree = matchingPath || null;
+    debug('db_lookup', { status: 'success', method: 'sqlite3-cli', worktree, candidates: paths.length });
     return worktree;
   }
 }
@@ -257,7 +287,7 @@ function getActiveWorktreePathFromDB(cwd) {
  */
 function evaluateWriteOperation(filePath, inputWorktreePath, cwd) {
   // Query database for active worktree, fall back to input if provided
-  const activeWorktreePath = getActiveWorktreePathFromDB(cwd) || inputWorktreePath;
+  const activeWorktreePath = getActiveWorktreePathFromDB(cwd, filePath) || inputWorktreePath;
 
   // Normalize paths
   const normalizedPath = path.resolve(cwd || '.', filePath);
@@ -270,24 +300,8 @@ function evaluateWriteOperation(filePath, inputWorktreePath, cwd) {
     normalizedWorktree
   });
 
-  // BLOCKED: Protected files (skills, hooks)
-  const protectedPatterns = [
-    /\.claude\/skills\//i,
-    /claude-hooks\//i,
-    /\.jettypod\/hooks\//i
-  ];
-
-  for (const pattern of protectedPatterns) {
-    if (pattern.test(normalizedPath) || pattern.test(filePath)) {
-      return {
-        allowed: false,
-        message: 'Protected file - cannot modify',
-        hint: 'Skill and hook files are protected. Modify them through proper channels.'
-      };
-    }
-  }
-
-  // Check if path is in a worktree
+  // Check if path is in a worktree FIRST
+  // This allows editing protected files (hooks, skills) in worktrees
   const isInWorktree = /\.jettypod-work\//.test(filePath) || /\.jettypod-work\//.test(normalizedPath);
 
   if (isInWorktree) {
@@ -316,6 +330,23 @@ function evaluateWriteOperation(filePath, inputWorktreePath, cwd) {
     };
   }
 
+  // BLOCKED: Protected files in main repo (skills, hooks)
+  const protectedPatterns = [
+    /\.claude\/skills\//i,
+    /claude-hooks\//i,
+    /\.jettypod\/hooks\//i
+  ];
+
+  for (const pattern of protectedPatterns) {
+    if (pattern.test(normalizedPath) || pattern.test(filePath)) {
+      return {
+        allowed: false,
+        message: 'Protected file - cannot modify',
+        hint: 'Skill and hook files are protected. Use jettypod work start to create a worktree first.'
+      };
+    }
+  }
+
   // BLOCKED: Write to main repo (not in worktree)
   return {
     allowed: false,

package/claude-hooks/production-mode-guardrails.js

@@ -0,0 +1,262 @@
+#!/usr/bin/env node
+/**
+ * Production Mode Guardrails Hook
+ *
+ * Blocks merge of the last production-mode chore until:
+ * 1. All BDD scenarios pass
+ * 2. Production standards validation passes
+ *
+ * This ensures production hardening is complete before deployment.
+ */
+
+const fs = require('fs');
+const path = require('path');
+const { spawnSync } = require('child_process');
+
+// Test mode: allows tests to control pass/fail state
+const TEST_MODE = process.env.PRODUCTION_GUARDRAIL_TEST_MODE === '1';
+const TEST_BDD_PASS = process.env.PRODUCTION_GUARDRAIL_BDD_PASS === '1';
+const TEST_STANDARDS_PASS = process.env.PRODUCTION_GUARDRAIL_STANDARDS_PASS === '1';
+const TEST_HAS_STANDARDS = process.env.PRODUCTION_GUARDRAIL_HAS_STANDARDS === '1';
+
+// Read hook input from stdin
+let input = '';
+process.stdin.on('data', chunk => input += chunk);
+process.stdin.on('end', async () => {
+  try {
+    const hookInput = JSON.parse(input);
+    const { tool_name, tool_input, cwd } = hookInput;
+
+    // Only check Bash commands
+    if (tool_name !== 'Bash') {
+      allow();
+      return;
+    }
+
+    const command = tool_input.command || '';
+
+    // Only check jettypod work merge commands
+    if (!/jettypod\s+work\s+merge/.test(command)) {
+      allow();
+      return;
+    }
+
+    // Extract chore ID from command
+    const choreIdMatch = command.match(/jettypod\s+work\s+merge\s+(\d+)/);
+    if (!choreIdMatch) {
+      // No explicit ID - allow (might be merging current work)
+      allow();
+      return;
+    }
+
+    const choreId = parseInt(choreIdMatch[1]);
+    const result = await checkProductionModeGuardrail(choreId, cwd);
+
+    if (result.allowed) {
+      allow();
+    } else {
+      deny(result.message, result.hint);
+    }
+  } catch (err) {
+    // Fail open on errors
+    allow();
+  }
+});
+
+/**
+ * Check if this merge should be blocked
+ */
+async function checkProductionModeGuardrail(choreId, cwd) {
+  const dbPath = findDatabasePath(cwd);
+  if (!dbPath) {
+    return { allowed: true };
+  }
+
+  try {
+    const sqlite3 = require('better-sqlite3');
+    const db = sqlite3(dbPath, { readonly: true });
+
+    // Get the chore and its parent feature
+    const chore = db.prepare(`
+      SELECT wi.id, wi.parent_id, parent.mode, parent.type as parent_type, parent.scenario_file
+      FROM work_items wi
+      LEFT JOIN work_items parent ON wi.parent_id = parent.id
+      WHERE wi.id = ?
+    `).get(choreId);
+
+    if (!chore) {
+      db.close();
+      return { allowed: true };
+    }
+
+    // If no parent or parent isn't a feature, allow
+    if (!chore.parent_id || chore.parent_type !== 'feature') {
+      db.close();
+      return { allowed: true };
+    }
+
+    // If feature mode isn't 'production', allow
+    if (chore.mode !== 'production') {
+      db.close();
+      return { allowed: true };
+    }
+
+    // Feature is in production mode - check if this is the last chore
+    const incompleteChores = db.prepare(`
+      SELECT COUNT(*) as count
+      FROM work_items
+      WHERE parent_id = ? AND type = 'chore' AND status NOT IN ('done', 'cancelled')
+    `).get(chore.parent_id);
+
+    // If there are other incomplete chores, allow this merge
+    if (incompleteChores.count > 1) {
+      db.close();
+      return { allowed: true };
+    }
+
+    // This is the last production-mode chore
+    const scenarioFile = chore.scenario_file;
+    db.close();
+
+    // Check 1: BDD tests must pass
+    if (scenarioFile) {
+      const testsPass = await runBddTests(scenarioFile, cwd);
+      if (!testsPass) {
+        return {
+          allowed: false,
+          message: 'Cannot merge last production-mode chore: BDD scenarios must pass',
+          hint: 'Run tests and fix failures before merging.'
+        };
+      }
+    }
+
+    // Check 2: Production standards validation must pass
+    const standardsPass = await validateProductionStandards(cwd);
+    if (!standardsPass) {
+      return {
+        allowed: false,
+        message: 'Cannot merge last production-mode chore: Production standards validation must pass',
+        hint: 'Run production standards validation and fix any gaps.'
+      };
+    }
+
+    // All checks pass
+    return { allowed: true };
+
+  } catch (err) {
+    // Fail open
+    return { allowed: true };
+  }
+}
+
+/**
+ * Run BDD tests and return whether they pass
+ */
+async function runBddTests(scenarioFile, cwd) {
+  // In test mode, use environment variable to control pass/fail
+  if (TEST_MODE) {
+    return TEST_BDD_PASS;
+  }
+
+  try {
+    const scenarioPath = path.resolve(cwd, scenarioFile);
+
+    // Check if scenario file exists
+    if (!fs.existsSync(scenarioPath)) {
+      return true;
+    }
+
+    // Run cucumber-js with the scenario file
+    const result = spawnSync('npx', ['cucumber-js', scenarioPath, '--format', 'summary'], {
+      cwd: cwd,
+      encoding: 'utf-8',
+      timeout: 60000
+    });
+
+    return result.status === 0;
+  } catch (err) {
+    return true;
+  }
+}
+
+/**
+ * Validate production standards
+ */
+async function validateProductionStandards(cwd) {
+  // In test mode, use environment variable to control pass/fail
+  if (TEST_MODE) {
+    // If no standards file in test mode, allow
+    if (!TEST_HAS_STANDARDS) {
+      return true;
+    }
+    return TEST_STANDARDS_PASS;
+  }
+
+  try {
+    // Check if production standards file exists
+    const standardsPath = path.join(cwd, '.jettypod', 'production-standards.json');
+    if (!fs.existsSync(standardsPath)) {
+      // No standards file = allow (nothing to validate)
+      return true;
+    }
+
+    // Read and validate standards
+    const standards = JSON.parse(fs.readFileSync(standardsPath, 'utf-8'));
+
+    // If no standards defined, allow
+    if (!standards.standards || standards.standards.length === 0) {
+      return true;
+    }
+
+    // Check if all standards are satisfied
+    // For now, we just check if the file exists and has standards
+    // More sophisticated validation would check each standard against implementation
+    return true;
+  } catch (err) {
+    return true;
+  }
+}
+
+/**
+ * Find the jettypod database path
+ */
+function findDatabasePath(cwd) {
+  let dir = cwd || process.cwd();
+  while (dir !== path.dirname(dir)) {
+    const dbPath = path.join(dir, '.jettypod', 'work.db');
+    if (fs.existsSync(dbPath)) {
+      return dbPath;
+    }
+    dir = path.dirname(dir);
+  }
+  return null;
+}
+
+/**
+ * Allow the action
+ */
+function allow() {
+  console.log(JSON.stringify({
+    hookSpecificOutput: {
+      hookEventName: "PreToolUse",
+      permissionDecision: "allow"
+    }
+  }));
+  process.exit(0);
+}
+
+/**
+ * Deny the action with explanation
+ */
+function deny(message, hint) {
+  const reason = `❌ ${message}\n\n💡 Hint: ${hint}`;
+
+  console.log(JSON.stringify({
+    hookSpecificOutput: {
+      hookEventName: "PreToolUse",
+      permissionDecision: "deny",
+      permissionDecisionReason: reason
+    }
+  }));
+  process.exit(0);
+}

package/claude-hooks/speed-mode-guardrails.js

@@ -0,0 +1,163 @@
+#!/usr/bin/env node
+/**
+ * Speed Mode Guardrails Hook
+ *
+ * Blocks merge of the last speed-mode chore until stable-mode transition happens.
+ * This ensures the speed→stable handoff is not skipped.
+ */
+
+const fs = require('fs');
+const path = require('path');
+
+// Read hook input from stdin
+let input = '';
+process.stdin.on('data', chunk => input += chunk);
+process.stdin.on('end', async () => {
+  try {
+    const hookInput = JSON.parse(input);
+    const { tool_name, tool_input, cwd } = hookInput;
+
+    // Only check Bash commands
+    if (tool_name !== 'Bash') {
+      allow();
+      return;
+    }
+
+    const command = tool_input.command || '';
+
+    // Only check jettypod work merge commands
+    if (!/jettypod\s+work\s+merge/.test(command)) {
+      allow();
+      return;
+    }
+
+    // Extract chore ID from command
+    const choreIdMatch = command.match(/jettypod\s+work\s+merge\s+(\d+)/);
+    if (!choreIdMatch) {
+      // No explicit ID - allow (might be merging current work)
+      allow();
+      return;
+    }
+
+    const choreId = parseInt(choreIdMatch[1]);
+    const result = await checkSpeedModeGuardrail(choreId, cwd);
+
+    if (result.allowed) {
+      allow();
+    } else {
+      deny(result.message, result.hint);
+    }
+  } catch (err) {
+    // Fail open on errors
+    allow();
+  }
+});
+
+/**
+ * Check if this merge should be blocked
+ */
+async function checkSpeedModeGuardrail(choreId, cwd) {
+  const dbPath = findDatabasePath(cwd);
+  if (!dbPath) {
+    return { allowed: true };
+  }
+
+  try {
+    const sqlite3 = require('better-sqlite3');
+    const db = sqlite3(dbPath, { readonly: true });
+
+    // Get the chore and its parent feature
+    const chore = db.prepare(`
+      SELECT wi.id, wi.parent_id, parent.mode, parent.type as parent_type
+      FROM work_items wi
+      LEFT JOIN work_items parent ON wi.parent_id = parent.id
+      WHERE wi.id = ?
+    `).get(choreId);
+
+    if (!chore) {
+      db.close();
+      return { allowed: true };
+    }
+
+    // If no parent or parent isn't a feature, allow
+    if (!chore.parent_id || chore.parent_type !== 'feature') {
+      db.close();
+      return { allowed: true };
+    }
+
+    // If feature mode isn't 'speed', allow
+    if (chore.mode !== 'speed') {
+      db.close();
+      return { allowed: true };
+    }
+
+    // Feature is in speed mode - check if this is the last chore
+    const incompleteChores = db.prepare(`
+      SELECT COUNT(*) as count
+      FROM work_items
+      WHERE parent_id = ? AND type = 'chore' AND status NOT IN ('done', 'cancelled')
+    `).get(chore.parent_id);
+
+    db.close();
+
+    // If there are other incomplete chores, allow this merge
+    if (incompleteChores.count > 1) {
+      return { allowed: true };
+    }
+
+    // This is the last speed-mode chore - block!
+    return {
+      allowed: false,
+      message: 'Cannot merge last speed-mode chore while feature is in speed mode',
+      hint: 'Generate stable-mode chores first. Use the speed-mode skill to complete the handoff.'
+    };
+
+  } catch (err) {
+    // Fail open
+    return { allowed: true };
+  }
+}
+
+/**
+ * Find the jettypod database path
+ */
+function findDatabasePath(cwd) {
+  let dir = cwd || process.cwd();
+  while (dir !== path.dirname(dir)) {
+    const dbPath = path.join(dir, '.jettypod', 'work.db');
+    if (fs.existsSync(dbPath)) {
+      return dbPath;
+    }
+    dir = path.dirname(dir);
+  }
+  return null;
+}
+
+/**
+ * Allow the action
+ */
+function allow() {
+  console.log(JSON.stringify({
+    hookSpecificOutput: {
+      hookEventName: "PreToolUse",
+      permissionDecision: "allow"
+    }
+  }));
+  process.exit(0);
+}
+
+/**
+ * Deny the action with explanation
+ */
+function deny(message, hint) {
+  const reason = `❌ ${message}\n\n💡 Hint: ${hint}`;
+
+  console.log(JSON.stringify({
+    hookSpecificOutput: {
+      hookEventName: "PreToolUse",
+      permissionDecision: "deny",
+      permissionDecisionReason: reason
+    }
+  }));
+  process.exit(0);
+}