npm - oh-my-customcode - Versions diffs - 0.125.0 → 0.126.0 - Mend

oh-my-customcode 0.125.0 → 0.126.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/cli/index.js +4 -2
package/dist/index.js +4 -2
package/package.json +4 -2
package/templates/.claude/rules/MUST-agent-design.md +7 -2
package/templates/.claude/rules/MUST-orchestrator-coordination.md +6 -33
package/templates/.claude/rules/MUST-permissions.md +3 -1
package/templates/CLAUDE.md +1 -0
package/templates/manifest.json +3 -1

package/dist/cli/index.js CHANGED Viewed

@@ -2334,7 +2334,7 @@ var init_package = __esm(() => {
     workspaces: [
       "packages/*"
     ],
-    version: "0.125.0",
+    version: "0.126.0",
     description: "Batteries-included agent harness for Claude Code",
     type: "module",
     bin: {
@@ -2382,7 +2382,7 @@ var init_package = __esm(() => {
       yaml: "^2.8.2"
     },
     devDependencies: {
-      "@anthropic-ai/sdk": "^0.90.0",
+      "@anthropic-ai/sdk": "^0.92.0",
       "@biomejs/biome": "^2.3.12",
       "@types/bun": "^1.3.6",
       "@types/js-yaml": "^4.0.9",
@@ -2413,6 +2413,8 @@ var init_package = __esm(() => {
     engines: {
       node: ">=18.0.0"
     },
+    omcustomMinClaudeCode: "2.1.121",
+    omcustomMinClaudeCodeReason: "Sensitive-path direct Write/Edit on .claude/** under bypassPermissions (R010 deprecation, #1101)",
     overrides: {
       rollup: "^4.59.0",
       esbuild: "^0.25.0"

package/dist/index.js CHANGED Viewed

@@ -2014,7 +2014,7 @@ var package_default = {
   workspaces: [
     "packages/*"
   ],
-  version: "0.125.0",
+  version: "0.126.0",
   description: "Batteries-included agent harness for Claude Code",
   type: "module",
   bin: {
@@ -2062,7 +2062,7 @@ var package_default = {
     yaml: "^2.8.2"
   },
   devDependencies: {
-    "@anthropic-ai/sdk": "^0.90.0",
+    "@anthropic-ai/sdk": "^0.92.0",
     "@biomejs/biome": "^2.3.12",
     "@types/bun": "^1.3.6",
     "@types/js-yaml": "^4.0.9",
@@ -2093,6 +2093,8 @@ var package_default = {
   engines: {
     node: ">=18.0.0"
   },
+  omcustomMinClaudeCode: "2.1.121",
+  omcustomMinClaudeCodeReason: "Sensitive-path direct Write/Edit on .claude/** under bypassPermissions (R010 deprecation, #1101)",
   overrides: {
     rollup: "^4.59.0",
     esbuild: "^0.25.0"

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "workspaces": [
     "packages/*"
   ],
-  "version": "0.125.0",
+  "version": "0.126.0",
   "description": "Batteries-included agent harness for Claude Code",
   "type": "module",
   "bin": {
@@ -51,7 +51,7 @@
     "yaml": "^2.8.2"
   },
   "devDependencies": {
-    "@anthropic-ai/sdk": "^0.90.0",
+    "@anthropic-ai/sdk": "^0.92.0",
     "@biomejs/biome": "^2.3.12",
     "@types/bun": "^1.3.6",
     "@types/js-yaml": "^4.0.9",
@@ -82,6 +82,8 @@
   "engines": {
     "node": ">=18.0.0"
   },
+  "omcustomMinClaudeCode": "2.1.121",
+  "omcustomMinClaudeCodeReason": "Sensitive-path direct Write/Edit on .claude/** under bypassPermissions (R010 deprecation, #1101)",
   "overrides": {
     "rollup": "^4.59.0",
     "esbuild": "^0.25.0"

package/templates/.claude/rules/MUST-agent-design.md CHANGED Viewed

@@ -244,9 +244,14 @@ Skills persist output to `.claude/outputs/sessions/{YYYY-MM-DD}/{skill-name}-{HH
 ### Sensitive Path Handling
-CC treats `.claude/` as a sensitive directory, enforced across **all tool categories** — Bash, Write, and Edit. The sensitive-path check runs **above** `bypassPermissions` and explicit allow rules (e.g., `Write(.claude/**)`), so operations on sensitive paths may trigger permission prompts regardless of settings.
+> **Status (CC v2.1.121+)**: `.claude/`, `.git/`, `.vscode/` direct Write/Edit/Bash works without prompts under `mode: "bypassPermissions"`. The historical `/tmp/*.sh` bypass pattern is deprecated. See #1101.
-**Key rule**: `.claude/` Bash/Write/Edit triggers sensitive-path prompt regardless of allow rules. Only bypass: use `/tmp/*.sh` scripts via Bash. See full behavior table and recommended practice via Read tool.
+Current CC behavior: under `bypassPermissions`, all `.claude/**` paths (including `.claude/outputs/**`, `.claude/agents/**`, `.claude/skills/**`, `.claude/rules/**`, `templates/.claude/**`) accept Write/Edit/Bash directly. Catastrophic shell operations remain blocked by independent safety guards.
+**Recommended practice**:
+1. Pass `mode: "bypassPermissions"` on every Agent tool call (R010 Universal bypassPermissions)
+2. Use Write/Edit directly for `.claude/**` paths — no `/tmp/*.sh` wrapping needed
+3. For CC < v2.1.121: see git history of this section (pre-v0.126.0) for the legacy bypass pattern
 <!-- DETAIL: Sensitive Path Behavior table and Recommended practice
 #### Sensitive Path Behavior

package/templates/.claude/rules/MUST-orchestrator-coordination.md CHANGED Viewed

@@ -257,44 +257,17 @@ Before spawning any agent:
 ```
-## Universal /tmp Script Bypass for Sensitive Paths
-**ALL tool calls targeting `.claude/` MUST be routed through `/tmp/*.sh` script via Bash.**
-| Tool | `.claude/` target | Required pattern |
-|------|------------------|------------------|
-| Read | `.claude/*` | OK — Read tool is sensitive-path exempt |
-| Bash (read-only: sed, cat, wc, ls, grep, head, tail, find, file) | `.claude/*` | **/tmp/*.sh bypass required** — direct invocation triggers prompt |
-| Bash (write: mkdir, cp, mv, rm, redirect) | `.claude/*` | **/tmp/*.sh bypass required** |
-| Write | `.claude/*` | **/tmp/*.sh + Bash heredoc required** — Write tool itself triggers prompt |
-| Edit | `.claude/*` | **/tmp/*.sh + Bash sed -i required** — Edit tool itself triggers prompt |
-### Pattern (mandatory)
-```bash
-cat > /tmp/fix-topic.sh << 'OUTER'
-sed -i 's/old/new/' .claude/path/file       # Edit equivalent
-cat > .claude/path/file << 'INNER'           # Write equivalent
-... content ...
-INNER
-sed '/<!--/,/-->/d' .claude/path/file | wc -c  # measurement
-OUTER
-bash /tmp/fix-topic.sh
-```
-### Why
-CC sensitive-path check inspects tool-call **target paths** but does NOT audit script-internal file operations. Bypass works because Bash target = `/tmp/`, while internal commands access `.claude/`.
+## Sensitive Path Handling (Historical: pre-CC v2.1.121)
-### Scope
+> **Status**: Deprecated as of CC v2.1.121 (2026-04-28) and further relaxed in v2.1.126 (2026-05-01). Direct Write/Edit/Bash on `.claude/`, `.git/`, `.vscode/` works without prompts under `bypassPermissions` mode in CC v2.1.121+ (issue #1101).
-Universal — applies to ALL subagents (not just fork skills). Applies to ALL `.claude/` paths regardless of subdirectory (`.claude/agents/`, `.claude/skills/`, `.claude/rules/`, `.claude/output-styles/`, `.claude/agent-memory/`, etc.).
+Current CC versions (>=2.1.121): direct Write/Edit/Bash on `.claude/**` paths are permitted under `mode: "bypassPermissions"`. The `/tmp/*.sh` script wrapping pattern previously required is no longer necessary. Catastrophic operations (e.g., `rm -rf /`) remain blocked by independent safety guards.
-### Failure mode
+`mode: "bypassPermissions"` on every Agent tool call is still required (see "Universal bypassPermissions" above).
-Direct Write/Edit/Bash on `.claude/` triggers user approval prompt → blocks unattended automation → defeats `/pipeline auto-dev` and `/loop` workflows.
+**For CC < v2.1.121 only**: see git history of this rule for the legacy `/tmp/*.sh` bypass pattern (commit before v0.126.0).
-> **Reference**: #1052, #1016 (origin), #1046 (directive loss in delegation chain)
+> **References**: #1052 (origin v0.116.2), #1016 (v0.111.1), #1046 (delegation directive loss v0.116.1), #1099 (CC v2.1.126 tracking), #1101 (v0.126.0 deprecation).
 ## Session Continuity

package/templates/.claude/rules/MUST-permissions.md CHANGED Viewed

@@ -18,9 +18,11 @@
 | Operation | Allowed | Prohibited |
 |-----------|---------|-----------|
 | Read | All source, configs, docs | - |
-| Write | Source code, new files in project | .env, .git/config, paths outside project |
+| Write | Source code, new files in project, `.claude/**` (CC v2.1.121+ under `bypassPermissions`) | .env, .git/config, paths outside project |
 | Delete | Temp files created by agent | Existing files (without request), entire directories |
+> **Sensitive paths note**: As of CC v2.1.121 (2026-04-28) and further relaxed in v2.1.126 (2026-05-01), `.claude/`, `.git/`, `.vscode/` are no longer prompted for Write/Edit/Bash under `mode: "bypassPermissions"`. The legacy `/tmp/*.sh` script bypass (R010 historical section) is deprecated for CC >= v2.1.121. Catastrophic operations (`rm -rf /`) remain blocked. See #1101.
 ## Permission Request Format
 ```

package/templates/CLAUDE.md CHANGED Viewed

@@ -1,4 +1,5 @@
 <!-- omcustom:start -->
+<!-- omcustomMinClaudeCode: 2.1.121 — sensitive-path direct Write under bypassPermissions (#1101) -->
 # AI 에이전트 시스템
 oh-my-customcode로 구동됩니다.

package/templates/manifest.json CHANGED Viewed

@@ -1,6 +1,8 @@
 {
-  "version": "0.124.0",
+  "version": "0.126.0",
   "lastUpdated": "2026-04-24T07:30:00.000Z",
+  "omcustomMinClaudeCode": "2.1.121",
+  "omcustomMinClaudeCodeReason": "Sensitive-path direct Write/Edit on .claude/** under bypassPermissions (R010 deprecation, #1101)",
   "components": [
     {
       "name": "rules",