oh-my-harness 0.4.0 → 0.4.2

package/dist/catalog/blocks/branch-guard.js

@@ -19,6 +19,7 @@ if echo "$COMMAND" | grep -qE "git commit|git push"; then
   [[ -z "$BRANCH" ]] && exit 0
   MAIN='{{mainBranch}}'
   if [[ "$BRANCH" == "$MAIN" ]] || [[ "$BRANCH" == "master" && "$MAIN" == "main" ]]; then
+    _log_event "block" "oh-my-harness: direct commits to $BRANCH are blocked. Create a feature branch."
     echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: direct commits to $BRANCH are blocked. Create a feature branch.\\"}"
     exit 0
   fi
@@ -36,6 +37,7 @@ if echo "$COMMAND" | grep -qE "git commit|git push"; then
     fi
   fi
   if [[ "$MERGED" -eq 1 ]]; then
+    _log_event "block" "oh-my-harness: branch $BRANCH has already been merged to $MAIN. Create a new branch."
     echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: branch $BRANCH has already been merged to $MAIN. Create a new branch.\\"}"
     exit 0
   fi

package/dist/catalog/blocks/command-guard.js

@@ -24,6 +24,7 @@ COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
 PATTERNS=({{#each patterns}}"{{this}}" {{/each}})
 for PATTERN in "\${PATTERNS[@]}"; do
   if echo "$COMMAND" | grep -qF "$PATTERN"; then
+    _log_event "block" "oh-my-harness: command matches blocked pattern: $PATTERN"
     echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: command matches blocked pattern: $PATTERN\\"}"
     exit 0
   fi

package/dist/catalog/blocks/commit-test-gate.js

@@ -17,6 +17,7 @@ COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
 if echo "$COMMAND" | grep -qE "git commit"; then
   echo "oh-my-harness: Running {{testCommand}} before commit..." >&2
   if ! {{testCommand}} >&2 2>&1; then
+    _log_event "block" "oh-my-harness: pre-commit check failed"
     echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: pre-commit check failed\\"}"
     exit 0
   fi

package/dist/catalog/blocks/commit-typecheck-gate.js

@@ -17,6 +17,7 @@ COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
 if echo "$COMMAND" | grep -qE "git commit"; then
   echo "oh-my-harness: Running {{typecheckCommand}} before commit..." >&2
   if ! {{typecheckCommand}} >&2 2>&1; then
+    _log_event "block" "oh-my-harness: pre-commit check failed"
     echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: pre-commit check failed\\"}"
     exit 0
   fi

package/dist/catalog/blocks/lockfile-guard.js

@@ -25,6 +25,7 @@ BASENAME=$(basename "$FILE_PATH")
 LOCKFILES=({{#each lockfiles}}"{{this}}" {{/each}})
 for LOCKFILE in "\${LOCKFILES[@]}"; do
   if [[ "$BASENAME" == "$LOCKFILE" ]]; then
+    _log_event "block" "oh-my-harness: direct edits to lockfile $BASENAME are blocked. Use the package manager instead."
     echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: direct edits to lockfile $BASENAME are blocked. Use the package manager instead.\\"}"
     exit 0
   fi

package/dist/catalog/blocks/path-guard.js

@@ -24,17 +24,20 @@ BLOCKED_PATHS=({{#each blockedPaths}}"{{this}}" {{/each}})
 for BLOCKED in "\${BLOCKED_PATHS[@]}"; do
   if [[ "$BLOCKED" == */ ]]; then
     if [[ "$FILE_PATH" == "$BLOCKED"* || "$FILE_PATH" == *"/$BLOCKED"* ]]; then
+      _log_event "block" "oh-my-harness: file path matches blocked directory: $BLOCKED"
       echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: file path matches blocked directory: $BLOCKED\\"}"
       exit 0
     fi
   elif [[ "$BLOCKED" == \\** ]]; then
     PATTERN="\${BLOCKED#\\*}"
     if [[ "$FILE_PATH" == *"$PATTERN" ]]; then
+      _log_event "block" "oh-my-harness: file path matches blocked pattern: $BLOCKED"
       echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: file path matches blocked pattern: $BLOCKED\\"}"
       exit 0
     fi
   else
     if [[ "$FILE_PATH" == "$BLOCKED" || "$FILE_PATH" == *"/$BLOCKED" ]]; then
+      _log_event "block" "oh-my-harness: file path matches blocked path: $BLOCKED"
       echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: file path matches blocked path: $BLOCKED\\"}"
       exit 0
     fi

package/dist/catalog/blocks/secret-file-guard.js

@@ -25,6 +25,7 @@ BASENAME=$(basename "$FILE_PATH")
 PATTERNS=({{#each patterns}}"{{this}}" {{/each}})
 for PATTERN in "\${PATTERNS[@]}"; do
   if [[ "$BASENAME" == $PATTERN ]]; then
+    _log_event "block" "oh-my-harness: file $BASENAME matches secret file pattern: $PATTERN"
     echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: file $BASENAME matches secret file pattern: $PATTERN\\"}"
     exit 0
   fi

package/dist/catalog/blocks/tdd-guard.js

@@ -60,6 +60,7 @@ BASENAME=$(basename "\$FILE_PATH" | sed -E 's/\\.(ts|tsx|js|jsx)$//')
 TEST_SUFFIX=".test."
 
 if [[ ! -f "\$HISTORY_FILE" ]]; then
+  _log_event "block" "oh-my-harness: TDD — \${BASENAME}\${TEST_SUFFIX}* 테스트 파일을 먼저 수정하세요"
   echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: TDD — \${BASENAME}\${TEST_SUFFIX}* 테스트 파일을 먼저 수정하세요\\"}"
   exit 0
 fi
@@ -74,6 +75,7 @@ if jq -e --arg b "\$BASENAME" '.edits[] | select(contains($b + ".test.") or cont
   exit 0
 fi
 
+_log_event "block" "oh-my-harness: TDD — \${BASENAME}\${TEST_SUFFIX}* 테스트 파일을 먼저 수정하세요"
 echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: TDD — \${BASENAME}\${TEST_SUFFIX}* 테스트 파일을 먼저 수정하세요\\"}"
 exit 0`,
     tags: ["tdd", "workflow", "quality"],

package/dist/catalog/converter.js

@@ -1,5 +1,5 @@
 import path from "path";
-import { renderTemplate, validateParams } from "./template-engine.js";
+import { renderTemplate, validateParams, applyDefaults } from "./template-engine.js";
 export async function convertHookEntries(entries, registry, projectDir) {
     const hooksConfig = {};
     const scripts = new Map();
@@ -11,7 +11,8 @@ export async function convertHookEntries(entries, registry, projectDir) {
             errors.push(`Unknown block id: "${entry.block}"`);
             continue;
         }
-        const paramErrors = validateParams(block, entry.params);
+        const resolvedParams = applyDefaults(block, entry.params);
+        const paramErrors = validateParams(block, resolvedParams);
         if (paramErrors.length > 0) {
             errors.push(...paramErrors);
             continue;
@@ -23,7 +24,7 @@ export async function convertHookEntries(entries, registry, projectDir) {
         seenBlockIds.add(entry.block);
         let scriptContent;
         try {
-            scriptContent = renderTemplate(block.template, entry.params);
+            scriptContent = renderTemplate(block.template, resolvedParams);
         }
         catch (err) {
             errors.push(`Failed to render block "${entry.block}": ${err.message}`);

package/dist/catalog/template-engine.d.ts

@@ -1,3 +1,4 @@
 import type { BuildingBlock } from "./types.js";
 export declare function renderTemplate(template: string, params: Record<string, unknown>): string;
+export declare function applyDefaults(block: BuildingBlock, params: Record<string, unknown>): Record<string, unknown>;
 export declare function validateParams(block: BuildingBlock, params: Record<string, unknown>): string[];

package/dist/catalog/template-engine.js

@@ -3,6 +3,15 @@ export function renderTemplate(template, params) {
     const compiled = Handlebars.compile(template);
     return compiled(params);
 }
+export function applyDefaults(block, params) {
+    const result = { ...params };
+    for (const param of block.params) {
+        if (result[param.name] === undefined && param.default !== undefined) {
+            result[param.name] = param.default;
+        }
+    }
+    return result;
+}
 export function validateParams(block, params) {
     const errors = [];
     for (const param of block.params) {

package/dist/catalog/types.d.ts

@@ -109,11 +109,11 @@ export declare const BuildingBlockSchema: z.ZodObject<{
 }>;
 export declare const HookEntrySchema: z.ZodObject<{
     block: z.ZodString;
-    params: z.ZodRecord<z.ZodString, z.ZodUnknown>;
+    params: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
 }, "strip", z.ZodTypeAny, {
     params: Record<string, unknown>;
     block: string;
 }, {
-    params: Record<string, unknown>;
     block: string;
+    params?: Record<string, unknown> | undefined;
 }>;

package/dist/catalog/types.js

@@ -20,5 +20,5 @@ export const BuildingBlockSchema = z.object({
 });
 export const HookEntrySchema = z.object({
     block: z.string(),
-    params: z.record(z.unknown()),
+    params: z.record(z.unknown()).default({}),
 });

package/dist/core/harness-schema.d.ts

@@ -65,7 +65,7 @@ export declare const HarnessConfigSchema: z.ZodObject<{
         content: string;
         priority?: number | undefined;
     }>, "many">;
-    enforcement: z.ZodObject<{
+    enforcement: z.ZodDefault<z.ZodObject<{
         preCommit: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
         blockedPaths: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
         blockedCommands: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
@@ -95,16 +95,16 @@ export declare const HarnessConfigSchema: z.ZodObject<{
             command: string;
             pattern: string;
         }[] | undefined;
-    }>;
+    }>>;
     hooks: z.ZodDefault<z.ZodArray<z.ZodObject<{
         block: z.ZodString;
-        params: z.ZodRecord<z.ZodString, z.ZodUnknown>;
+        params: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
     }, "strip", z.ZodTypeAny, {
         params: Record<string, unknown>;
         block: string;
     }, {
-        params: Record<string, unknown>;
         block: string;
+        params?: Record<string, unknown> | undefined;
     }>, "many">>;
     permissions: z.ZodDefault<z.ZodObject<{
         allow: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
@@ -172,23 +172,23 @@ export declare const HarnessConfigSchema: z.ZodObject<{
         content: string;
         priority?: number | undefined;
     }[];
-    enforcement: {
-        blockedPaths?: string[] | undefined;
-        preCommit?: string[] | undefined;
-        blockedCommands?: string[] | undefined;
-        postSave?: {
-            command: string;
-            pattern: string;
-        }[] | undefined;
-    };
     permissions?: {
         allow?: string[] | undefined;
         deny?: string[] | undefined;
     } | undefined;
     version?: "1.0" | undefined;
     hooks?: {
-        params: Record<string, unknown>;
         block: string;
+        params?: Record<string, unknown> | undefined;
     }[] | undefined;
+    enforcement?: {
+        blockedPaths?: string[] | undefined;
+        preCommit?: string[] | undefined;
+        blockedCommands?: string[] | undefined;
+        postSave?: {
+            command: string;
+            pattern: string;
+        }[] | undefined;
+    } | undefined;
 }>;
 export type HarnessConfig = z.infer<typeof HarnessConfigSchema>;

package/dist/core/harness-schema.js

@@ -31,7 +31,7 @@ export const HarnessConfigSchema = z.object({
             pattern: z.string(),
             command: z.string(),
         })).default([]),
-    }),
+    }).default({}),
     // Catalog-based hooks (v2)
     hooks: z.array(HookEntrySchema).default([]),
     // Permissions

package/dist/detector/detectors/node.js

@@ -18,6 +18,24 @@ async function readJsonFile(filePath) {
         return null;
     }
 }
+/**
+ * Resolve scripts.test content into a direct executable command.
+ * - Prevents watch mode hang (vitest → vitest run)
+ * - Adds npx prefix for direct runner invocation
+ */
+function resolveTestCommand(testScript) {
+    const trimmed = testScript.trim();
+    // vitest without "run" → add --run to prevent watch mode
+    if (/^vitest$/.test(trimmed)) {
+        return "npx vitest run";
+    }
+    // Known runners: prefix with npx if not already
+    if (/^(vitest|jest|mocha)\b/.test(trimmed)) {
+        return trimmed.startsWith("npx ") ? trimmed : `npx ${trimmed}`;
+    }
+    // Unknown script content: use as-is (e.g. custom shell commands)
+    return trimmed;
+}
 export const nodeDetector = {
     name: "node",
     detect: async (projectDir) => {
@@ -53,19 +71,18 @@ export const nodeDetector = {
             packageManagers.push("npm");
             detectedFiles.push("package-lock.json");
         }
-        // Determine lint command prefix and test command based on package manager
+        // Determine lint command prefix based on package manager
         const lintCmd = pm === "npm" ? "npm run lint" : `${pm} lint`;
-        const testCmdDefault = pm === "npm" ? "npm test" : `${pm} test`;
         // Read package.json to inspect scripts
         const pkg = await readJsonFile(packageJsonPath);
         const scripts = pkg && typeof pkg.scripts === "object" && pkg.scripts !== null
             ? pkg.scripts
             : {};
-        // Detect test runner from scripts.test
-        const testScript = scripts["test"];
-        testCommands.push(testCmdDefault);
-        if (testScript && /vitest|jest|mocha/.test(testScript) && testScript !== testCmdDefault) {
-            testCommands.push(testScript);
+        // Detect test runner from scripts.test — use direct command instead of npm test wrapper
+        const rawTestScript = scripts["test"];
+        if (typeof rawTestScript === "string" && rawTestScript.trim().length > 0) {
+            const resolved = resolveTestCommand(rawTestScript);
+            testCommands.push(resolved);
         }
         lintCommands.push(lintCmd);
         // Detect Next.js

package/dist/generators/hooks.d.ts

@@ -1,5 +1,5 @@
 import type { MergedConfig } from "../core/preset-types.js";
-export declare function wrapWithLogger(script: string): string;
+export declare function wrapWithLogger(script: string, event?: string): string;
 export interface GenerateHooksOptions {
     projectDir: string;
     config: MergedConfig;

package/dist/generators/hooks.js

@@ -1,31 +1,36 @@
 import { mkdir, writeFile, chmod } from "node:fs/promises";
 import { join } from "node:path";
-const LOGGER_SNIPPET = `# --- oh-my-harness event logger ---
+function buildLoggerSnippet(event) {
+    return `# --- oh-my-harness event logger ---
 _OMH_STATE_DIR=".claude/hooks/.state"
 mkdir -p "$_OMH_STATE_DIR" 2>/dev/null || true
 _OMH_HOOK_NAME="$(basename "$0")"
-_OMH_EVENT="\${_OMH_EVENT:-unknown}"
+_OMH_EVENT="${event}"
+_OMH_LOGGED=0
 _log_event() {
+  _OMH_LOGGED=1
   local decision="\${1:-allow}" reason="\${2:-}"
   printf '{"ts":"%s","event":"%s","hook":"%s","decision":"%s","reason":"%s"}\\n' \\
     "$(date -u +%Y-%m-%dT%H:%M:%SZ)" "$_OMH_EVENT" "$_OMH_HOOK_NAME" "$decision" "$reason" \\
     >> "$_OMH_STATE_DIR/events.jsonl"
 }
-trap '_log_event "allow"' EXIT
+trap '[ "$_OMH_LOGGED" -eq 0 ] && _log_event "allow"' EXIT
 # --- end logger ---`;
-export function wrapWithLogger(script) {
+}
+export function wrapWithLogger(script, event = "unknown") {
+    const snippet = buildLoggerSnippet(event);
     if (script.includes("INPUT=$(cat)")) {
-        return script.replace("INPUT=$(cat)", `INPUT=$(cat)\n\n${LOGGER_SNIPPET}`);
+        return script.replace("INPUT=$(cat)", `INPUT=$(cat)\n\n${snippet}`);
     }
     if (script.includes("set -euo pipefail")) {
-        return script.replace("set -euo pipefail", `set -euo pipefail\n\n${LOGGER_SNIPPET}`);
+        return script.replace("set -euo pipefail", `set -euo pipefail\n\n${snippet}`);
     }
     // shebang 패턴: #!/bin/bash, #!/usr/bin/env bash, #!/bin/sh 등
     const shebangMatch = script.match(/^#!.+$/m);
     if (shebangMatch) {
-        return script.replace(shebangMatch[0], `${shebangMatch[0]}\n\n${LOGGER_SNIPPET}`);
+        return script.replace(shebangMatch[0], `${shebangMatch[0]}\n\n${snippet}`);
     }
-    return `${LOGGER_SNIPPET}\n${script}`;
+    return `${snippet}\n${script}`;
 }
 export async function generateHooks(options) {
     const { projectDir, config } = options;
@@ -47,7 +52,7 @@ export async function generateHooks(options) {
         const safeId = hook.id.replace(/[^a-zA-Z0-9_-]/g, "");
         const scriptName = `${safeId}.sh`;
         const scriptPath = join(hooksDir, scriptName);
-        const wrappedScript = wrapWithLogger(hook.inline);
+        const wrappedScript = wrapWithLogger(hook.inline, hook.event);
         await writeFile(scriptPath, wrappedScript, "utf8");
         await chmod(scriptPath, 0o755);
         generatedFiles.push(scriptPath);

package/dist/nl/prompt-templates.js

@@ -40,15 +40,18 @@ Do NOT guess commands — use the detected values above.\n`;
 export function buildHarnessGenerationPrompt(description, catalogBlocks, projectFacts) {
     const factsSection = projectFacts ? buildProjectFactsSection(projectFacts) : "";
     const catalogSection = catalogBlocks && catalogBlocks.length > 0
-        ? `\nAvailable building blocks (use in the hooks field):
+        ? `\nAvailable building blocks (MUST use in the hooks field — prefer hooks over enforcement):
 ${catalogBlocks
             .map((b) => {
             const paramDesc = b.params.length > 0
-                ? ` Params: ${b.params.map((p) => `${p.name}${p.required ? " (required)" : p.default !== undefined ? ` (default: ${String(p.default)})` : ""}`).join(", ")}`
+                ? ` params: ${b.params.map((p) => `${p.name}${p.required ? " (required)" : p.default !== undefined ? ` (default: ${String(p.default)})` : ""}`).join(", ")}`
                 : "";
-            return `- ${b.id}: ${b.description}.${paramDesc}`;
+            return `- block: ${b.id} — ${b.description}.${paramDesc}`;
         })
-            .join("\n")}\n`
+            .join("\n")}
+
+IMPORTANT: Match the user's description to the most relevant blocks above. Use hooks for ALL enforcement that has a matching block. Only use enforcement as a fallback for commands with no matching block.
+`
         : "";
     return `You are a configuration generator for oh-my-harness, an AI code agent harness tool. Given a project description, generate a complete harness.yaml configuration in YAML format. Return ONLY the YAML content with no markdown formatting.
 
@@ -57,7 +60,8 @@ The harness.yaml schema has these fields:
 - project: object with name (optional string), description (optional string), stacks (array of {name, framework, language, packageManager?, testRunner?, linter?})
 - rules: array of {id, title, content (markdown), priority (number, lower = higher in file)}
 - enforcement: object with preCommit (array of full executable shell commands like "pnpm test", "npx eslint", "npx tsc --noEmit"), blockedPaths (array of glob patterns), blockedCommands (array of dangerous commands), postSave (array of {pattern, command})
-- hooks: array of {block, params} — use catalog building blocks instead of manual enforcement where possible (preferred for new configs)
+- hooks: array of {block, params} — MUST use catalog building blocks here. This is the primary mechanism for enforcement. Match user requirements to available blocks.
+- enforcement: fallback for commands with no matching block. Only use enforcement.preCommit when no catalog block covers the use case.
 - permissions: object with allow (array of permission strings like "Bash(npm test*)") and deny (array)
 ${catalogSection}${factsSection}
 Example 1 - Next.js app:
@@ -87,15 +91,29 @@ rules:
       - Use vitest + @testing-library/react for component tests
       - Every component MUST have a corresponding .test.tsx file
     priority: 21
-enforcement:
-  preCommit: ["pnpm test", "npx eslint .", "npx tsc --noEmit"]
-  blockedPaths: [".next/", "node_modules/", "*.min.js"]
-  blockedCommands: ["rm -rf /", "sudo rm"]
-  postSave:
-    - pattern: "*.ts"
-      command: "eslint --fix"
-    - pattern: "*.tsx"
-      command: "eslint --fix"
+hooks:
+  - block: branch-guard
+  - block: commit-test-gate
+    params:
+      testCommand: "pnpm test"
+  - block: commit-typecheck-gate
+    params:
+      typecheckCommand: "npx tsc --noEmit"
+  - block: lint-on-save
+    params:
+      filePattern: "*.ts"
+      command: "npx eslint --fix"
+  - block: path-guard
+    params:
+      blockedPaths:
+        - ".next/"
+        - "node_modules/"
+        - "*.min.js"
+  - block: command-guard
+    params:
+      patterns:
+        - "rm -rf /"
+        - "sudo rm"
 permissions:
   allow:
     - "Bash(pnpm install*)"
@@ -125,13 +143,27 @@ rules:
       - Use Pydantic v2 models for all request/response schemas
       - Use dependency injection for database sessions, auth, and shared services
     priority: 20
-enforcement:
-  preCommit: ["uv run pytest", "uv run ruff check"]
-  blockedPaths: ["__pycache__/", ".venv/", "*.pyc"]
-  blockedCommands: ["rm -rf /", "sudo rm", "pip install"]
-  postSave:
-    - pattern: "*.py"
+hooks:
+  - block: branch-guard
+  - block: commit-test-gate
+    params:
+      testCommand: "uv run pytest"
+  - block: lint-on-save
+    params:
+      filePattern: "*.py"
       command: "ruff check --fix"
+  - block: path-guard
+    params:
+      blockedPaths:
+        - "__pycache__/"
+        - ".venv/"
+        - "*.pyc"
+  - block: command-guard
+    params:
+      patterns:
+        - "rm -rf /"
+        - "sudo rm"
+        - "pip install"
 permissions:
   allow:
     - "Bash(pytest*)"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "oh-my-harness",
-  "version": "0.4.0",
+  "version": "0.4.2",
   "description": "Tame your AI coding agents with natural language",
   "type": "module",
   "bin": {