pi-graphite 0.3.0 → 0.3.1

package/README.md

@@ -79,6 +79,9 @@ dependent branches.
 - Editor / pager / browser env is forced safe (`GT_EDITOR=true`, `GT_PAGER=`,
   `BROWSER=true`, …). Commands have a hard timeout.
 - Interactive editor / hunk / browser / reorder paths are not exposed.
+- Rendered `$ gt …` command lines in tool output are POSIX shell-quoted so
+  copy-paste cannot trigger command substitution or word-splitting from
+  user-controlled args.
 - `graphite_setup action=track_branch` requires explicit `branch`, explicit
   `parent`, and `confirmParent:true`; do not guess parent if unclear.
 - `graphite_setup action=init_repo reset:true` needs `confirmDestructive:true`.
@@ -94,6 +97,14 @@ dependent branches.
   `branchNotTracked`, `noChangesStaged`, `checkedOutElsewhere`,
   `operatingOnTrunk`, …).
 
+### Known surface: git hooks
+
+This extension does not pass `--no-verify` to `gt` / `git`. Any
+`pre-commit`, `commit-msg`, `pre-push`, or related hook configured in the
+target repo will execute as part of mutating operations (create, amend,
+submit, …). Hooks are arbitrary user code and are intentionally not
+bypassed; treat hook content as part of the repo's trust boundary.
+
 ## License
 
 MIT

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pi-graphite",
-  "version": "0.3.0",
+  "version": "0.3.1",
   "description": "Opinionated pi tools + skill for stacked PR workflows with the Graphite (gt) CLI.",
   "keywords": [
     "pi",

package/src/lib/argv.ts

@@ -57,3 +57,25 @@ export function flagEq(flag: string, value: string | number): string {
   }
   return `${flag}=${value}`;
 }
+
+/**
+ * POSIX shell single-quote a value so the rendered command line is safe to
+ * copy-paste into a shell. argv execution itself never goes through a shell
+ * (we use spawn with an argv array), but rendered commands appear in tool
+ * output and labels; a user pasting them must not trigger command
+ * substitution, word splitting, or metacharacter interpretation.
+ *
+ * Rule: wrap in single quotes, and replace each embedded single quote with
+ * the POSIX-portable sequence '\''. Tokens consisting solely of
+ * [A-Za-z0-9_=:,.@/+-] are left unquoted for readability.
+ */
+export function shellQuote(arg: string): string {
+  if (arg.length === 0) return "''";
+  if (/^[A-Za-z0-9_=:,.@\/+\-]+$/.test(arg)) return arg;
+  return `'${arg.replace(/'/g, "'\\''")}'`;
+}
+
+/** Join argv tokens into a shell-safe single line. */
+export function shellJoin(args: readonly string[]): string {
+  return args.map(shellQuote).join(" ");
+}

package/src/lib/result.ts

@@ -1,5 +1,6 @@
 import { spawn } from "node:child_process";
-import { DEFAULT_COMMAND_TIMEOUT_MS, killProcessGroup, safeNoninteractiveEnv, type GtRunResult } from "./exec";
+import { shellJoin } from "./argv";
+import { DEFAULT_COMMAND_TIMEOUT_MS, killProcessGroup, runGt, safeNoninteractiveEnv, type GtRunResult } from "./exec";
 
 /**
  * Structured failure hints. Only populated when the underlying `gt` command
@@ -108,7 +109,7 @@ export function formatResult(r: GtRunResult): FormattedResult {
 export function renderText(label: string, f: FormattedResult): string {
   const r = f.result;
   const lines: string[] = [];
-  lines.push(`$ gt ${r.args.join(" ")}`);
+  lines.push(`$ gt ${shellJoin(r.args)}`);
   lines.push(
     `# cwd=${r.cwd}  exit=${r.exitCode}${r.timedOut ? "  (aborted)" : ""}${
       r.spawnError ? `  (spawn-error: ${r.spawnError})` : ""
@@ -176,7 +177,11 @@ async function detectCurrentBranch(cwd: string): Promise<string | undefined> {
 }
 
 async function detectTrunk(cwd: string): Promise<string | undefined> {
-  const out = await execText("gt", ["--cwd", cwd, "--no-interactive", "trunk"], cwd);
+  // Route through the hardened runner so cwd resolve, forbidden-token scan,
+  // trailing --no-interactive injection, and env scrubbing all apply.
+  const r = await runGt(["trunk"], { cwd }).catch(() => undefined);
+  if (!r || r.exitCode !== 0) return undefined;
+  const out = r.stdout;
   // gt trunk prints the trunk name on its own line. Take last non-empty line.
   const cleaned = out
     .replace(/\x1b\[[0-9;]*[a-zA-Z]/g, "")

package/src/tools/change.ts

@@ -1,6 +1,6 @@
 import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
 import { runGt } from "../lib/exec";
-import { assertSafeRef, flagEq } from "../lib/argv";
+import { assertSafeRef, flagEq, shellJoin } from "../lib/argv";
 import { ensureSuccess, renderText } from "../lib/result";
 import {
   CwdParam,
@@ -128,7 +128,7 @@ export function registerChange(pi: ExtensionAPI) {
           break;
         }
       }
-      const label = `gt ${args.join(" ")}`;
+      const label = `gt ${shellJoin(args)}`;
       const r = await runGt(args, { cwd: p.cwd, signal });
       const f = await ensureSuccess(label, r, p.cwd);
       return {

package/src/tools/navigate.ts

@@ -1,6 +1,6 @@
 import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
 import { runGt } from "../lib/exec";
-import { assertSafeRef, flagEq } from "../lib/argv";
+import { assertSafeRef, flagEq, shellJoin } from "../lib/argv";
 import { ensureSuccess, renderText } from "../lib/result";
 import {
   CwdParam,
@@ -87,7 +87,7 @@ export function registerNavigate(pi: ExtensionAPI) {
           args = ["bottom"];
           break;
       }
-      const label = `gt ${args.join(" ")}`;
+      const label = `gt ${shellJoin(args)}`;
       const r = await runGt(args, { cwd: p.cwd, signal });
       const f = await ensureSuccess(label, r, p.cwd);
       return {

package/src/tools/recover.ts

@@ -7,6 +7,7 @@ import {
   runGt,
   safeNoninteractiveEnv,
 } from "../lib/exec";
+import { shellJoin } from "../lib/argv";
 import { ensureSuccess, renderText } from "../lib/result";
 import { CwdParam, StringEnum, Type, type ToolReturn } from "../lib/schema";
 
@@ -135,7 +136,7 @@ export function registerRecover(pi: ExtensionAPI) {
           if (p.force) args.push("--force");
           break;
       }
-      const label = `gt ${args.join(" ")}`;
+      const label = `gt ${shellJoin(args)}`;
       const r = await runGt(args, { cwd: p.cwd, signal });
       const f = await ensureSuccess(label, r, p.cwd);
       return {

package/src/tools/setup.ts

@@ -1,6 +1,6 @@
 import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
 import { runGt } from "../lib/exec";
-import { assertSafeRef, flagEq } from "../lib/argv";
+import { assertSafeRef, flagEq, shellJoin } from "../lib/argv";
 import { ensureSuccess, renderText } from "../lib/result";
 import {
   CwdParam,
@@ -109,7 +109,7 @@ export function registerSetup(pi: ExtensionAPI) {
         if (p.force) args.push("--force");
       }
 
-      const label = `gt ${args.join(" ")}`;
+      const label = `gt ${shellJoin(args)}`;
       const r = await runGt(args, { cwd: p.cwd, signal });
       const f = await ensureSuccess(label, r, p.cwd);
       return {

package/src/tools/submit.ts

@@ -1,6 +1,6 @@
 import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
 import { runGt } from "../lib/exec";
-import { assertSafeRef, flagEq } from "../lib/argv";
+import { assertSafeRef, flagEq, shellJoin } from "../lib/argv";
 import { ensureSuccess, renderText } from "../lib/result";
 import {
   CwdParam,
@@ -104,18 +104,30 @@ export function registerSubmitStack(pi: ExtensionAPI) {
       if (p.mergeWhenReady) args.push("--merge-when-ready");
       if (p.rerequestReview) args.push("--rerequest-review");
 
+      const assertReviewer = (rv: string, label: string) => {
+        assertSafeRef(rv, label);
+        // gt joins reviewers on ',' before calling gh. Reject any element
+        // that itself contains a comma or whitespace so a single array
+        // entry cannot expand into multiple reviewers.
+        if (/[,\s]/.test(rv)) {
+          throw new Error(
+            `${label} must not contain commas or whitespace (got ${JSON.stringify(rv)}). ` +
+              `Pass each reviewer as a separate array element.`,
+          );
+        }
+      };
       if (p.reviewers && p.reviewers.length) {
-        for (const rv of p.reviewers) assertSafeRef(rv, "reviewers[]");
+        for (const rv of p.reviewers) assertReviewer(rv, "reviewers[]");
         args.push(flagEq("--reviewers", p.reviewers.join(",")));
       }
       if (p.teamReviewers && p.teamReviewers.length) {
-        for (const rv of p.teamReviewers) assertSafeRef(rv, "teamReviewers[]");
+        for (const rv of p.teamReviewers) assertReviewer(rv, "teamReviewers[]");
         args.push(flagEq("--team-reviewers", p.teamReviewers.join(",")));
       }
       if (p.forcePush) args.push("--force");
       if (p.ignoreOutOfSyncTrunk) args.push("--ignore-out-of-sync-trunk");
 
-      const label = `gt ${args.join(" ")}`;
+      const label = `gt ${shellJoin(args)}`;
       const r = await runGt(args, { cwd: p.cwd, signal });
       const f = await ensureSuccess(label, r, p.cwd);
       return {

package/src/tools/sync.ts

@@ -1,4 +1,5 @@
 import type { ExtensionAPI } from "@earendil-works/pi-coding-agent";
+import { shellJoin } from "../lib/argv";
 import { runGt } from "../lib/exec";
 import { ensureSuccess, renderText } from "../lib/result";
 import {
@@ -67,7 +68,7 @@ export function registerSync(pi: ExtensionAPI) {
       if (p.force) args.push("--force");
       if (p.restack === false) args.push("--no-restack");
 
-      const label = `gt ${args.join(" ")}`;
+      const label = `gt ${shellJoin(args)}`;
       const r = await runGt(args, { cwd: p.cwd, signal });
       const f = await ensureSuccess(label, r, p.cwd);
       return {