proof-of-commitment 1.21.1 → 1.22.0

package/index.js

@@ -5,7 +5,7 @@
  * Usage: npx proof-of-commitment [packages...] [options]
  */
 
-const API = 'https://poc-backend.amdal-dev.workers.dev/api/audit';
+const API = process.env.COMMIT_API_URL || 'https://poc-backend.amdal-dev.workers.dev/api/audit';
 const KEYS_API = 'https://poc-backend.amdal-dev.workers.dev/api/keys';
 const WATCHLIST_API = 'https://poc-backend.amdal-dev.workers.dev/api/watchlist';
 const WEB = 'https://getcommit.dev/audit';
@@ -506,9 +506,11 @@ ${clr(c.bold, 'Reports:')}
                       Saves audit-report.html to cwd + prints Markdown for GitHub issues
 
 ${clr(c.bold, 'IDE Hooks:')}
-  poc hook            Install Cursor beforeShellExecution hook (blocks CRITICAL packages)
-  poc hook --global   Install for all Cursor projects (~/.cursor/hooks.json)
-  poc hook --uninstall Remove the hook
+  poc hook            Install supply chain gate for Cursor + Claude Code (blocks CRITICAL packages)
+  poc hook --cursor   Install only the Cursor beforeShellExecution hook
+  poc hook --claude-code  Install only the Claude Code PreToolUse hook
+  poc hook --global   Install for the current user (~/.cursor + ~/.claude)
+  poc hook --uninstall Remove the hook from both Cursor and Claude Code
 
 ${clr(c.bold, 'Account:')}
   poc login [key]     Save and validate your API key (interactive or direct)
@@ -1132,10 +1134,18 @@ async function cmdLogout() {
 }
 
 /**
- * poc hook [--cursor] [--global] [--uninstall]
- * Install a beforeShellExecution hook for Cursor that scores packages before install.
- * Writes a standalone Node.js hook script to ~/.commit/cursor-hook.js and
- * configures .cursor/hooks.json (project) or ~/.cursor/hooks.json (--global).
+ * poc hook [--cursor] [--claude-code] [--global] [--uninstall]
+ * Install a supply chain gate hook for Cursor (beforeShellExecution) and/or
+ * Claude Code (PreToolUse) that scores packages before install.
+ *
+ * Writes a single hook script to ~/.commit/cursor-hook.js (the filename is
+ * kept for backward compatibility with v1.21.x installs; the same script
+ * now auto-detects whether stdin is in Cursor or Claude Code format and
+ * emits the matching response shape).
+ *
+ * Default installs both Cursor + Claude Code configs. Pass --cursor or
+ * --claude-code to install only one. --global writes to ~/.cursor and
+ * ~/.claude; default writes to ./.cursor and ./.claude.
  */
 async function cmdHook(args) {
   const os = await import('os');
@@ -1144,18 +1154,27 @@ async function cmdHook(args) {
 
   const isGlobal = args.includes('--global') || args.includes('-g');
   const uninstall = args.includes('--uninstall') || args.includes('--remove');
+  const onlyCursor = args.includes('--cursor');
+  const onlyClaude = args.includes('--claude-code') || args.includes('--claude');
+  // Default (no client flag) = install both. --cursor and --claude-code narrow scope.
+  const installCursor = !onlyClaude;
+  const installClaude = !onlyCursor;
 
   // ── Hook script (plain Node.js, no external deps) ─────────────────────
+  // Single script serves BOTH Cursor (beforeShellExecution) and Claude Code
+  // (PreToolUse). It auto-detects which client called it by inspecting the
+  // stdin JSON and emits the matching response format.
   const hookScript = `#!/usr/bin/env node
 /**
- * Commit supply chain hook for Cursor (auto-generated by \`poc hook\`)
+ * Commit supply chain hook for Cursor + Claude Code (auto-generated by \`poc hook\`)
  * Intercepts npm/pip/cargo/go install commands and scores packages
  * against getcommit.dev before they run.
  *
  * CRITICAL packages are blocked. HIGH packages trigger confirmation.
+ * Auto-detects Cursor vs Claude Code stdin format and replies in kind.
  * Docs: https://getcommit.dev/docs/cursor-hook
  */
-const API = 'https://poc-backend.amdal-dev.workers.dev/api/audit';
+const API = process.env.COMMIT_API_URL || 'https://poc-backend.amdal-dev.workers.dev/api/audit';
 const fs = require('fs');
 const path = require('path');
 
@@ -1169,7 +1188,7 @@ function readKey() {
 }
 
 function parseInstall(cmd) {
-  const t = cmd.trim();
+  const t = (cmd || '').trim();
   let m;
   // npm / pnpm / yarn
   m = t.match(/^(?:npm\\s+(?:i|install|add)|pnpm\\s+(?:i|install|add)|yarn\\s+add)\\s+(.+)/);
@@ -1186,11 +1205,51 @@ function parseInstall(cmd) {
   return null;
 }
 
+// Detect which client called us and how to extract the command.
+// Cursor:      stdin = { command: 'npm install ...', workingDirectory? }
+// Claude Code: stdin = { tool_name: 'Bash', tool_input: { command: '...' }, hook_event_name: 'PreToolUse', ... }
+function detectClient(input) {
+  if (input && input.tool_input && typeof input.tool_input.command === 'string') {
+    return { client: 'claude-code', cmd: input.tool_input.command };
+  }
+  if (input && typeof input.command === 'string') {
+    return { client: 'cursor', cmd: input.command };
+  }
+  return { client: 'cursor', cmd: '' };
+}
+
+// Emit the appropriate "no decision" / "allow" output for the detected client.
+function emitAllow(client) {
+  if (client === 'claude-code') {
+    // No stdout + exit 0 = defer to normal permission flow.
+    return;
+  }
+  process.stdout.write(JSON.stringify({ permission: 'allow' }));
+}
+
+// Emit deny / ask in the matching format.
+function emit(client, decision, userMsg, agentMsg) {
+  if (client === 'claude-code') {
+    process.stdout.write(JSON.stringify({
+      hookSpecificOutput: {
+        hookEventName: 'PreToolUse',
+        permissionDecision: decision,
+        permissionDecisionReason: userMsg,
+      },
+    }));
+    return;
+  }
+  const body = { permission: decision, user_message: userMsg };
+  if (agentMsg) body.agent_message = agentMsg;
+  process.stdout.write(JSON.stringify(body));
+}
+
 async function main() {
   let input;
-  try { input = JSON.parse(fs.readFileSync('/dev/stdin', 'utf-8')); } catch { process.stdout.write(JSON.stringify({ permission: 'allow' })); return; }
-  const parsed = parseInstall(input.command || '');
-  if (!parsed || parsed.pkgs.length === 0) { process.stdout.write(JSON.stringify({ permission: 'allow' })); return; }
+  try { input = JSON.parse(fs.readFileSync('/dev/stdin', 'utf-8')); } catch { emitAllow('cursor'); return; }
+  const { client, cmd } = detectClient(input);
+  const parsed = parseInstall(cmd);
+  if (!parsed || parsed.pkgs.length === 0) { emitAllow(client); return; }
 
   const headers = { 'Content-Type': 'application/json', 'Accept': 'application/json' };
   const key = readKey();
@@ -1201,7 +1260,7 @@ async function main() {
     const timer = setTimeout(() => ctrl.abort(), 4000);
     const res = await fetch(API, { method: 'POST', headers, body: JSON.stringify({ packages: parsed.pkgs, ecosystem: parsed.eco }), signal: ctrl.signal });
     clearTimeout(timer);
-    if (!res.ok && res.status !== 429) { process.stdout.write(JSON.stringify({ permission: 'allow' })); return; }
+    if (!res.ok && res.status !== 429) { emitAllow(client); return; }
     const data = await res.json();
     const results = data.results || data.packages_already_scored || [];
 
@@ -1209,12 +1268,12 @@ async function main() {
     const high = results.filter(r => (r.riskFlags || []).some(f => f.startsWith('HIGH')));
     const url = 'https://getcommit.dev/audit?packages=' + parsed.pkgs.join(',') + '&ecosystem=' + parsed.eco;
 
-    // v1.21.1: detect rate-limit hit and surface signup CTA + unscored-package warning.
-    // Without this, hook silently allowed unscored packages on 429 (false sense of security)
-    // and the conversion driver (signup URL in 429 body) never reached the user.
+    // Detect rate-limit hit and surface signup CTA + unscored-package warning.
+    // Without this, hook would silently allow unscored packages on 429 (false sense of security).
     const rateLimited = res.status === 429;
-    // Force cursor-hook attribution — backend default is audit-cli-429 which misattributes.
-    const rlUrl = rateLimited ? 'https://getcommit.dev/get-started?ref=cursor-hook-429&utm_source=cli' : '';
+    // Per-client attribution so /api/keys/create source counters split traffic cleanly.
+    const refTag = client === 'claude-code' ? 'claude-code-hook-429' : 'cursor-hook-429';
+    const rlUrl = rateLimited ? 'https://getcommit.dev/get-started?ref=' + refTag + '&utm_source=cli' : '';
     const unscored = rateLimited ? Math.max(0, parsed.pkgs.length - results.length) : 0;
     const rlNote = rateLimited
       ? '\\n\\n\\u26A0 Commit free limit reached'
@@ -1224,19 +1283,17 @@ async function main() {
 
     if (critical.length > 0) {
       const lines = critical.map(r => '  \\u{1F534} ' + r.name + ' (score ' + (r.score||'?') + ') \\u2014 ' + (r.riskFlags||[]).slice(0,1).join(', '));
-      process.stdout.write(JSON.stringify({
-        permission: 'deny',
-        user_message: '\\u{1F534} Commit blocked: ' + critical.map(r=>r.name).join(', ') + ' flagged CRITICAL\\n\\n' + lines.join('\\n') + '\\n\\n\\u2192 ' + url + rlNote,
-        agent_message: 'Package install blocked by Commit. CRITICAL = sole publisher + high downloads (attack surface of axios/node-ipc incidents). ' + critical.map(r=>r.name).join(', ') + '. Report: ' + url,
-      }));
+      emit(client, 'deny',
+        '\\u{1F534} Commit blocked: ' + critical.map(r=>r.name).join(', ') + ' flagged CRITICAL\\n\\n' + lines.join('\\n') + '\\n\\n\\u2192 ' + url + rlNote,
+        'Package install blocked by Commit. CRITICAL = sole publisher + high downloads (attack surface of axios/node-ipc incidents). ' + critical.map(r=>r.name).join(', ') + '. Report: ' + url
+      );
       return;
     }
     if (high.length > 0) {
       const lines = high.map(r => '  \\u{1F7E1} ' + r.name + ' (score ' + (r.score||'?') + ') \\u2014 ' + (r.riskFlags||[]).slice(0,1).join(', '));
-      process.stdout.write(JSON.stringify({
-        permission: 'ask',
-        user_message: '\\u{1F7E1} Commit: ' + high.map(r=>r.name).join(', ') + ' scored HIGH risk\\n\\n' + lines.join('\\n') + '\\n\\nProceed? \\u2192 ' + url + rlNote,
-      }));
+      emit(client, 'ask',
+        '\\u{1F7E1} Commit: ' + high.map(r=>r.name).join(', ') + ' scored HIGH risk\\n\\n' + lines.join('\\n') + '\\n\\nProceed? \\u2192 ' + url + rlNote
+      );
       return;
     }
     // Rate-limited with no critical/high in the scored partial: still alert user.
@@ -1246,14 +1303,11 @@ async function main() {
       const head = unscored > 0
         ? '\\u26A0 Commit free limit reached \\u2014 ' + unscored + ' of ' + parsed.pkgs.length + ' package(s) NOT audited'
         : '\\u2713 ' + parsed.pkgs.join(', ') + ' look clean (free-tier audit)';
-      process.stdout.write(JSON.stringify({
-        permission: 'ask',
-        user_message: head + '\\n\\nFree API key (200/day, no card, 30s):\\n  ' + rlUrl + '\\n\\nProceed anyway?',
-      }));
+      emit(client, 'ask', head + '\\n\\nFree API key (200/day, no card, 30s):\\n  ' + rlUrl + '\\n\\nProceed anyway?');
       return;
     }
-    process.stdout.write(JSON.stringify({ permission: 'allow' }));
-  } catch { process.stdout.write(JSON.stringify({ permission: 'allow' })); }
+    emitAllow(client);
+  } catch { emitAllow(client); }
 }
 main();
 `;
@@ -1261,35 +1315,119 @@ main();
   const commitDir = path.join(os.homedir(), '.commit');
   const hookPath = path.join(commitDir, 'cursor-hook.js');
 
+  // ── Cursor config helpers ─────────────────────────────────────────────
+  function cursorHooksFile(global) {
+    const dir = global ? path.join(os.homedir(), '.cursor') : path.join(process.cwd(), '.cursor');
+    return { dir, file: path.join(dir, 'hooks.json') };
+  }
+
+  function installCursorHook(global) {
+    const { dir, file } = cursorHooksFile(global);
+    if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+    let cfg = { version: 1, hooks: {} };
+    if (fs.existsSync(file)) {
+      try { cfg = JSON.parse(fs.readFileSync(file, 'utf-8')); } catch {}
+    }
+    if (!cfg.hooks) cfg.hooks = {};
+    if (!cfg.hooks.beforeShellExecution) cfg.hooks.beforeShellExecution = [];
+    const existing = cfg.hooks.beforeShellExecution.some(h => h.command?.includes('cursor-hook.js'));
+    if (!existing) cfg.hooks.beforeShellExecution.push({ command: `node ${hookPath}` });
+    fs.writeFileSync(file, JSON.stringify(cfg, null, 2) + '\n');
+    return file;
+  }
+
+  function uninstallCursorHook(global) {
+    const { file } = cursorHooksFile(global);
+    if (!fs.existsSync(file)) return false;
+    try {
+      const cfg = JSON.parse(fs.readFileSync(file, 'utf-8'));
+      const hooks = cfg.hooks?.beforeShellExecution || [];
+      const filtered = hooks.filter(h => !h.command?.includes('cursor-hook.js'));
+      if (filtered.length === hooks.length) return false;
+      cfg.hooks.beforeShellExecution = filtered;
+      fs.writeFileSync(file, JSON.stringify(cfg, null, 2) + '\n');
+      return true;
+    } catch { return false; }
+  }
+
+  // ── Claude Code config helpers ────────────────────────────────────────
+  function claudeSettingsFile(global) {
+    const dir = global ? path.join(os.homedir(), '.claude') : path.join(process.cwd(), '.claude');
+    return { dir, file: path.join(dir, 'settings.json') };
+  }
+
+  function installClaudeHook(global) {
+    const { dir, file } = claudeSettingsFile(global);
+    if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+    let cfg = {};
+    if (fs.existsSync(file)) {
+      try { cfg = JSON.parse(fs.readFileSync(file, 'utf-8')); } catch {}
+    }
+    if (!cfg.hooks) cfg.hooks = {};
+    if (!Array.isArray(cfg.hooks.PreToolUse)) cfg.hooks.PreToolUse = [];
+
+    // Find or create the Bash matcher entry.
+    let bashEntry = cfg.hooks.PreToolUse.find(e => e.matcher === 'Bash');
+    if (!bashEntry) {
+      bashEntry = { matcher: 'Bash', hooks: [] };
+      cfg.hooks.PreToolUse.push(bashEntry);
+    }
+    if (!Array.isArray(bashEntry.hooks)) bashEntry.hooks = [];
+    const existing = bashEntry.hooks.some(h => h.command?.includes('cursor-hook.js'));
+    if (!existing) {
+      bashEntry.hooks.push({
+        type: 'command',
+        command: `node ${hookPath}`,
+        timeout: 10,
+      });
+    }
+    fs.writeFileSync(file, JSON.stringify(cfg, null, 2) + '\n');
+    return file;
+  }
+
+  function uninstallClaudeHook(global) {
+    const { file } = claudeSettingsFile(global);
+    if (!fs.existsSync(file)) return false;
+    try {
+      const cfg = JSON.parse(fs.readFileSync(file, 'utf-8'));
+      const pre = cfg.hooks?.PreToolUse || [];
+      let changed = false;
+      for (const entry of pre) {
+        if (!Array.isArray(entry.hooks)) continue;
+        const before = entry.hooks.length;
+        entry.hooks = entry.hooks.filter(h => !h.command?.includes('cursor-hook.js'));
+        if (entry.hooks.length !== before) changed = true;
+      }
+      // Drop empty Bash entries so we don't leave a dangling matcher.
+      cfg.hooks.PreToolUse = pre.filter(e => !(e.matcher === 'Bash' && (!e.hooks || e.hooks.length === 0)));
+      if (!changed) return false;
+      fs.writeFileSync(file, JSON.stringify(cfg, null, 2) + '\n');
+      return true;
+    } catch { return false; }
+  }
+
   // ── Uninstall ──────────────────────────────────────────────────────────
   if (uninstall) {
     let removed = false;
-    if (fs.existsSync(hookPath)) {
-      fs.unlinkSync(hookPath);
-      removed = true;
+    if (fs.existsSync(hookPath)) { fs.unlinkSync(hookPath); removed = true; }
+
+    // Cursor: clean both project and global, regardless of flags — be thorough.
+    for (const g of [false, true]) {
+      if (uninstallCursorHook(g)) {
+        removed = true;
+        console.log(clr(c.dim, `  Updated: ${cursorHooksFile(g).file}`));
+      }
     }
-    // Remove from hooks.json
-    for (const hooksDir of [
-      path.join(process.cwd(), '.cursor'),
-      path.join(os.homedir(), '.cursor'),
-    ]) {
-      const hooksFile = path.join(hooksDir, 'hooks.json');
-      if (fs.existsSync(hooksFile)) {
-        try {
-          const cfg = JSON.parse(fs.readFileSync(hooksFile, 'utf-8'));
-          const hooks = cfg.hooks?.beforeShellExecution || [];
-          const filtered = hooks.filter(h => !h.command?.includes('cursor-hook.js'));
-          if (filtered.length !== hooks.length) {
-            cfg.hooks.beforeShellExecution = filtered;
-            fs.writeFileSync(hooksFile, JSON.stringify(cfg, null, 2) + '\n');
-            removed = true;
-            console.log(clr(c.dim, `  Updated: ${hooksFile}`));
-          }
-        } catch {}
+    // Claude Code: same.
+    for (const g of [false, true]) {
+      if (uninstallClaudeHook(g)) {
+        removed = true;
+        console.log(clr(c.dim, `  Updated: ${claudeSettingsFile(g).file}`));
       }
     }
+
     if (removed) {
-      console.log(clr(c.green, '\n  ✓ Cursor hook uninstalled.'));
+      console.log(clr(c.green, '\n  ✓ Commit hook uninstalled (Cursor + Claude Code).'));
     } else {
       console.log(clr(c.dim, '\n  No hook found to remove.'));
     }
@@ -1302,49 +1440,33 @@ main();
   if (!fs.existsSync(commitDir)) fs.mkdirSync(commitDir, { recursive: true });
   fs.writeFileSync(hookPath, hookScript, { mode: 0o755 });
 
-  // 2. Configure hooks.json
-  const hooksDir = isGlobal
-    ? path.join(os.homedir(), '.cursor')
-    : path.join(process.cwd(), '.cursor');
-  if (!fs.existsSync(hooksDir)) fs.mkdirSync(hooksDir, { recursive: true });
-
-  const hooksFile = path.join(hooksDir, 'hooks.json');
-  let cfg = { version: 1, hooks: {} };
-  if (fs.existsSync(hooksFile)) {
-    try { cfg = JSON.parse(fs.readFileSync(hooksFile, 'utf-8')); } catch {}
-  }
-  if (!cfg.hooks) cfg.hooks = {};
-  if (!cfg.hooks.beforeShellExecution) cfg.hooks.beforeShellExecution = [];
-
-  // Avoid duplicates
-  const existing = cfg.hooks.beforeShellExecution.some(h => h.command?.includes('cursor-hook.js'));
-  if (!existing) {
-    cfg.hooks.beforeShellExecution.push({
-      command: `node ${hookPath}`,
-    });
-  }
-  fs.writeFileSync(hooksFile, JSON.stringify(cfg, null, 2) + '\n');
+  const writtenFiles = [];
+  if (installCursor) writtenFiles.push({ client: 'Cursor', file: installCursorHook(isGlobal) });
+  if (installClaude) writtenFiles.push({ client: 'Claude Code', file: installClaudeHook(isGlobal) });
 
   // 3. Report
-  console.log(clr(c.green, '\n  ✓ Cursor supply chain hook installed'));
+  const clientList = writtenFiles.map(w => w.client).join(' + ');
+  console.log(clr(c.green, `\n  ✓ Commit supply chain hook installed (${clientList})`));
   console.log();
   console.log(clr(c.bold, '  What happens now:'));
   console.log(clr(c.dim, '  Every ') + clr(c.cyan, 'npm install') + clr(c.dim, ', ') +
     clr(c.cyan, 'pip install') + clr(c.dim, ', ') + clr(c.cyan, 'cargo add') + clr(c.dim, ', and ') +
-    clr(c.cyan, 'go get') + clr(c.dim, ' in Cursor'));
+    clr(c.cyan, 'go get') + clr(c.dim, ` in ${clientList}`));
   console.log(clr(c.dim, '  is scored against Commit before it runs.'));
   console.log(clr(c.dim, '  CRITICAL packages are blocked. HIGH packages ask for confirmation.'));
   console.log();
   console.log(clr(c.bold, '  Files:'));
   console.log(clr(c.dim, `  Hook script: ${hookPath}`));
-  console.log(clr(c.dim, `  Config:      ${hooksFile}`));
+  for (const w of writtenFiles) {
+    console.log(clr(c.dim, `  ${w.client.padEnd(11)}  ${w.file}`));
+  }
   console.log();
 
   const key = await readApiKey();
   if (!key) {
     console.log(clr(c.yellow, '  ⚠ No API key found.') + clr(c.dim, ' Anonymous limit: 15 audits/day.'));
     console.log(clr(c.dim, '  Get a free key (200/day): ') + clr(c.cyan, 'poc login'));
-    console.log(clr(c.dim, '  Or: ') + clr(c.cyan, 'https://getcommit.dev/get-started?ref=cursor-hook&utm_source=cli'));
+    console.log(clr(c.dim, '  Or: ') + clr(c.cyan, 'https://getcommit.dev/get-started?ref=poc-hook&utm_source=cli'));
     console.log();
   }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "proof-of-commitment",
-  "version": "1.21.1",
+  "version": "1.22.0",
   "mcpName": "io.github.piiiico/proof-of-commitment",
   "description": "Supply chain risk scorer for npm, PyPI, Cargo, and Go packages — behavioral signals that can't be faked",
   "type": "module",