sinapse-ai 7.7.2 → 7.7.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/hooks/enforce-git-push-authority.sh +34 -2
- package/.claude/rules/safe-collaboration.md +12 -1
- package/.sinapse-ai/data/entity-registry.yaml +797 -796
- package/.sinapse-ai/infrastructure/templates/safe-collab/README.md +45 -18
- package/.sinapse-ai/infrastructure/templates/safe-collab/apply.sh +85 -0
- package/.sinapse-ai/infrastructure/templates/safe-collab/safe-collaboration-rule.md +11 -0
- package/.sinapse-ai/install-manifest.yaml +13 -9
- package/docs/ORQX-PLAN.md +3 -2
- package/package.json +1 -1
- package/scripts/ensure-manifest.js +9 -0
|
@@ -4,6 +4,7 @@
|
|
|
4
4
|
# Only meant to run when agent is NOT @devops
|
|
5
5
|
# Uses node (not jq) for JSON parsing — works on Windows/Git Bash
|
|
6
6
|
# FAIL-CLOSED: if parsing fails, blocks the command (exit 2)
|
|
7
|
+
# Hardened v2: also detects indirect execution via script files and pipes
|
|
7
8
|
|
|
8
9
|
INPUT=$(cat)
|
|
9
10
|
|
|
@@ -23,10 +24,41 @@ if [ $? -ne 0 ]; then
|
|
|
23
24
|
exit 0
|
|
24
25
|
fi
|
|
25
26
|
|
|
26
|
-
#
|
|
27
|
-
|
|
27
|
+
# Helper: deny with message
|
|
28
|
+
deny() {
|
|
28
29
|
echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"deny","permissionDecisionReason":"Git push is EXCLUSIVE to @devops agent. Activate @devops for push operations."}}'
|
|
29
30
|
exit 0
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
# 1. Direct git push (existing check)
|
|
34
|
+
if echo "$COMMAND" | grep -qiE '\bgit\s+push\b'; then
|
|
35
|
+
deny
|
|
36
|
+
fi
|
|
37
|
+
|
|
38
|
+
# 2. Indirect: bash/sh/source executing a script file that contains git push
|
|
39
|
+
SCRIPT_FILE=$(echo "$COMMAND" | grep -oP '(?:bash|sh|source|\.)\s+\K[^\s;|&]+' 2>/dev/null | head -1)
|
|
40
|
+
if [ -n "$SCRIPT_FILE" ] && [ -f "$SCRIPT_FILE" ]; then
|
|
41
|
+
if grep -qiE '\bgit\s+push\b' "$SCRIPT_FILE" 2>/dev/null; then
|
|
42
|
+
deny
|
|
43
|
+
fi
|
|
44
|
+
fi
|
|
45
|
+
|
|
46
|
+
# 3. Pipe-to-shell patterns (cat file | bash, echo cmd | sh)
|
|
47
|
+
if echo "$COMMAND" | grep -qiE '\|\s*(ba)?sh\b'; then
|
|
48
|
+
# Only block if push-related content is likely
|
|
49
|
+
if echo "$COMMAND" | grep -qiE 'push'; then
|
|
50
|
+
deny
|
|
51
|
+
fi
|
|
52
|
+
fi
|
|
53
|
+
|
|
54
|
+
# 4. eval/exec patterns with push
|
|
55
|
+
if echo "$COMMAND" | grep -qiE '\b(eval|exec)\b.*push'; then
|
|
56
|
+
deny
|
|
57
|
+
fi
|
|
58
|
+
|
|
59
|
+
# 5. node -e / python -c executing push
|
|
60
|
+
if echo "$COMMAND" | grep -qiE '(node\s+-e|python[3]?\s+-c).*push'; then
|
|
61
|
+
deny
|
|
30
62
|
fi
|
|
31
63
|
|
|
32
64
|
# Allow all other commands
|
|
@@ -44,7 +44,18 @@ The agent creates the branch. The user never needs to name it.
|
|
|
44
44
|
|
|
45
45
|
Types: `feat`, `fix`, `refactor`, `docs`, `chore`, `test`
|
|
46
46
|
|
|
47
|
-
**Detection
|
|
47
|
+
**User Detection (priority order):**
|
|
48
|
+
1. `git config user.name` -> lookup in mapping table (case-insensitive)
|
|
49
|
+
2. `$USERNAME` (Windows) or `$USER` (Unix) -> lookup in mapping table
|
|
50
|
+
3. Fallback: `dev/`
|
|
51
|
+
|
|
52
|
+
**Mapping Table:**
|
|
53
|
+
|
|
54
|
+
| git config / env var contains | Branch prefix |
|
|
55
|
+
|-------------------------------|---------------|
|
|
56
|
+
| caio (case-insensitive) | `caio/` |
|
|
57
|
+
| matheus OR soier | `soier/` |
|
|
58
|
+
| (anything else) | `dev/` |
|
|
48
59
|
|
|
49
60
|
### 3. Before Every Commit — Safety Checks (MANDATORY)
|
|
50
61
|
|