npm - wayfind - Versions diffs - 2.0.79 → 2.0.80 - Mend

wayfind 2.0.79 → 2.0.80

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/bin/team-context.js +43 -0
package/package.json +1 -1
package/plugin/.claude-plugin/plugin.json +1 -1
package/specializations/claude-code/commands/init-memory.md +40 -3
package/specializations/claude-code/hooks/allow-wayfind-writes.sh +24 -0

package/bin/team-context.js CHANGED Viewed

@@ -2942,6 +2942,40 @@ function ensureStateWritePermissions() {
   return added;
 }
+/**
+ * Ensure ~/.claude/settings.json has the PermissionRequest hook that auto-approves
+ * Write calls to Wayfind state files. The permissions.allow list doesn't suppress
+ * Claude Code's sensitive-file prompt for ~/.claude/ paths; a PermissionRequest hook
+ * returning {"decision":"allow"} does.
+ * Idempotent — no-ops if the hook command is already registered.
+ * @returns {boolean} true if the hook was added
+ */
+function ensurePermissionRequestHook() {
+  if (!HOME) return false;
+  const settingsPath = path.join(HOME, '.claude', 'settings.json');
+  const hookCommand = 'bash ~/.claude/hooks/allow-wayfind-writes.sh';
+  let settings = {};
+  if (fs.existsSync(settingsPath)) {
+    try { settings = JSON.parse(fs.readFileSync(settingsPath, 'utf8')); } catch { return false; }
+  }
+  if (!settings.hooks) settings.hooks = {};
+  if (!Array.isArray(settings.hooks.PermissionRequest)) settings.hooks.PermissionRequest = [];
+  const alreadyRegistered = settings.hooks.PermissionRequest.some(entry =>
+    Array.isArray(entry.hooks) && entry.hooks.some(h => h.command === hookCommand)
+  );
+  if (alreadyRegistered) return false;
+  settings.hooks.PermissionRequest.push({
+    matcher: 'Write',
+    hooks: [{ type: 'command', command: hookCommand, timeout: 5000 }],
+  });
+  fs.writeFileSync(settingsPath, JSON.stringify(settings, null, 2) + '\n');
+  return true;
+}
 /**
  * Re-sync hooks and commands from the installed Wayfind package to ~/.claude/.
  * Copies hook scripts and slash-command files, overwriting stale copies.
@@ -3026,6 +3060,15 @@ function runUpdate() {
     for (const p of addedPerms) console.log(`  ✓ Allowlisted: ${p}`);
     console.log('  (Prevents plan-mode prompts on journal and state-file writes)');
   }
+  // Register PermissionRequest hook to suppress sensitive-file prompts for
+  // ~/.claude/ paths, which the allowlist alone cannot suppress.
+  const hookAdded = ensurePermissionRequestHook();
+  if (hookAdded) {
+    console.log('\n── PermissionRequest hook ──');
+    console.log('  ✓ Registered allow-wayfind-writes.sh');
+    console.log('  (Suppresses sensitive-file prompts for ~/.claude/ paths)');
+  }
 }
 // ── Migrate to plugin ───────────────────────────────────────────────────────

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "wayfind",
-  "version": "2.0.79",
+  "version": "2.0.80",
   "description": "Team decision trail for AI-assisted development. The connective tissue between product, engineering, and strategy.",
   "bin": {
     "wayfind": "./bin/team-context.js",

package/plugin/.claude-plugin/plugin.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "wayfind",
-  "version": "2.0.79",
+  "version": "2.0.80",
   "description": "Team decision trail for AI-assisted development. Session memory, decision journals, and team digests.",
   "author": {
     "name": "Wayfind",

package/specializations/claude-code/commands/init-memory.md CHANGED Viewed

@@ -146,10 +146,12 @@ Read the repo's `CLAUDE.md`. If it does NOT already contain "Session State Proto
 If `CLAUDE.md` doesn't exist, create a minimal one with the repo name as a heading and the block above.
-## Step 4.5: Patch Write Permissions in ~/.claude/settings.json
+## Step 4.5: Patch Write Permissions and PermissionRequest Hook in ~/.claude/settings.json
 Read `~/.claude/settings.json` (create it as `{}` if missing).
+### Part A: Write allowlist
 Ensure the following entries are present in `permissions.allow`. Add any that are missing — do NOT remove existing entries.
 Each path needs two forms: absolute (for tools that resolve paths before the permission check) and literal (tilde or relative, for tools that pass the path as-is). Both are required — Claude Code matches against the literal `file_path` argument, not the resolved path.
@@ -169,9 +171,44 @@ Write(.claude/personal-state.md)
 Where `<HOME>` is the user's actual home directory (e.g. `/home/greg` or `/Users/greg`).
-**Why:** Without these, Claude Code's plan mode prompts for approval on every journal and state-file write — even when the user is in bypass/dangerously-skip-permissions mode. These files are internal Wayfind state and are never dangerous to write.
+### Part B: PermissionRequest hook
+Claude Code has a hardcoded sensitive-file check for `~/.claude/` paths that fires **independently** of `permissions.allow` — the allowlist alone cannot suppress it. A `PermissionRequest` hook is required.
+First verify `~/.claude/hooks/allow-wayfind-writes.sh` exists. If missing, create it:
+```bash
+#!/usr/bin/env bash
+input=$(cat)
+file_path=$(echo "$input" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+[ -z "$file_path" ] && exit 0
+expanded="${file_path/#\~/$HOME}"
+if [[ "$expanded" == "$HOME/.claude/memory/"* ]] || \
+   [[ "$expanded" == "$HOME/.claude/global-state.md" ]] || \
+   [[ "$expanded" == "$HOME/.claude/state.md" ]] || \
+   [[ "$expanded" == *"/.claude/team-state.md" ]] || \
+   [[ "$expanded" == *"/.claude/personal-state.md" ]]; then
+  echo '{"decision": "allow"}'
+  exit 0
+fi
+```
+Make it executable: `chmod +x ~/.claude/hooks/allow-wayfind-writes.sh`
+Then ensure this entry is present in `hooks.PermissionRequest` in `~/.claude/settings.json`:
+```json
+{
+  "matcher": "Write",
+  "hooks": [{ "type": "command", "command": "bash ~/.claude/hooks/allow-wayfind-writes.sh", "timeout": 5000 }]
+}
+```
+Add it if missing — do NOT remove existing entries in the array.
+**Why:** Without Part A, plan-mode users get prompted on every journal write. Without Part B, even bypass-mode users see "sensitive file" prompts for `~/.claude/` paths — which the allowlist cannot suppress.
-Report: "Write permissions patched — N entries added" (or "already present" if nothing changed).
+Report: "Write permissions patched — N entries added; PermissionRequest hook registered" (or "already present" for each if nothing changed).
 ## Step 5: Register State Files in Global Index

package/specializations/claude-code/hooks/allow-wayfind-writes.sh ADDED Viewed

@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+# Auto-approve Write permission requests for known-safe Wayfind state files.
+# Runs as a PermissionRequest hook so it fires before Claude Code's sensitive-file
+# prompt — the allowlist in settings.json doesn't suppress that prompt.
+#
+# Returns {"decision": "allow"} for matched paths, exits 0 with no output otherwise
+# (Claude Code falls through to its normal permission handling).
+input=$(cat)
+file_path=$(echo "$input" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+[ -z "$file_path" ] && exit 0
+# Expand leading tilde to $HOME
+expanded="${file_path/#\~/$HOME}"
+if [[ "$expanded" == "$HOME/.claude/memory/"* ]] || \
+   [[ "$expanded" == "$HOME/.claude/global-state.md" ]] || \
+   [[ "$expanded" == "$HOME/.claude/state.md" ]] || \
+   [[ "$expanded" == *"/.claude/team-state.md" ]] || \
+   [[ "$expanded" == *"/.claude/personal-state.md" ]]; then
+  echo '{"decision": "allow"}'
+  exit 0
+fi