npm - wogiflow - Versions diffs - 2.7.0 → 2.8.0 - Mend

wogiflow 2.7.0 → 2.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/.claude/commands/wogi-audit.md +156 -8
package/.claude/commands/wogi-start.md +276 -0
package/.claude/settings.json +2 -11
package/lib/workspace-channel-server.js +19 -4
package/lib/workspace-routing.js +17 -6
package/lib/workspace.js +18 -0
package/package.json +1 -1
package/scripts/flow-audit-gates.js +766 -0
package/scripts/flow-runtime-verification.js +782 -0
package/scripts/hooks/entry/claude-code/permission-denied.js +111 -0
package/scripts/postinstall.js +64 -2

package/scripts/hooks/entry/claude-code/permission-denied.js ADDED Viewed

@@ -0,0 +1,111 @@
+#!/usr/bin/env node
+/**
+ * Wogi Flow - Claude Code PermissionDenied Hook
+ *
+ * Fires after auto-mode classifier denies a tool use.
+ * Available in Claude Code 2.1.88+.
+ *
+ * Handles:
+ * 1. Logging — tracks denied permissions for diagnostics
+ * 2. Workspace redirect — when a worker tries to access a file in another
+ *    repo, redirect via the workspace message bus instead of retrying
+ * 3. Guidance — provides actionable hints about what to do instead
+ *
+ * Return { retry: true } to tell the model it can retry the operation.
+ * Return { retry: false } (or nothing) to accept the denial.
+ */
+'use strict';
+const path = require('node:path');
+const { runHook } = require('../shared/hook-runner');
+runHook('PermissionDenied', async ({ input, parsedInput }) => {
+  const toolName = parsedInput.toolName || input.tool_name || 'unknown';
+  const toolInput = parsedInput.toolInput || input.tool_input || {};
+  const filePath = toolInput.file_path || toolInput.command || '';
+  const reason = input.denial_reason || input.reason || '';
+  // ── 1. Log the denial for diagnostics ──────────────────────
+  try {
+    const fs = require('node:fs');
+    const { PATHS } = require('../../../flow-utils');
+    const logPath = path.join(PATHS.state, 'permission-denials.json');
+    let denials = [];
+    try {
+      if (fs.existsSync(logPath)) {
+        denials = JSON.parse(fs.readFileSync(logPath, 'utf-8'));
+        if (!Array.isArray(denials)) denials = [];
+      }
+    } catch (_err) {
+      denials = [];
+    }
+    denials.push({
+      tool: toolName,
+      target: typeof filePath === 'string' ? filePath.substring(0, 200) : '',
+      reason: typeof reason === 'string' ? reason.substring(0, 200) : '',
+      timestamp: new Date().toISOString()
+    });
+    // Keep last 100 denials
+    if (denials.length > 100) denials = denials.slice(-100);
+    fs.mkdirSync(path.dirname(logPath), { recursive: true });
+    fs.writeFileSync(logPath, JSON.stringify(denials, null, 2));
+  } catch (_err) {
+    // Non-critical — don't let logging failure break the hook
+  }
+  // ── 2. Workspace redirect — cross-repo file access ─────────
+  // When a worker tries to read/write a file that belongs to another repo,
+  // redirect them to use the workspace message bus instead.
+  const isWorkspace = !!process.env.WOGI_WORKSPACE_ROOT;
+  const repoName = process.env.WOGI_REPO_NAME || '';
+  if (isWorkspace && typeof filePath === 'string' && filePath.length > 0) {
+    const workspaceRoot = process.env.WOGI_WORKSPACE_ROOT;
+    // Check if the denied path is inside the workspace but outside this repo
+    try {
+      const resolvedFile = path.resolve(filePath);
+      const resolvedRoot = path.resolve(workspaceRoot);
+      const isInsideWorkspace = resolvedFile.startsWith(resolvedRoot + path.sep);
+      const cwd = process.cwd();
+      const isOutsideOwnRepo = !resolvedFile.startsWith(cwd + path.sep) && resolvedFile !== cwd;
+      if (isInsideWorkspace && isOutsideOwnRepo) {
+        // This is a cross-repo access attempt — redirect to message bus
+        // Extract the target repo name from the path
+        const relPath = resolvedFile.substring(resolvedRoot.length + 1);
+        const targetRepo = relPath.split(path.sep)[0] || 'unknown';
+        const guidance = [
+          `Cross-repo file access denied: ${toolName} on ${path.basename(filePath)}`,
+          `Target repo: ${targetRepo} (you are: ${repoName})`,
+          '',
+          'In workspace mode, repos cannot directly access each other\'s files.',
+          `Use workspace_send_message(to: "${targetRepo}", message: "...") to ask the other repo\'s worker.`,
+          `Or use workspace_send_message(to: "manager", message: "...") to escalate to the manager.`
+        ].join('\n');
+        return {
+          __raw: true,
+          retry: false,
+          message: guidance
+        };
+      }
+    } catch (_err) {
+      // Path resolution failed — fall through to default handling
+    }
+  }
+  // ── 3. Default handling — accept denial with guidance ──────
+  // For non-workspace denials, just accept and let the model know
+  return {
+    __raw: true,
+    retry: false
+  };
+}, { failMode: 'silent' });

package/scripts/postinstall.js CHANGED Viewed

@@ -269,6 +269,8 @@ const HOOK_VERSION_MAP = {
   PostCompact: { major: 2, minor: 1, patch: 76 },
   // Hooks added in 2.1.84+
   TaskCreated: { major: 2, minor: 1, patch: 84 },
+  // Hooks added in 2.1.88+
+  PermissionDenied: { major: 2, minor: 1, patch: 88 },
 };
 /**
@@ -310,7 +312,26 @@ function versionMeetsMinimum(version, minimum) {
  * @returns {string[]} List of removed hook names
  */
 function stripUnsupportedHooks(settings, ccVersion) {
-  if (!settings || !settings.hooks || !ccVersion) return [];
+  if (!settings || !settings.hooks) return [];
+  // CRITICAL: When CC version is unknown, strip ALL hooks added after the base set (2.1.23).
+  // CC rejects the ENTIRE settings file if it encounters an unknown hook event name —
+  // this means one unsupported hook kills ALL hooks. Fail-safe: keep only the base set.
+  const BASE_HOOKS = new Set([
+    'SessionStart', 'UserPromptSubmit', 'PreToolUse', 'PostToolUse',
+    'Stop', 'SessionEnd', 'TaskCompleted'
+  ]);
+  if (!ccVersion) {
+    const removed = [];
+    for (const hookName of Object.keys(settings.hooks)) {
+      if (!BASE_HOOKS.has(hookName)) {
+        delete settings.hooks[hookName];
+        removed.push(`${hookName} (CC version unknown — keeping base hooks only)`);
+      }
+    }
+    return removed;
+  }
   const removed = [];
   for (const hookName of Object.keys(settings.hooks)) {
@@ -323,6 +344,39 @@ function stripUnsupportedHooks(settings, ccVersion) {
   return removed;
 }
+/**
+ * Dynamically inject hooks that are NOT in the base settings.json but are
+ * supported by the detected Claude Code version. These hooks are intentionally
+ * excluded from the committed settings.json because CC rejects the ENTIRE file
+ * when it encounters an unknown hook event name.
+ *
+ * @param {Object} settings - Parsed settings object (mutated in place)
+ * @param {{ major: number, minor: number, patch: number }} ccVersion
+ */
+function injectDynamicHooks(settings, ccVersion) {
+  if (!settings || !settings.hooks) return;
+  // Map of hooks to inject with their minimum version and command
+  const DYNAMIC_HOOKS = [
+    {
+      name: 'TaskCreated',
+      minVersion: { major: 2, minor: 1, patch: 84 },
+      config: [{ hooks: [{ type: 'command', command: 'node scripts/hooks/entry/claude-code/task-created.js', timeout: 5 }] }]
+    },
+    {
+      name: 'PermissionDenied',
+      minVersion: { major: 2, minor: 1, patch: 88 },
+      config: [{ hooks: [{ type: 'command', command: 'node scripts/hooks/entry/claude-code/permission-denied.js', timeout: 5 }] }]
+    }
+  ];
+  for (const hook of DYNAMIC_HOOKS) {
+    if (!settings.hooks[hook.name] && versionMeetsMinimum(ccVersion, hook.minVersion)) {
+      settings.hooks[hook.name] = hook.config;
+    }
+  }
+}
 /**
  * Rewrite hook command paths from local dev paths to package paths.
  * The package's settings.json uses local paths (node scripts/hooks/...)
@@ -404,12 +458,20 @@ function copyClaudeResources() {
         const ccVersion = detectClaudeCodeVersion();
         const removedHooks = stripUnsupportedHooks(ours, ccVersion);
         if (removedHooks.length > 0) {
-          console.log(`[wogiflow] Claude Code ${ccVersion.major}.${ccVersion.minor}.${ccVersion.patch} detected. Excluded unsupported hooks:`);
+          const versionStr = ccVersion ? `${ccVersion.major}.${ccVersion.minor}.${ccVersion.patch}` : 'unknown';
+          console.log(`[wogiflow] Claude Code ${versionStr} detected. Excluded unsupported hooks:`);
           for (const h of removedHooks) {
             console.log(`  - ${h}`);
           }
           console.log('[wogiflow] Update Claude Code for full functionality: npm i -g @anthropic-ai/claude-code@latest');
         }
+        // Dynamically inject hooks supported by this CC version but not in the base settings.json.
+        // These hooks are NOT committed to the repo to avoid breaking older CC versions.
+        if (ccVersion) {
+          injectDynamicHooks(ours, ccVersion);
+        }
         // Always update hooks (core WogiFlow functionality)
         existing.hooks = ours.hooks;
         existing._wogiFlowManaged = true;