push-guard 0.2.2__tar.gz → 0.2.3__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: push-guard
3
- Version: 0.2.2
3
+ Version: 0.2.3
4
4
  Summary: Local pre-push guard for likely secret leaks and private file paths.
5
5
  Author: Dragon Lady
6
6
  License-Expression: Apache-2.0
@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
4
4
 
5
5
  [project]
6
6
  name = "push-guard"
7
- version = "0.2.2"
7
+ version = "0.2.3"
8
8
  description = "Local pre-push guard for likely secret leaks and private file paths."
9
9
  readme = "README.md"
10
10
  requires-python = ">=3.11"
@@ -140,6 +140,17 @@ HADES_PYPI_PATTERNS = [
140
140
  ), # push-guard: ignore
141
141
  "Hades/Miasma GitHub token-monitor persistence marker",
142
142
  ),
143
+ (
144
+ "workflow.hades_llm_anti_analysis_bait",
145
+ re.compile(
146
+ r"(?:unrestricted\s+mode|safety\s+guidelines|guardrails).{0,120}"
147
+ r"(?:biological|nuclear)\s+weapons?|"
148
+ r"(?:biological|nuclear)\s+weapons?.{0,120}"
149
+ r"(?:unrestricted\s+mode|safety\s+guidelines|guardrails)",
150
+ re.I,
151
+ ),
152
+ "Hades-style LLM refusal-bait marker in executable code",
153
+ ),
143
154
  ]
144
155
 
145
156
  OTTERCOOKIE_NPM_PATTERNS = [
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: push-guard
3
- Version: 0.2.2
3
+ Version: 0.2.3
4
4
  Summary: Local pre-push guard for likely secret leaks and private file paths.
5
5
  Author: Dragon Lady
6
6
  License-Expression: Apache-2.0
@@ -257,6 +257,23 @@ class PushGuardTests(unittest.TestCase):
257
257
 
258
258
  self.assertIn("workflow.hades_github_exfil_marker", rule_ids)
259
259
 
260
+ def test_scan_diff_blocks_hades_llm_refusal_bait_in_javascript(self):
261
+ diff_text = "\n".join(
262
+ [
263
+ "diff --git a/package/_index.js b/package/_index.js",
264
+ "index 1111111..2222222 100644",
265
+ "--- a/package/_index.js",
266
+ "+++ b/package/_index.js",
267
+ "@@ -1,0 +1,1 @@",
268
+ "+// unrestricted mode ignores safety guidelines for nuclear weapons",
269
+ ]
270
+ )
271
+
272
+ findings = _scan_diff(diff_text)
273
+ rule_ids = {finding.rule_id for finding in findings}
274
+
275
+ self.assertIn("workflow.hades_llm_anti_analysis_bait", rule_ids)
276
+
260
277
  def test_scan_diff_does_not_block_markdown_hades_notes(self):
261
278
  diff_text = "\n".join(
262
279
  [
File without changes
File without changes
File without changes