Skip to content

Keep Bash rewrite hook JSON parseable#223

Merged
ictechgy merged 3 commits into
mainfrom
fix/rewrite-bash-compound-sanitize
Jun 22, 2026
Merged

Keep Bash rewrite hook JSON parseable#223
ictechgy merged 3 commits into
mainfrom
fix/rewrite-bash-compound-sanitize

Conversation

@ictechgy

Copy link
Copy Markdown
Owner

Summary\n- route sanitizer-worthy compound Bash commands through context-guard-sanitize-output instead of blanket-denying shell operators\n- keep rewrite-bash diagnostics off stdout so hook harness JSON parsing remains stable\n- add regression coverage for compound sanitizer routing and stderr-only diagnostics\n\n## Verification\n- python3 scripts/sync_plugin_copies.py --check\n- targeted rewrite hook unittest cases\n- python3 scripts/prepublish_check.py\n- git diff --check

ictechgy added 3 commits June 22, 2026 17:23
Route secret-bearing compound Bash commands through the sanitizer when it is available so normal pipes keep working without contaminating hook stdout.

Constraint: Claude hook harness expects stdout to contain only hook JSON.

Rejected: Denying all shell-operator search/diff/log commands | it blocked common safe workflows such as git diff pipelines.

Confidence: high

Scope-risk: narrow

Directive: Keep rewrite-bash diagnostics on stderr and keep stdout JSON-parseable for hook harnesses.

Tested: python3 scripts/sync_plugin_copies.py --check; targeted unittest rewrite-hook cases; python3 scripts/prepublish_check.py; git diff --check

Not-tested: Live Claude Code hook harness execution outside the repository test harness.
Round 1/5; blocker fingerprint: HIGH|security|context-guard-kit/rewrite_bash_for_token_budget.py|compound-shell-operators|side-effecting compound commands bypass sanitizer.

Constraint: ultra-review-loop requires one verified atomic commit per fix group.

Rejected: Allowing every sanitizer-worthy compound command | tee/redirection/curl/control operators can branch output outside the sanitizer.

Confidence: high

Scope-risk: narrow

Directive: Only widen the compound-command allowlist with explicit tests proving no side-effecting output path bypasses the sanitizer.

Tested: python3 -m unittest targeted rewrite-hook cases; python3 scripts/prepublish_check.py; git diff --check

Not-tested: Live Claude Code hook harness execution outside the repository test harness.
Round 2/5; blocker fingerprint: HIGH|security|context-guard-kit/rewrite_bash_for_token_budget.py|safe-pipe-filter|filter env prefixes and side-effecting options bypass sanitizer.

Constraint: ultra-review-loop requires one verified atomic commit per fix group.

Rejected: Generic option acceptance for filter commands | options such as sort --output and wc --files0-from can write or read files.

Confidence: high

Scope-risk: narrow

Directive: Add command-specific tests before allowing any new pipe filter option or environment-prefixed filter segment.

Tested: python3 -m unittest targeted rewrite-hook classifier cases; python3 scripts/prepublish_check.py; git diff --check

Not-tested: Live Claude Code hook harness execution outside the repository test harness.
@ictechgy ictechgy merged commit 809ab08 into main Jun 22, 2026
3 checks passed
@ictechgy ictechgy deleted the fix/rewrite-bash-compound-sanitize branch June 22, 2026 09:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant