Danijel Martinek
35da40b782
Project-level Claude Code hooks committed to .claude/settings.json with scripts under .claude/hooks/. Three tiers: Tier 1 — hard guards (exit 2 to block the tool call): - bash-guard.sh: blocks bypass flags (verify-skip, sign-skip), forceful push variants, destructive resets, force clean, working-tree-wipe checkouts/restores, force branch delete, amend, and rm -rf against root or home. Reinforces CLAUDE.md Git Safety Protocol. - generator-first-nudge.sh: blocks creating a new top-level packages/<name> or apps/<name> directory by hand. Allows working inside an existing package. Reinforces the non-negotiable generator-first rule. Tier 2 — context injection (stdout becomes additional context): - session-start.sh: prints glossary, AGENTS.md, workflow CLI, and conformance pointers on session boot. - prompt-context.sh: keyword-matches the user prompt against eight concept groups (events, realtime, audit, instrumentation, manifest, workflow, DI, boundaries) and injects the relevant ADR + rule pointers for the turn. Tier 3 — side-effect automation: - post-manifest-edit.sh: when Edit/Write touches feature.manifest.ts, prints the manifest-first ordering reminder plus the per-feature verify commands. - stop-check-manifest-tests.sh: at agent Stop time, if the working tree has manifest changes but no sibling test changes, exits 2 to force continuation. Loop-guarded via stop_hook_active. All hooks are bash + jq, use CLAUDE_PROJECT_DIR for safety, and were smoke-tested end-to-end (block + allow paths both verified). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
48 lines
1.4 KiB
Bash
Executable File
48 lines
1.4 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# Tier 3 — when the agent tries to stop, check whether feature.manifest.ts
|
|
# changes have matching test changes. If manifest moved without tests,
|
|
# nudge the agent to continue (exit 2 forces continuation).
|
|
|
|
set -euo pipefail
|
|
|
|
input=$(cat)
|
|
|
|
# Loop guard — Claude Code sets stop_hook_active when a Stop hook already
|
|
# forced continuation; don't loop infinitely.
|
|
already_stopped=$(printf '%s' "$input" | jq -r '.stop_hook_active // false')
|
|
if [ "$already_stopped" = "true" ]; then
|
|
exit 0
|
|
fi
|
|
|
|
# Only run inside the repo
|
|
if ! git rev-parse --git-dir >/dev/null 2>&1; then
|
|
exit 0
|
|
fi
|
|
|
|
manifest_changed=$(git diff --name-only HEAD 2>/dev/null | grep -E 'feature\.manifest\.ts$' || true)
|
|
|
|
if [ -z "$manifest_changed" ]; then
|
|
exit 0
|
|
fi
|
|
|
|
tests_changed=$(git diff --name-only HEAD 2>/dev/null | grep -E '\.test\.(ts|tsx)$' || true)
|
|
|
|
if [ -n "$tests_changed" ]; then
|
|
exit 0
|
|
fi
|
|
|
|
cat >&2 <<EOF
|
|
[stop-check] Manifest changes detected without matching test changes:
|
|
|
|
${manifest_changed}
|
|
|
|
Manifest-first ordering says: contracts + a red test must land before
|
|
implementation. If you already shipped tests in a previous commit on this
|
|
branch (and only the manifest changed this turn), say so and re-stop —
|
|
this hook tracks unstaged + uncommitted-on-HEAD diffs only and can't tell.
|
|
|
|
Otherwise, write the sibling test file(s) for any new use case before stopping.
|
|
EOF
|
|
|
|
exit 2
|