johba/disinto
1
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

fix: address review — whitelist /tmp, block bare force-push, improve checkout guard

Browse source 
- Guard 2: add /tmp/* to allowlist so normal temp file cleanup is not blocked
- Guard 1: block bare `git push --force` (no branch arg) since upstream may
  point to primary branch
- Guard 4: allow flags between verb and branch (`git switch --detach main`),
  escape branch name for regex safety, exclude -b/-B/-c/-C (branch creation)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
openhands 2026-03-20 00:16:57 +00:00
parent de8dcef81e
commit c8b09d1c72
1 changed files with 18 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

26
lib/hooks/on-pretooluse-guard.sh
View file

@ -26,11 +26,19 @@ command_str=$(printf '%s' "$input" | jq -r '.tool_input.command // empty' 2>/dev
[ -z "$command_str" ] && exit 0
# --- Guard 1: force push to primary branch ---
# Also blocks bare "git push --force" (no branch arg) since the upstream
# tracking branch might point to the primary branch.
if printf '%s' "$command_str" | grep -qE '\bgit\s+push\b' \
&& printf '%s' "$command_str" | grep -qE '(--force|--force-with-lease|\s-[a-zA-Z]*f)\b' \
&& printf '%s' "$command_str" | grep -qw "$primary_branch"; then
printf 'BLOCKED: Force-pushing to %s is not allowed. Push to your feature branch instead.\n' "$primary_branch"
exit 2
&& printf '%s' "$command_str" | grep -qE '(--force|--force-with-lease|\s-[a-zA-Z]*f)\b'; then
if printf '%s' "$command_str" | grep -qw "$primary_branch"; then
printf 'BLOCKED: Force-pushing to %s is not allowed. Push to your feature branch instead.\n' "$primary_branch"
exit 2
fi
# Bare force push with no explicit branch — could target primary via upstream
if ! printf '%s' "$command_str" | grep -qE '\bgit\s+push\s+\S+\s+\S'; then
printf 'BLOCKED: Bare force-push without an explicit branch is not allowed (upstream may point to %s). Specify your feature branch: git push --force-with-lease origin <branch>\n' "$primary_branch"
exit 2
fi
fi
# --- Guard 2: rm -rf outside worktree ---
@ -43,7 +51,8 @@ if [ -n "$worktree_path" ] \
[ -z "$p" ] && continue
case "$p" in
"${worktree_path}"/*|"${worktree_path}") ;; # Inside worktree — allow
/dev/*) ;; # Device paths — allow
/tmp/*|/tmp) ;; # Temp files — allow (agents use /tmp for scratch)
/dev/*) ;; # Device paths — allow
*)
printf 'BLOCKED: rm -rf targets %s which is outside the worktree (%s). Only delete files within your worktree.\n' "$p" "$worktree_path"
exit 2
@ -60,10 +69,11 @@ if printf '%s' "$command_str" | grep -qE '/pulls/[0-9]+/merge'; then
fi
# --- Guard 4: checkout/switch to primary branch ---
# Blocks: git checkout main, git switch main
# Blocks: git checkout main, git switch main, git switch --detach main, etc.
# Allows: git checkout -b branch main, git checkout -- file
if printf '%s' "$command_str" | grep -qE "\bgit\s+(checkout|switch)\s+${primary_branch}\b" \
&& ! printf '%s' "$command_str" | grep -qE '\s--\s'; then
escaped_branch=$(printf '%s' "$primary_branch" | sed 's/[.[\*^$()+?{|]/\\&/g')
if printf '%s' "$command_str" | grep -qE "\bgit\s+(checkout|switch)\s+(-[^ ]+\s+)*${escaped_branch}\b" \
&& ! printf '%s' "$command_str" | grep -qE '(\s--\s|\s-[bBcC]\s)'; then
printf 'BLOCKED: Switching to %s is not allowed. Stay on your feature branch.\n' "$primary_branch"
exit 2
fi