zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-03-30 13:43:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: make insaits hook opt-in

Browse Source
This commit is contained in:
Affaan Mustafa
2026-03-10 20:47:09 -07:00
parent 9ea415c037
commit 9c1e8dd1e4
5 changed files with 56 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
tests/hooks/hooks.test.js
View File

@@ -203,6 +203,24 @@ async function runTests() {
}
})) passed++; else failed++;
// insaits-security-wrapper.js tests
console.log('\ninsaits-security-wrapper.js:');
if (await asyncTest('passes through input unchanged when integration is disabled', async () => {
const stdinData = JSON.stringify({
tool_name: 'Write',
tool_input: { file_path: 'src/index.ts', content: 'console.log("ok");' }
});
const result = await runScript(
path.join(scriptsDir, 'insaits-security-wrapper.js'),
stdinData,
{ ECC_ENABLE_INSAITS: '' }
);
assert.strictEqual(result.code, 0, `Exit code should be 0, got ${result.code}`);
assert.strictEqual(result.stdout, stdinData, 'Should pass stdin through unchanged');
assert.strictEqual(result.stderr, '', 'Should stay silent when integration is disabled');
})) passed++; else failed++;
// check-console-log.js tests
console.log('\ncheck-console-log.js:');
@@ -1237,6 +1255,29 @@ async function runTests() {
}
})) passed++; else failed++;
if (test('InsAIts hook is opt-in and scoped to high-signal tool inputs', () => {
const hooksPath = path.join(__dirname, '..', '..', 'hooks', 'hooks.json');
const hooks = JSON.parse(fs.readFileSync(hooksPath, 'utf8'));
const insaitsHook = hooks.hooks.PreToolUse.find(entry =>
entry.description && entry.description.includes('InsAIts')
);
assert.ok(insaitsHook, 'Should define an InsAIts PreToolUse hook');
assert.strictEqual(
insaitsHook.matcher,
'Bash|Write|Edit|MultiEdit',
'InsAIts hook should avoid matching every tool'
);
assert.ok(
insaitsHook.description.includes('ECC_ENABLE_INSAITS=1'),
'InsAIts hook should document explicit opt-in'
);
assert.ok(
insaitsHook.hooks[0].command.includes('insaits-security-wrapper.js'),
'InsAIts hook should execute through the JS wrapper'
);
})) passed++; else failed++;
// plugin.json validation
console.log('\nplugin.json Validation:');