mirror of
https://github.com/affaan-m/everything-claude-code.git
synced 2026-06-11 02:33:10 +08:00
faa51fba11
The config-protection hook blocks Write/Edit on any basename in the PROTECTED_FILES set, regardless of whether the file already exists. The hook's stated purpose is to prevent agents from softening rules in an existing config — but the same code path also blocks the legitimate bootstrap case of scaffolding a linter config into a project that has none. Add an fs.existsSync check inside run(): when the basename matches a protected entry and the file does not yet exist on disk, exit 0 and let the Write proceed. Keep the exit-2 block for all modifications to existing files. Stat errors (EACCES, etc.) fail closed — we treat the path as existing so the guard is never silently weakened. Update the existing "blocks protected config file edits" test to use a real temp file so the BLOCK path is still exercised, and add two new tests covering: - first-time creation of eslint.config.mjs is allowed (exit 0, raw passthrough, no stderr) - Edit against an existing .eslintrc.js is still blocked (exit 2, no stdout, BLOCKED message in stderr) Fixes #1873