keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
151 commits 3 branches 11 tags 12 MiB
Commit graph

7 commits

Author SHA1 Message Date
KeiSei84
155d187699 refactor(kei-mcp): v0.46 — decompose safe_tools + fix CRITICAL Grok bypass 
ARCHITECTURAL FIXES (Constructor Pattern — file >200 LOC):

1. safe_tools.rs (738 LOC god-object) → safe_tools/ module (5 files):
   - mod.rs       (99 LOC) — descriptors + dispatch
   - env_guard.rs (79 LOC) — KillPgGuard RAII + apply_safe_env
   - path_guard.rs (166 LOC) — validate_path + canonicalize walk-up
   - chain_runner.rs (159 LOC) — hook chain loader/runner
   - exec.rs (222 LOC) — handle_bash/edit/write with O_NOFOLLOW

2. CRITICAL Grok bypass closed (Claude critic finding):
   - REMOVED env-based chain skip (CLAUDECODE / GROKCODE checks)
   - The skip assumed native PreToolUse would catch the call, but
     PreToolUse matchers fire on tool_name="Bash"|"Edit"|"Write" while
     MCP tools are named kei_bash/kei_edit/kei_write — so native hooks
     NEVER fire on MCP tool calls. The skip created an auth-bypass hole.
   - Chain now ALWAYS runs for kei_bash/kei_edit/kei_write.
   - Wire scripts (kei-mcp-wire-claude.sh + -grok.sh) updated: empty
     env block + comment explaining v0.46 rationale.

3. Fail-closed defaults (architecturally correct, not bandaid):
   - validate_path: empty allowed_roots() → ERROR (was silent disable)
   - load_chain: missing/empty section → ERROR unless KEI_POLICY_CHAIN_OPTIONAL=1

4. RAII guard for process-group cleanup:
   - KillPgGuard fires killpg on ANY exit path (success, error, timeout,
     panic) until explicitly disarmed. Replaces error-path-only killpg.

5. validate_path moved off tokio worker via spawn_blocking — was blocking
   syscalls in async context.

VERIFIED:
- cargo build --release → clean
- cargo test -p kei-mcp --release → 2 passed
- MCP smoke: chain fires under CLAUDECODE=1, GROKCODE=1, and no env
  (all three previously skipped; all three now block kei_bash on
  forbidden git push patterns).
- Safe commands still pass (kei_bash echo HELLO → HELLO returned).

README: substrate counts refreshed (105→110 Rust crates, v0.45→v0.46).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-27 14:00:16 +08:00
KeiSei84
4db1e1f370 feat(v0.45): onboarding wizard + 5 prod-install bugs (mirror of keigit 4bc40e8e) 2026-05-26 23:20:24 +08:00
KeiSei84
8cadcaadf3 feat(v0.44): pre-release audit — 1 CRITICAL + 4 HIGH + 4 MEDIUM patched (mirror of keigit 3b54f0b5) 2026-05-26 23:02:26 +08:00
KeiSei84
7f7fdb68d2 v0.42 from keigit 65d17007 2026-05-26 21:35:14 +08:00
KeiSei84
3099a58dd9 feat(phase-C): cross-CLI hook enforcement + v0.40.0 release (#48) 
Mirror of keigit 596e0b20. Phase C cross-CLI hook enforcement (kei_bash/kei_edit/kei_write MCP tools + 3-tier model). Release v0.40.0.
 2026-05-26 17:10:14 +07:00
KeiSei84
742822a499 feat: opt-in hook packs + stack profiles + public-prep repoint (#44) 
Mirror of keigit main — Phase 2 (abae256c) + public-prep repoint (518d95df).

Phase 2: safety on by default, discipline packs opt-in; stack profiles
(minimal/web/ml/systems/mobile) pull packs + agent sets; SSoT in
_primitives/hook-packs.toml; filter+prune via lib-hooks.sh; re-runnable
via `kei configure`; 8 hooks gated via _lib/gate.sh.

Public-prep: .gitmodules + README clone + plugin homepage + web-install.sh
repointed to github.com/KeiSeiLab. ADR in DECISIONS.md 2026-05-25.
 2026-05-26 13:26:09 +07:00
Parfii-bot
dca7985f9b fix(install): public install via keigit.com (Vultr) — no github needed 
Что меняется:
- README.md: git clone instruction → https://keigit.com/keisei/KeiSeiKit-1.0.git
  (был приватный github, внешний clone падал 404)
- .gitmodules: kei-registries submodule → keigit.com/keisei/kei-registries.git
  (был приватный github, --recurse-submodules падал)
- web-install.sh: KEISEI_REPO default → https://keigit.com/keisei/...
  (был git@github.com:KeiSeiLab/...)
- install.sh: NO_EXECUTE check ПЕРЕД check_prereqs, чтобы --no-execute
  работал без установленных зависимостей.
- install/lib-args.sh: новый флаг --skip-prereqs (SKIP_PREREQS) — для CI
  и dry-run сценариев.
- marketplace.json + plugin.json: новые манифесты (version=0.38.0 из git tag)
  для Claude Code /plugin marketplace add + install.

На keigit.com (45.77.41.204, публичный) залиты публичные репо
keisei/KeiSeiKit-1.0 + keisei/kei-registries. Anonymous git clone работает.
GitHub mirror (KeiSeiLab/*) остаётся приватным как backup.
 2026-05-18 11:47:13 +08:00