Skip to content

feat: add Claude Code hooks for file protection#3391

Merged
idoshamun merged 4 commits intomainfrom
feat/claude-code-hooks
Jan 4, 2026
Merged

feat: add Claude Code hooks for file protection#3391
idoshamun merged 4 commits intomainfrom
feat/claude-code-hooks

Conversation

@idoshamun
Copy link
Copy Markdown
Member

@idoshamun idoshamun commented Jan 4, 2026
edited
Loading

Summary

  • Add PreToolUse hook to block edits to sensitive files (lock files, migrations, .env, infra configs)
  • Add PostToolUse hook to auto-run eslint --fix on edited TypeScript files

Test plan

  • Verify Claude is blocked from editing protected files
  • Verify eslint runs after editing .ts files

@idoshamun
feat: add Claude Code hooks for file protection
9433963 
Add PreToolUse hook to prevent accidental edits to sensitive files:
- pnpm-lock.yaml
- .infra/Pulumi.* configs
- src/migration/ files
- .env files
- .git/ directory
@idoshamun idoshamun requested review from a team and capJavert as code owners January 4, 2026 13:15
@pulumi
Copy link
Copy Markdown

pulumi Bot commented Jan 4, 2026
edited
Loading

🍹 The Update (preview) for dailydotdev/api/prod (at d2ba73f) was successful.

Resource Changes

    Name                                                   Type                           Operation
~   vpc-native-validate-active-users-cron                  kubernetes:batch/v1:CronJob    update
~   vpc-native-update-current-streak-cron                  kubernetes:batch/v1:CronJob    update
~   vpc-native-clean-stale-user-transactions-cron          kubernetes:batch/v1:CronJob    update
~   vpc-native-deployment                                  kubernetes:apps/v1:Deployment  update
~   vpc-native-personalized-digest-cron                    kubernetes:batch/v1:CronJob    update
~   vpc-native-private-deployment                          kubernetes:apps/v1:Deployment  update
-   vpc-native-api-clickhouse-migration-a3b1718d           kubernetes:batch/v1:Job        delete
~   vpc-native-calculate-top-readers-cron                  kubernetes:batch/v1:CronJob    update
~   vpc-native-hourly-notification-cron                    kubernetes:batch/v1:CronJob    update
~   vpc-native-clean-zombie-images-cron                    kubernetes:batch/v1:CronJob    update
~   vpc-native-daily-digest-cron                           kubernetes:batch/v1:CronJob    update
~   vpc-native-clean-gifted-plus-cron                      kubernetes:batch/v1:CronJob    update
~   vpc-native-sync-subscription-with-cio-cron             kubernetes:batch/v1:CronJob    update
~   vpc-native-user-profile-updated-sync-cron              kubernetes:batch/v1:CronJob    update
~   vpc-native-update-source-tag-view-cron                 kubernetes:batch/v1:CronJob    update
~   vpc-native-update-tag-recommendations-cron             kubernetes:batch/v1:CronJob    update
~   vpc-native-check-analytics-report-cron                 kubernetes:batch/v1:CronJob    update
~   vpc-native-update-source-public-threshold-cron         kubernetes:batch/v1:CronJob    update
~   vpc-native-bg-deployment                               kubernetes:apps/v1:Deployment  update
~   vpc-native-update-tags-str-cron                        kubernetes:batch/v1:CronJob    update
~   vpc-native-clean-zombie-user-companies-cron            kubernetes:batch/v1:CronJob    update
~   vpc-native-temporal-deployment                         kubernetes:apps/v1:Deployment  update
~   vpc-native-generate-search-invites-cron                kubernetes:batch/v1:CronJob    update
~   vpc-native-personalized-digest-deployment              kubernetes:apps/v1:Deployment  update
+   vpc-native-api-db-migration-e0b54637                   kubernetes:batch/v1:Job        create
+   vpc-native-api-clickhouse-migration-e0b54637           kubernetes:batch/v1:Job        create
~   vpc-native-update-highlighted-views-cron               kubernetes:batch/v1:CronJob    update
~   vpc-native-update-trending-cron                        kubernetes:batch/v1:CronJob    update
~   vpc-native-update-views-cron                           kubernetes:batch/v1:CronJob    update
~   vpc-native-post-analytics-clickhouse-cron              kubernetes:batch/v1:CronJob    update
-   vpc-native-api-db-migration-a3b1718d                   kubernetes:batch/v1:Job        delete
~   vpc-native-ws-deployment                               kubernetes:apps/v1:Deployment  update
~   vpc-native-generic-referral-reminder-cron              kubernetes:batch/v1:CronJob    update
~   vpc-native-clean-zombie-opportunities-cron             kubernetes:batch/v1:CronJob    update
~   vpc-native-clean-zombie-users-cron                     kubernetes:batch/v1:CronJob    update
~   vpc-native-post-analytics-history-day-clickhouse-cron  kubernetes:batch/v1:CronJob    update

@idoshamun
feat: add auto-lint hook for TypeScript files
ad0314f 
Run eslint --fix on TypeScript files after Edit/Write operations.
Single-file linting keeps it fast (~100ms) without blocking workflow.
@idoshamun
docs: add PR guidelines and hooks documentation
af4652a
@idoshamun
docs: remove redundant Claude Code Hooks section from AGENTS.md
d2ba73f
@idoshamun idoshamun merged commit fb5c697 into main Jan 4, 2026
3 of 6 checks passed
@idoshamun idoshamun deleted the feat/claude-code-hooks branch January 4, 2026 14:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@capJavert capJavert Awaiting requested review from capJavert

@rebelchris rebelchris Awaiting requested review from rebelchris rebelchris was automatically assigned from dailydotdev/web-team

@omBratteng omBratteng Awaiting requested review from omBratteng omBratteng was automatically assigned from dailydotdev/web-team

@AmarTrebinjac AmarTrebinjac Awaiting requested review from AmarTrebinjac AmarTrebinjac was automatically assigned from dailydotdev/web-team

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@idoshamun