Claude/safety checks script org oty yv#3
Merged
hyperpolymath merged 2 commits intomainfrom Apr 16, 2026
Merged
Conversation
Adds an ownership safety guard so scripts NEVER touch repositories outside
a configured allowlist of owners (defaults to ["hyperpolymath"]; edit
config/owners.config or set GIT_SCRIPTS_ALLOWED_OWNERS to add personal /
family / additional org accounts). The guard is enforced in two parallel
implementations that share the same config:
- scripts/lib/ownership_guard.sh — sourced by every shell script that
targets a single org or pushes to remotes; provides
owner_allowed/repo_allowed/assert_owner_allowed and a host-agnostic
owner extractor (works for GitHub, GitLab, Bitbucket, Gitea,
self-hosted, SSH-style, etc.).
- lib/script_manager/ownership_guard.ex — the Elixir equivalent;
exposes allowed_owners/0, owner_allowed?/1, repo_allowed?/1,
filter_allowed/1, filter_allowed_verbose/1 and assert_owner_allowed!/1.
Wired into all the scripts/modules that can mutate or affect repos:
shell: branch-protection-apply, wiki-audit, project-tabs-audit,
audit_script (per-repo filter + uses derived owner for the
Dependabot URL), update_repos (per-repo filter before push),
standardize_readmes & md_to_adoc_converter (per-repo filter).
elixir: PRProcessor.process_all/add_standard_comment (asserts org),
GitSyncer.run (filters discovered repos before push),
EstateDeployer.deploy_by_paths (filters before writing files),
DependencyFixer.fix_lithoglyph/fix_rgtv (refuses to patch when
enclosing repo is foreign-owned),
RepoCleanup (warns the external cleanup scripts are NOT bound
by the allowlist).
Also rewrites the TUI menu as two tiers with clearer item names:
[A] Audits & Reports — wiki, project metadata, contractiles,
secrets/Dependabot, health dashboard,
local-vs-remote sync verification
[B] Repository Maintenance — update repos, global git sync,
standardise READMEs, MD→AsciiDoc,
clean unicode, cleanup ops, dep fixes
[C] GitHub Operations — branch protection rulesets, mass PR
processor, gh CLI helper
[D] Estate-Wide Deployment — deploy estate standards, link
toolchains, find media repos
[E] External Tools — launch NQC, launch Invariant Path
[F] Coming Soon — dependency updater, release manager
The startup banner shows the active owner allowlist and the help and
system-status screens both surface it so it's obvious at a glance.
Note: rebuild the escript with `mix escript.build` to pick up the
Elixir-side changes; the bash-side guard is active immediately.
https://claude.ai/code/session_014ME3ph3UecQQAPQDKY2HPf
Resolves the two moderate-severity advisories Dependabot reports against the ui/ project on the default branch: - GHSA-67mh-4wv8-2f99 (esbuild dev server CORS, CWE-346, CVSS 5.3) — transitive via vite 5.x's pinned esbuild 0.21.5. - GHSA-4w7w-66w2-5vf9 (Vite path traversal in optimized deps `.map` handling, CWE-22/CWE-200) — affects vite ≤ 6.4.1. Both share the same fix path (vite ≥ 8.0.8). Vite 8 also drops esbuild in favour of rolldown, so the esbuild advisory is structurally gone rather than just patched. Verified locally: `npm install` clean, `npx vite --version` reports 8.0.8, `npm audit` reports 0 vulnerabilities, and vite.config.mjs (defineConfig with resolve.preserveSymlinks + server.proxy /api → 4077) parses unchanged under the new version. Node engine requirement (^20.19.0 || >=22.12.0) is satisfied by the existing toolchain. https://claude.ai/code/session_014ME3ph3UecQQAPQDKY2HPf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.