Skip to content

B13 — guard.py backstop recognizes GitHub's own commits (stale-ref-proof)#59

Merged
MartinMontero merged 1 commit into
mainfrom
b13/guard-github-commits
Jul 12, 2026
Merged

B13 — guard.py backstop recognizes GitHub's own commits (stale-ref-proof)#59
MartinMontero merged 1 commit into
mainfrom
b13/guard-github-commits

Conversation

@MartinMontero

Copy link
Copy Markdown
Owner

What does this PR do?

The M0-R1 scope addendum, one commit (528c54a) + tests. One precision on the ruling's wording, verified before writing: the misfiring nudge lives in the container-level ~/.claude/stop-hook-git-check.sh (user-level; this repo cannot ship a fix there — prior HOOK-LAND-v1 ruling stands). What the repo CAN fix — and what this lands — is the defense against obeying that nudge: guard.py's RULE-3 backstop keyed on author email + origin/main ancestry, both blind exactly when refs are stale or absent — the misfire condition itself.

The fix: GitHub finalizes merge/squash commits as committer noreply@github.com. Those are now intrinsically protected: the HEAD and range checks read author AND committer, so a --amend/--reset-author/filter-branch/rebase touching one is blocked with no published ref needed at all.

Tests (5, driving the real hook against fixture repos via stdin JSON, asserting exit codes):

  • agent-authored/committed HEAD → amend allowed (no ref needed)
  • GitHub merge-style HEAD → blocked with zero refs present
  • squash-style (agent author, GitHub committer) → blocked — the stale-ref-proof case
  • rebase range over a GitHub merge commit with a deliberately stale origin/main → blocked
  • same stale-ref rebase over agent-only history → allowed (no overreach)

Verification

  • npm run verify:all exit 0 — 366/366 tests (+5)
  • Zero dependencies added; no CI files touched; protected workflow set untouched
  • Note: the four false fires this session remain possible as noise (the container hook is out of repo reach) — but acting on them is now mechanically impossible even under the exact ref-staleness that triggers them.

Per the M0-R1 sequence: you merge this, then M1 begins.

🤖 Generated with Claude Code

https://claude.ai/code/session_01LVPyHAtQ1cdK76RpFasafP


Generated by Claude Code

…ef-proof (B13)

The backstop keyed on author email and origin/main ancestry; both are blind
exactly when the container stop hook misfires (stale/absent refs — four
false 'amend these' nudges on 2026-07-11 alone named GitHub merge commits).
GitHub finalizes merge/squash commits as committer noreply@github.com; those
are now INTRINSICALLY protected — HEAD and range checks both read author AND
committer, so the block holds with no published ref at all. Five tests drive
the real hook against fixture repos, including the stale-origin/main rebase
and the no-overreach case (agent-only history stays rewritable).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01LVPyHAtQ1cdK76RpFasafP
@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
✅ Deployment successful!
View logs
wecanjustbuildthings 528c54a Jul 12 2026, 11:07 AM

@MartinMontero
MartinMontero merged commit f24b93c into main Jul 12, 2026
15 checks passed
@MartinMontero
MartinMontero deleted the b13/guard-github-commits branch July 12, 2026 11:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants