Leo
efe8e165cf
按 leo 鐵律(2026-06-14)把插件從「直接 SQL 操作基本盤表」改寫成 「只透過基本盤 arcrun/kbdb HTTP API 讀寫」。零建表、零 migration、零 SQL。 - 新增 src/lib/kbdb-client.ts:唯一對外通道,封裝 entries/templates/records API - 新增 src/lib/templates.ts:triplet/entity template 定義(替代建表) - 改寫 21 個違規 action(triplet/graph/entity/search)→ 走 client,圖在插件層記憶體組裝 - 移除所有 migrations、D1/Vectorize/AI 綁定;embedding/語意搜尋歸基本盤 optional 模組 - index.ts 只掛 triplets/graph/entities/search 路由;基本盤路由歸 arcrun/kbdb - 測試改走 mock client(純 node);裁剪 CLAUDE.md 只留 graph 插件 + 鐵律 - 修正 SDD design.md「讀現狀推翻鐵律」的錯誤判斷(共用 D1 → API-as-Wall) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
38 lines
1.4 KiB
Bash
Executable File
38 lines
1.4 KiB
Bash
Executable File
#!/bin/bash
|
||
# .claude/hooks/pre-bash-guard-no-table.sh
|
||
# KBDB-graph PreToolUse guard for Bash
|
||
#
|
||
# 鐵律:任何人都不准動表。擋命令列層的動表(wrangler d1 execute CREATE TABLE 等)。
|
||
# 退出 code:0 = 允許 / 2 = 擋下
|
||
# 依賴:jq
|
||
|
||
set -o pipefail
|
||
INPUT=$(cat)
|
||
CMD=$(echo "$INPUT" | jq -r '.tool_input.command // ""')
|
||
|
||
block() {
|
||
cat >&2 <<EOF
|
||
❌ BLOCKED by KBDB 鐵律:任何人都不准動表
|
||
指令:${CMD}
|
||
違反:${1}
|
||
正確做法:${2}
|
||
參考:InkStoneCo/.agents/specs/matrix-rearrange/DECISION-kbdb-v3-baseplane.md
|
||
EOF
|
||
exit 2
|
||
}
|
||
|
||
# ── wrangler d1 / sqlite 執行含 CREATE/ALTER/DROP TABLE ─────────────────
|
||
if echo "$CMD" | grep -iqE '(wrangler[[:space:]]+d1|sqlite3|d1[[:space:]]+execute)' \
|
||
&& echo "$CMD" | grep -iqE '(CREATE|ALTER|DROP)[[:space:]]+TABLE'; then
|
||
block "命令列動表(wrangler d1 / sqlite)" \
|
||
"新資料類型=建 template(調基本盤 API);schema 由基本盤維護者管,插件不碰。"
|
||
fi
|
||
|
||
# ── 套用 .sql migration 檔(插件不該有 migration)──────────────────────
|
||
if echo "$CMD" | grep -iqE 'wrangler[[:space:]]+d1[[:space:]]+(migrations[[:space:]]+apply|execute[[:space:]]+--file)'; then
|
||
block "套用 migration(插件不建表、不該有 migration)" \
|
||
"插件零 migration。DB schema 屬基本盤 arcrun/kbdb,插件透過 API 存取。"
|
||
fi
|
||
|
||
exit 0
|