Documentation
¶
Index ¶
- Constants
- Variables
- func AliasForEvent(name hook.HookName) (string, bool)
- func BackupUserSettings(path, label string) error
- func DefaultManagedSettingsPath() string
- func DisablesAllHooks(data []byte) bool
- func HasManagedObserveHooks(data []byte) bool
- func IsGuardHookCommand(command string) bool
- func IsManagedHookCommand(command string) bool
- func IsManagedSettingsDropIn(data []byte) bool
- func ParseEventAlias(value string) (hook.HookName, bool)
- func ReadUserSettings(path string) (map[string]any, error)
- func RemoveManagedHooks(settings map[string]any) error
- func TemplateJSON(kontextBinary string) ([]byte, error)
- func UserSettingsPath() (string, error)
- func Validate(data []byte, kontextBinary string) error
- func WriteUserSettings(path string, settings map[string]any) error
- type Event
- type Handler
- type MatcherGroup
- type Settings
Constants ¶
const ( ManagedSettingsPath = "/Library/Application Support/ClaudeCode/managed-settings.json" ManagedSettingsDropInPath = "/Library/Application Support/ClaudeCode/managed-settings.d/20-kontext.json" LinuxManagedSettingsPath = "/etc/claude-code/managed-settings.json" WindowsManagedSettingsPath = `C:\Program Files\ClaudeCode\managed-settings.json` DefaultKontextBinary = "/usr/local/bin/kontext" DefaultHookTimeout = 20 )
Variables ¶
var SupportedEvents = []Event{ {Name: hook.HookSessionStart, Alias: "session-start", Async: true}, {Name: hook.HookPreToolUse, Alias: "pre-tool-use"}, {Name: hook.HookPostToolUse, Alias: "post-tool-use"}, {Name: hook.HookPostToolUseFailed, Alias: "post-tool-use-failure"}, {Name: hook.HookSessionEnd, Alias: "session-end", Async: true}, }
Functions ¶
func BackupUserSettings ¶ added in v0.9.0
BackupUserSettings copies the file aside (timestamped, same permissions) before a mutation. Missing file is a no-op.
func DefaultManagedSettingsPath ¶
func DefaultManagedSettingsPath() string
func DisablesAllHooks ¶ added in v0.12.0
func HasManagedObserveHooks ¶ added in v0.12.0
func IsGuardHookCommand ¶ added in v0.9.0
IsGuardHookCommand reports whether a hook command belongs to Kontext Guard (the local-only enforcement product). Shared with guard/cli so the two installers agree on whose entries are whose.
func IsManagedHookCommand ¶ added in v0.9.0
IsManagedHookCommand reports whether a hook command is one of OURS: the flagless managed-observe form `'<binary>' hook '<alias>'`. Guard hooks (`kontext guard hook claude-code`, `kontext hook --agent claude … --mode …`) are deliberately excluded so the two installers never touch each other's entries. Matching on the alias rather than the exact binary path means a re-run after the binary moved (brew prefix change) replaces stale entries.
func IsManagedSettingsDropIn ¶ added in v0.12.0
IsManagedSettingsDropIn reports whether data is a Kontext-owned managed settings drop-in — a file we are safe to refresh (setup) or delete (uninstall) without destroying state we don't own. It is ours iff:
- The ONLY top-level key is "hooks" — exactly what Template emits. A file carrying any other top-level field (enterprise policy, metadata, or a future Claude managed-settings key) is not solely ours, so we leave it untouched even when its hooks match.
- Every handler command is one of our flagless managed-observe hooks (IsManagedHookCommand). Matching on the alias, not the binary path, means a drop-in from an older self-serve run (a stale path after `brew upgrade`) still reads as ours.
Empty/garbage data is not ours.
func ReadUserSettings ¶ added in v0.9.0
ReadUserSettings parses the settings file into a generic map so unknown keys survive a read-merge-write round trip. A missing file is an empty map.
func RemoveManagedHooks ¶ added in v0.9.0
RemoveManagedHooks strips OUR handlers (and only ours) from the settings map, pruning groups and event keys that end up empty. Foreign hooks, including Guard's, survive untouched. Idempotent.
func TemplateJSON ¶
func UserSettingsPath ¶ added in v0.9.0
UserSettingsPath returns ~/.claude/settings.json, creating ~/.claude.
func WriteUserSettings ¶ added in v0.9.0
WriteUserSettings writes the settings back atomically (temp file + rename, so a crash mid-write can never leave a truncated settings.json behind), preserving the existing file's permission bits (a user may keep their settings private); new files are created 0600.