From 36262858461711bcb104896007a513691113fee8 Mon Sep 17 00:00:00 2001 From: Craig Jennings Date: Tue, 23 Jun 2026 21:13:26 -0400 Subject: feat(languages): add bash/shell bundle Shell-heavy projects had no bundle that fit. archangel and archsetup are bash repos, and installing elisp or python gave them the wrong language rules. I added languages/bash on the go bundle's shape. The bundle ships bash.md and bash-testing.md rules, a PostToolUse hook that runs shellcheck on edited shell files and blocks on a violation, a shellcheck pre-commit githook, settings.json wiring, gitignore-add.txt, and a "Bash/shell project" CLAUDE.md. The hook covers .sh, .bash, and extensionless files with a shell shebang, since the CLI tools that fill a shell repo carry no extension. shellcheck is the gate. shfmt stays out of the blocking path because shell has no canonical formatting style, and forcing tabs-vs-spaces would impose a contested choice. Both the hook and the githook are shellcheck-clean against their own rule. I extended the Makefile test target to discover languages/*/tests/*.bats, so the bundle's 8 hook tests run with the rest of the suite. The README bundle table was stale, listing elisp only. I corrected it to the five bundles now shipping. --- languages/bash/claude/hooks/validate-bash.sh | 66 ++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100755 languages/bash/claude/hooks/validate-bash.sh (limited to 'languages/bash/claude/hooks/validate-bash.sh') diff --git a/languages/bash/claude/hooks/validate-bash.sh b/languages/bash/claude/hooks/validate-bash.sh new file mode 100755 index 0000000..4e75f40 --- /dev/null +++ b/languages/bash/claude/hooks/validate-bash.sh @@ -0,0 +1,66 @@ +#!/usr/bin/env bash +# Validate shell files after Edit/Write/MultiEdit. +# PostToolUse hook: receives tool-call JSON on stdin. +# +# On success: exit 0 silent. +# On failure: emit JSON with hookSpecificOutput.additionalContext so Claude +# sees a structured error in its context, THEN exit 2 to block the tool +# pipeline. stderr still echoes the error for terminal visibility. +# +# Gate: shellcheck. It catches the bugs that define shell — unquoted +# expansions, unset variables, masked exit codes — and is the high-value, +# universally-agreed check. Formatting (shfmt) is deliberately NOT enforced +# here: shell has no single canonical style (tabs vs spaces), so blocking on +# it would impose a contested choice. bash.md recommends shfmt; this hook +# enforces correctness. +# +# Scope: .sh and .bash files, plus extensionless files whose first line is a +# sh/bash shebang (the CLI tools that fill a shell-heavy repo carry no +# extension). + +set -u + +# Emit a JSON failure payload and exit 2. Arguments: +# $1 — short failure type (e.g. "SHELLCHECK FAILED") +# $2 — file path +# $3 — tool output (error body) +fail_json() { + local ctx + ctx="$(printf '%s: %s\n\n%s\n\nFix before proceeding.' "$1" "$2" "$3" \ + | jq -Rs .)" + cat <&2 + exit 2 +} + +f="$(jq -r '.tool_input.file_path // .tool_response.filePath // empty')" +[ -z "$f" ] && exit 0 +[ -f "$f" ] || exit 0 + +# Is this a shell file? By extension, or by shebang when it has no extension. +# Match on the basename, not the full path — a temp/parent dir can carry a dot +# (e.g. validate-bash-bats.XXXX/) and misfire the "*.*" extension test. +is_shell=0 +base="${f##*/}" +case "$base" in + *.sh | *.bash) is_shell=1 ;; + *.*) is_shell=0 ;; # some other extension — not ours + *) + # No extension: sniff the shebang. + if head -1 "$f" 2>/dev/null | grep -qE '^#!.*\b(bash|sh)\b'; then + is_shell=1 + fi + ;; +esac +[ "$is_shell" -eq 1 ] || exit 0 + +# No shellcheck on this machine — nothing to validate, don't block the edit. +command -v shellcheck >/dev/null 2>&1 || exit 0 + +if ! out="$(shellcheck "$f" 2>&1)"; then + fail_json "SHELLCHECK FAILED" "$f" "$out" +fi + +exit 0 -- cgit v1.2.3