1use crate::compound_lexer;
2use crate::rewrite_registry;
3use std::io::Read;
4use std::sync::mpsc;
5use std::time::Duration;
6
7const HOOK_STDIN_TIMEOUT: Duration = Duration::from_secs(3);
8
9pub fn handle_observe() {
17 if is_disabled() {
18 return;
19 }
20 let Some(input) = read_stdin_with_timeout(HOOK_STDIN_TIMEOUT) else {
21 return;
22 };
23 let Some(event) = parse_observe_event(&input) else {
24 return;
25 };
26 append_radar_event(&event);
27}
28
29#[derive(serde::Serialize)]
30struct ObserveEvent {
31 ts: u64,
32 event_type: &'static str,
33 tokens: usize,
34 #[serde(skip_serializing_if = "Option::is_none")]
35 tool_name: Option<String>,
36 #[serde(skip_serializing_if = "Option::is_none")]
37 detail: Option<String>,
38 #[serde(skip_serializing_if = "Option::is_none")]
39 content: Option<String>,
40 #[serde(skip_serializing_if = "Option::is_none")]
41 model: Option<String>,
42 #[serde(skip_serializing_if = "Option::is_none")]
43 conversation_id: Option<String>,
44}
45
46const MAX_CONTENT_CHARS: usize = 50_000;
47
48fn parse_observe_event(input: &str) -> Option<ObserveEvent> {
49 let v: serde_json::Value = serde_json::from_str(input).ok()?;
50
51 let ts = std::time::SystemTime::now()
52 .duration_since(std::time::UNIX_EPOCH)
53 .unwrap_or_default()
54 .as_secs();
55
56 let model = v
57 .get("model")
58 .and_then(|m| m.as_str())
59 .filter(|m| !m.is_empty())
60 .map(String::from);
61 let conversation_id = v
62 .get("conversation_id")
63 .and_then(|c| c.as_str())
64 .filter(|c| !c.is_empty())
65 .map(String::from);
66
67 let transcript_path = v
68 .get("transcript_path")
69 .and_then(|t| t.as_str())
70 .filter(|t| !t.is_empty())
71 .map(String::from);
72
73 if let Some(ref m) = model {
74 persist_detected_model(m);
75 }
76 if let Some(ref tp) = transcript_path {
77 persist_transcript_path(tp, conversation_id.as_deref());
78 }
79
80 let mut event = detect_event_type(&v, ts)?;
81 event.model = model;
82 event.conversation_id = conversation_id;
83 Some(event)
84}
85
86fn detect_event_type(v: &serde_json::Value, ts: u64) -> Option<ObserveEvent> {
87 if let Some(result) = v.get("result_json").or_else(|| v.get("result")) {
88 let tool = v
89 .get("tool_name")
90 .and_then(|t| t.as_str())
91 .unwrap_or("unknown");
92 let tokens = estimate_tokens_json(result);
93 let content_str = match result {
94 serde_json::Value::String(s) => s.clone(),
95 other => other.to_string(),
96 };
97 return Some(ObserveEvent {
98 ts,
99 event_type: "mcp_call",
100 tokens,
101 tool_name: Some(tool.to_string()),
102 detail: v
103 .get("server_name")
104 .and_then(|s| s.as_str())
105 .map(String::from),
106 content: Some(cap_content(&content_str)),
107 model: None,
108 conversation_id: None,
109 });
110 }
111
112 if let Some(output) = v.get("output") {
113 let cmd = v
114 .get("command")
115 .and_then(|c| c.as_str())
116 .unwrap_or("")
117 .to_string();
118 let tokens = estimate_tokens_value(output);
119 let out_str = match output {
120 serde_json::Value::String(s) => s.clone(),
121 other => other.to_string(),
122 };
123 return Some(ObserveEvent {
124 ts,
125 event_type: "shell",
126 tokens,
127 tool_name: None,
128 detail: Some(truncate_str(&cmd, 80)),
129 content: Some(cap_content(&format!("$ {cmd}\n{out_str}"))),
130 model: None,
131 conversation_id: None,
132 });
133 }
134
135 if v.get("content").is_some() && v.get("file_path").is_some() {
136 let path = v
137 .get("file_path")
138 .and_then(|p| p.as_str())
139 .unwrap_or("")
140 .to_string();
141 let file_content = v.get("content").and_then(|c| c.as_str()).unwrap_or("");
142 let tokens = file_content.len() / 4;
143 return Some(ObserveEvent {
144 ts,
145 event_type: "file_read",
146 tokens,
147 tool_name: None,
148 detail: Some(truncate_str(&path, 120)),
149 content: Some(cap_content(file_content)),
150 model: None,
151 conversation_id: None,
152 });
153 }
154
155 if let Some(text) = v.get("text").and_then(|t| t.as_str()) {
156 let has_duration = v.get("duration_ms").is_some();
157 let event_type = if has_duration {
158 "thinking"
159 } else {
160 "agent_response"
161 };
162 let tokens = text.len() / 4;
163 return Some(ObserveEvent {
164 ts,
165 event_type,
166 tokens,
167 tool_name: None,
168 detail: None,
169 content: Some(cap_content(text)),
170 model: None,
171 conversation_id: None,
172 });
173 }
174
175 if let Some(prompt) = v.get("prompt").and_then(|p| p.as_str()) {
176 let tokens = prompt.len() / 4;
177 let mut full = prompt.to_string();
178 if let Some(attachments) = v.get("attachments").and_then(|a| a.as_array()) {
179 if !attachments.is_empty() {
180 full.push_str(&format!("\n\n[{} attachments]", attachments.len()));
181 for att in attachments {
182 if let Some(name) = att.get("name").and_then(|n| n.as_str()) {
183 full.push_str(&format!("\n - {name}"));
184 }
185 }
186 }
187 }
188 return Some(ObserveEvent {
189 ts,
190 event_type: "user_message",
191 tokens,
192 tool_name: None,
193 detail: v
194 .get("attachments")
195 .and_then(|a| a.as_array())
196 .map(|a| format!("{} attachments", a.len())),
197 content: Some(cap_content(&full)),
198 model: None,
199 conversation_id: None,
200 });
201 }
202
203 if v.get("tool_name").is_some() || v.get("tool_input").is_some() {
204 let tool = v
205 .get("tool_name")
206 .and_then(|t| t.as_str())
207 .unwrap_or("unknown")
208 .to_string();
209 let tokens = v.get("tool_input").map_or(0, estimate_tokens_json);
210 let input_str = v
211 .get("tool_input")
212 .map(std::string::ToString::to_string)
213 .unwrap_or_default();
214 return Some(ObserveEvent {
215 ts,
216 event_type: "native_tool",
217 tokens,
218 tool_name: Some(tool),
219 detail: None,
220 content: if input_str.is_empty() {
221 None
222 } else {
223 Some(cap_content(&input_str))
224 },
225 model: None,
226 conversation_id: None,
227 });
228 }
229
230 if v.get("session_id").is_some() {
231 return Some(ObserveEvent {
232 ts,
233 event_type: "session",
234 tokens: 0,
235 tool_name: None,
236 detail: v
237 .get("session_id")
238 .and_then(|s| s.as_str())
239 .map(String::from),
240 content: None,
241 model: None,
242 conversation_id: None,
243 });
244 }
245
246 let is_compaction = v.get("compaction").is_some()
247 || v.get("messages_count").is_some()
248 || v.get("event")
249 .and_then(|e| e.as_str())
250 .is_some_and(|e| e == "compaction" || e == "compact");
251 if is_compaction {
252 return Some(ObserveEvent {
253 ts,
254 event_type: "compaction",
255 tokens: 0,
256 tool_name: None,
257 detail: None,
258 content: None,
259 model: None,
260 conversation_id: None,
261 });
262 }
263
264 None
265}
266
267fn estimate_tokens_json(v: &serde_json::Value) -> usize {
268 match v {
269 serde_json::Value::String(s) => s.len() / 4,
270 _ => v.to_string().len() / 4,
271 }
272}
273
274fn estimate_tokens_value(v: &serde_json::Value) -> usize {
275 match v {
276 serde_json::Value::String(s) => s.len() / 4,
277 _ => v.to_string().len() / 4,
278 }
279}
280
281fn persist_detected_model(model: &str) {
282 let m = model.to_lowercase();
283 let is_bg_model = m.contains("flash")
284 || m.contains("mini")
285 || m.contains("haiku")
286 || m.contains("fast")
287 || m.contains("nano")
288 || m.contains("small");
289 if is_bg_model {
290 return;
291 }
292
293 let Ok(data_dir) = crate::core::data_dir::lean_ctx_data_dir() else {
294 return;
295 };
296 let path = data_dir.join("detected_model.json");
297 let ts = std::time::SystemTime::now()
298 .duration_since(std::time::UNIX_EPOCH)
299 .unwrap_or_default()
300 .as_secs();
301 let window = model_context_window(model);
302 let payload = serde_json::json!({
303 "model": model,
304 "window_size": window,
305 "detected_at": ts,
306 });
307 if let Ok(json) = serde_json::to_string_pretty(&payload) {
308 let tmp = path.with_extension("tmp");
309 if std::fs::write(&tmp, &json).is_ok() {
310 let _ = std::fs::rename(&tmp, &path);
311 }
312 }
313}
314
315pub fn model_context_window(model: &str) -> usize {
316 crate::core::model_registry::context_window_for_model(model)
317}
318
319pub fn load_detected_model() -> Option<(String, usize)> {
320 let data_dir = crate::core::data_dir::lean_ctx_data_dir().ok()?;
321 let path = data_dir.join("detected_model.json");
322 let content = std::fs::read_to_string(&path).ok()?;
323 let v: serde_json::Value = serde_json::from_str(&content).ok()?;
324 let model = v.get("model")?.as_str()?.to_string();
325 let window = v.get("window_size")?.as_u64()? as usize;
326 let detected_at = v.get("detected_at")?.as_u64()?;
327 let now = std::time::SystemTime::now()
328 .duration_since(std::time::UNIX_EPOCH)
329 .unwrap_or_default()
330 .as_secs();
331 if now.saturating_sub(detected_at) > 7200 {
332 return None;
333 }
334 Some((model, window))
335}
336
337fn persist_transcript_path(path: &str, conversation_id: Option<&str>) {
338 let Ok(data_dir) = crate::core::data_dir::lean_ctx_data_dir() else {
339 return;
340 };
341 let meta_path = data_dir.join("active_transcript.json");
342 let ts = std::time::SystemTime::now()
343 .duration_since(std::time::UNIX_EPOCH)
344 .unwrap_or_default()
345 .as_secs();
346 let payload = serde_json::json!({
347 "transcript_path": path,
348 "conversation_id": conversation_id,
349 "updated_at": ts,
350 });
351 if let Ok(json) = serde_json::to_string_pretty(&payload) {
352 let tmp = meta_path.with_extension("tmp");
353 if std::fs::write(&tmp, &json).is_ok() {
354 let _ = std::fs::rename(&tmp, &meta_path);
355 }
356 }
357}
358
359pub fn load_active_transcript() -> Option<(String, Option<String>)> {
360 let data_dir = crate::core::data_dir::lean_ctx_data_dir().ok()?;
361 let path = data_dir.join("active_transcript.json");
362 let content = std::fs::read_to_string(&path).ok()?;
363 let v: serde_json::Value = serde_json::from_str(&content).ok()?;
364 let tp = v.get("transcript_path")?.as_str()?.to_string();
365 let conv = v
366 .get("conversation_id")
367 .and_then(|c| c.as_str())
368 .map(String::from);
369 let updated = v.get("updated_at")?.as_u64()?;
370 let now = std::time::SystemTime::now()
371 .duration_since(std::time::UNIX_EPOCH)
372 .unwrap_or_default()
373 .as_secs();
374 if now.saturating_sub(updated) > 7200 {
375 return None;
376 }
377 Some((tp, conv))
378}
379
380fn cap_content(s: &str) -> String {
381 if s.len() <= MAX_CONTENT_CHARS {
382 s.to_string()
383 } else {
384 let truncated = safe_truncate(s, MAX_CONTENT_CHARS);
385 format!("{}…\n\n[truncated: {} total chars]", truncated, s.len())
386 }
387}
388
389fn truncate_str(s: &str, max: usize) -> String {
390 if s.len() <= max {
391 s.to_string()
392 } else {
393 format!("{}...", safe_truncate(s, max))
394 }
395}
396
397fn safe_truncate(s: &str, max: usize) -> &str {
399 if max >= s.len() {
400 return s;
401 }
402 let mut end = max;
403 while end > 0 && !s.is_char_boundary(end) {
404 end -= 1;
405 }
406 &s[..end]
407}
408
409fn append_radar_event(event: &ObserveEvent) {
410 let Ok(data_dir) = crate::core::data_dir::lean_ctx_data_dir() else {
411 return;
412 };
413 let radar_path = data_dir.join("context_radar.jsonl");
414
415 if event.event_type == "session" {
416 if let Ok(meta) = std::fs::metadata(&radar_path) {
417 const MAX_RADAR_SIZE: u64 = 10 * 1024 * 1024; if meta.len() > MAX_RADAR_SIZE {
419 let prev = data_dir.join("context_radar.prev.jsonl");
420 let _ = std::fs::rename(&radar_path, &prev);
421 }
422 }
423 }
424
425 let Ok(line) = serde_json::to_string(event) else {
426 return;
427 };
428
429 use std::fs::OpenOptions;
430 use std::io::Write;
431 if let Ok(mut f) = OpenOptions::new()
432 .create(true)
433 .append(true)
434 .open(&radar_path)
435 {
436 let _ = writeln!(f, "{line}");
437 }
438}
439
440fn is_disabled() -> bool {
441 std::env::var("LEAN_CTX_DISABLED").is_ok()
442}
443
444fn is_harden_active() -> bool {
445 matches!(std::env::var("LEAN_CTX_HARDEN"), Ok(v) if v.trim() == "1")
446}
447
448fn is_quiet() -> bool {
449 matches!(std::env::var("LEAN_CTX_QUIET"), Ok(v) if v.trim() == "1")
450}
451
452pub fn mark_hook_environment() {
455 std::env::set_var("LEAN_CTX_HOOK_CHILD", "1");
456}
457
458pub fn arm_watchdog(timeout: Duration) {
463 std::thread::spawn(move || {
464 std::thread::sleep(timeout);
465 eprintln!(
466 "[lean-ctx hook] watchdog timeout after {}s — force exit",
467 timeout.as_secs()
468 );
469 std::process::exit(1);
470 });
471}
472
473fn read_stdin_with_timeout(timeout: Duration) -> Option<String> {
475 let (tx, rx) = mpsc::channel();
476 std::thread::spawn(move || {
477 let mut buf = String::new();
478 let result = std::io::stdin().read_to_string(&mut buf);
479 let _ = tx.send(result.ok().map(|_| buf));
480 });
481 match rx.recv_timeout(timeout) {
482 Ok(Some(s)) if !s.is_empty() => Some(s),
483 _ => None,
484 }
485}
486
487fn build_dual_deny_output(reason: &str) -> String {
488 serde_json::json!({
489 "permission": "deny",
490 "reason": reason,
491 "hookSpecificOutput": {
492 "hookEventName": "PreToolUse",
493 "permissionDecision": "deny",
494 }
495 })
496 .to_string()
497}
498
499fn build_dual_allow_output() -> String {
500 serde_json::json!({
501 "permission": "allow",
502 "hookSpecificOutput": {
503 "hookEventName": "PreToolUse",
504 "permissionDecision": "allow"
505 }
506 })
507 .to_string()
508}
509
510fn build_dual_rewrite_output(tool_input: Option<&serde_json::Value>, rewritten: &str) -> String {
511 let updated_input = if let Some(obj) = tool_input.and_then(|v| v.as_object()) {
512 let mut m = obj.clone();
513 m.insert(
514 "command".to_string(),
515 serde_json::Value::String(rewritten.to_string()),
516 );
517 serde_json::Value::Object(m)
518 } else {
519 serde_json::json!({ "command": rewritten })
520 };
521
522 serde_json::json!({
523 "permission": "allow",
525 "updated_input": updated_input,
526 "hookSpecificOutput": {
528 "hookEventName": "PreToolUse",
529 "permissionDecision": "allow",
530 "updatedInput": {
531 "command": rewritten
532 }
533 }
534 })
535 .to_string()
536}
537
538pub fn handle_rewrite() {
539 if is_disabled() {
540 return;
541 }
542 let binary = resolve_binary();
543 let Some(input) = read_stdin_with_timeout(HOOK_STDIN_TIMEOUT) else {
544 return;
545 };
546
547 let v: serde_json::Value = if let Ok(v) = serde_json::from_str(&input) {
548 v
549 } else {
550 print!("{}", build_dual_deny_output("invalid JSON hook payload"));
551 return;
552 };
553
554 let tool = v.get("tool_name").and_then(|t| t.as_str());
555 let Some(tool_name) = tool else {
556 return;
557 };
558
559 let is_shell_tool = matches!(
561 tool_name,
562 "Bash" | "bash" | "Shell" | "shell" | "runInTerminal" | "run_in_terminal" | "terminal"
563 );
564 if !is_shell_tool {
565 return;
566 }
567
568 let tool_input = v.get("tool_input");
569 let Some(cmd) = tool_input
570 .and_then(|ti| ti.get("command"))
571 .and_then(|c| c.as_str())
572 .or_else(|| v.get("command").and_then(|c| c.as_str()))
573 else {
574 return;
575 };
576
577 if let Some(rewritten) = rewrite_candidate(cmd, &binary) {
578 print!("{}", build_dual_rewrite_output(tool_input, &rewritten));
579 } else {
580 print!("{}", build_dual_allow_output());
582 }
583}
584
585fn is_rewritable(cmd: &str) -> bool {
586 rewrite_registry::is_rewritable_command(cmd)
587}
588
589fn wrap_single_command(cmd: &str, binary: &str) -> String {
590 let shell_escaped = cmd.replace('\'', "'\\''");
591 format!("{binary} -c '{shell_escaped}'")
592}
593
594fn rewrite_candidate(cmd: &str, binary: &str) -> Option<String> {
595 if cmd.starts_with("lean-ctx ") || cmd.starts_with(&format!("{binary} ")) {
596 return None;
597 }
598
599 if cmd.contains("<<") {
602 return None;
603 }
604
605 if let Some(rewritten) = rewrite_file_read_command(cmd, binary) {
606 return Some(rewritten);
607 }
608
609 if let Some(rewritten) = rewrite_search_command(cmd, binary) {
610 return Some(rewritten);
611 }
612
613 if let Some(rewritten) = rewrite_dir_list_command(cmd, binary) {
614 return Some(rewritten);
615 }
616
617 if let Some(rewritten) = build_rewrite_compound(cmd, binary) {
618 return Some(rewritten);
619 }
620
621 if is_rewritable(cmd) {
622 return Some(wrap_single_command(cmd, binary));
623 }
624
625 None
626}
627
628fn rewrite_file_read_command(cmd: &str, binary: &str) -> Option<String> {
630 if !rewrite_registry::is_file_read_command(cmd) {
631 return None;
632 }
633
634 let parts: Vec<&str> = cmd.split_whitespace().collect();
635 if parts.len() < 2 {
636 return None;
637 }
638
639 match parts[0] {
640 "cat" => {
641 let path = parts[1..].join(" ");
642 Some(format!("{binary} read {path}"))
643 }
644 "head" => {
645 let (n, path) = parse_head_tail_args(&parts[1..]);
646 let path = path?;
647 match n {
648 Some(lines) => Some(format!("{binary} read {path} -m lines:1-{lines}")),
649 None => Some(format!("{binary} read {path} -m lines:1-10")),
650 }
651 }
652 "tail" => {
653 let (n, path) = parse_head_tail_args(&parts[1..]);
654 let path = path?;
655 let lines = n.unwrap_or(10);
656 Some(format!("{binary} read {path} -m lines:-{lines}"))
657 }
658 _ => None,
659 }
660}
661
662fn rewrite_search_command(cmd: &str, binary: &str) -> Option<String> {
666 let parts: Vec<&str> = cmd.split_whitespace().collect();
667 if parts.first().copied() != Some("rg") {
668 return None;
669 }
670 if parts.len() < 2 {
671 return None;
672 }
673 if parts[1].starts_with('-') {
674 return None;
675 }
676 if parts.len() > 3 {
677 return None;
678 }
679 let pattern = parts[1];
680 let path = parts.get(2).copied();
681 match path {
682 Some(p) if p.starts_with('-') => None,
683 Some(p) => Some(format!("{binary} grep {pattern} {p}")),
684 None => Some(format!("{binary} grep {pattern}")),
685 }
686}
687
688fn rewrite_dir_list_command(cmd: &str, binary: &str) -> Option<String> {
692 let parts: Vec<&str> = cmd.split_whitespace().collect();
693 if parts.first().copied() != Some("ls") {
694 return None;
695 }
696 match parts.len() {
697 1 => Some(format!("{binary} ls")),
698 2 if !parts[1].starts_with('-') => Some(format!("{binary} ls {}", parts[1])),
699 _ => None,
700 }
701}
702
703fn parse_head_tail_args<'a>(args: &[&'a str]) -> (Option<usize>, Option<&'a str>) {
704 let mut n: Option<usize> = None;
705 let mut path: Option<&str> = None;
706
707 let mut i = 0;
708 while i < args.len() {
709 if args[i] == "-n" && i + 1 < args.len() {
710 n = args[i + 1].parse().ok();
711 i += 2;
712 } else if let Some(num) = args[i].strip_prefix("-n") {
713 n = num.parse().ok();
714 i += 1;
715 } else if args[i].starts_with('-') && args[i].len() > 1 {
716 if let Ok(num) = args[i][1..].parse::<usize>() {
717 n = Some(num);
718 }
719 i += 1;
720 } else {
721 path = Some(args[i]);
722 i += 1;
723 }
724 }
725
726 (n, path)
727}
728
729fn build_rewrite_compound(cmd: &str, binary: &str) -> Option<String> {
730 compound_lexer::rewrite_compound(cmd, |segment| {
731 if segment.starts_with("lean-ctx ") || segment.starts_with(&format!("{binary} ")) {
732 return None;
733 }
734 if is_rewritable(segment) {
735 Some(wrap_single_command(segment, binary))
736 } else {
737 None
738 }
739 })
740}
741
742fn emit_rewrite(rewritten: &str) {
743 let json_escaped = rewritten.replace('\\', "\\\\").replace('"', "\\\"");
744 print!(
745 "{{\"hookSpecificOutput\":{{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"updatedInput\":{{\"command\":\"{json_escaped}\"}}}}}}"
746 );
747}
748
749pub fn handle_redirect() {
750 if is_disabled() {
751 let _ = read_stdin_with_timeout(HOOK_STDIN_TIMEOUT);
752 print!("{}", build_dual_allow_output());
753 return;
754 }
755
756 let Some(input) = read_stdin_with_timeout(HOOK_STDIN_TIMEOUT) else {
757 return;
758 };
759
760 let Ok(v) = serde_json::from_str::<serde_json::Value>(&input) else {
761 print!("{}", build_dual_deny_output("invalid JSON hook payload"));
762 return;
763 };
764
765 let tool_name = v.get("tool_name").and_then(|t| t.as_str()).unwrap_or("");
766 let tool_input = v.get("tool_input");
767
768 match tool_name {
769 "Read" | "read" | "read_file" => redirect_read(tool_input),
770 "Grep" | "grep" | "search" | "ripgrep" => redirect_grep(tool_input),
771 _ => print!("{}", build_dual_allow_output()),
772 }
773}
774
775fn redirect_read(tool_input: Option<&serde_json::Value>) {
779 let path = tool_input
780 .and_then(|ti| ti.get("path"))
781 .and_then(|p| p.as_str())
782 .unwrap_or("");
783
784 if path.is_empty() || should_passthrough(path) {
785 print!("{}", build_dual_allow_output());
786 return;
787 }
788
789 if is_harden_active() {
790 print!(
791 "{}",
792 build_dual_deny_output(
793 "Use ctx_read instead of native Read. lean-ctx harden mode is active."
794 )
795 );
796 return;
797 }
798
799 let binary = resolve_binary();
800 let temp_path = redirect_temp_path(path);
801
802 if let Some(output) = run_with_timeout(&binary, &["read", path], REDIRECT_SUBPROCESS_TIMEOUT) {
803 if !output.is_empty() && std::fs::write(&temp_path, &output).is_ok() {
804 let temp_str = temp_path.to_str().unwrap_or("");
805 print!("{}", build_redirect_output(tool_input, "path", temp_str));
806 return;
807 }
808 }
809
810 print!("{}", build_dual_allow_output());
811}
812
813fn redirect_grep(tool_input: Option<&serde_json::Value>) {
815 let pattern = tool_input
816 .and_then(|ti| ti.get("pattern"))
817 .and_then(|p| p.as_str())
818 .unwrap_or("");
819 let search_path = tool_input
820 .and_then(|ti| ti.get("path"))
821 .and_then(|p| p.as_str())
822 .unwrap_or(".");
823
824 if pattern.is_empty() {
825 print!("{}", build_dual_allow_output());
826 return;
827 }
828
829 if is_harden_active() {
830 print!(
831 "{}",
832 build_dual_deny_output(
833 "Use ctx_search instead of native Grep. lean-ctx harden mode is active."
834 )
835 );
836 return;
837 }
838
839 let binary = resolve_binary();
840 let key = format!("grep:{pattern}:{search_path}");
841 let temp_path = redirect_temp_path(&key);
842
843 if let Some(output) = run_with_timeout(
844 &binary,
845 &["grep", pattern, search_path],
846 REDIRECT_SUBPROCESS_TIMEOUT,
847 ) {
848 if !output.is_empty() && std::fs::write(&temp_path, &output).is_ok() {
849 let temp_str = temp_path.to_str().unwrap_or("");
850 print!("{}", build_redirect_output(tool_input, "path", temp_str));
851 return;
852 }
853 }
854
855 print!("{}", build_dual_allow_output());
856}
857
858const REDIRECT_SUBPROCESS_TIMEOUT: Duration = Duration::from_secs(10);
859
860fn run_with_timeout(binary: &str, args: &[&str], timeout: Duration) -> Option<Vec<u8>> {
863 let mut child = std::process::Command::new(binary)
864 .args(args)
865 .stdout(std::process::Stdio::piped())
866 .stderr(std::process::Stdio::null())
867 .spawn()
868 .ok()?;
869
870 let deadline = std::time::Instant::now() + timeout;
871 loop {
872 match child.try_wait() {
873 Ok(Some(status)) if status.success() => {
874 let mut stdout = Vec::new();
875 if let Some(mut out) = child.stdout.take() {
876 let _ = out.read_to_end(&mut stdout);
877 }
878 return if stdout.is_empty() {
879 None
880 } else {
881 Some(stdout)
882 };
883 }
884 Ok(Some(_)) | Err(_) => return None,
885 Ok(None) => {
886 if std::time::Instant::now() > deadline {
887 let _ = child.kill();
888 let _ = child.wait();
889 return None;
890 }
891 std::thread::sleep(Duration::from_millis(10));
892 }
893 }
894 }
895}
896
897fn redirect_temp_path(key: &str) -> std::path::PathBuf {
898 use std::collections::hash_map::DefaultHasher;
899 use std::hash::{Hash, Hasher};
900
901 let mut hasher = DefaultHasher::new();
902 key.hash(&mut hasher);
903 std::process::id().hash(&mut hasher);
904 let hash = hasher.finish();
905
906 let temp_dir = std::env::temp_dir().join("lean-ctx-hook");
907 let _ = std::fs::create_dir_all(&temp_dir);
908 #[cfg(unix)]
909 {
910 use std::os::unix::fs::PermissionsExt;
911 let _ = std::fs::set_permissions(&temp_dir, std::fs::Permissions::from_mode(0o700));
912 }
913 temp_dir.join(format!("{hash:016x}.lctx"))
914}
915
916fn build_redirect_output(
917 tool_input: Option<&serde_json::Value>,
918 field: &str,
919 temp_path: &str,
920) -> String {
921 let updated_input = if let Some(obj) = tool_input.and_then(|v| v.as_object()) {
922 let mut m = obj.clone();
923 m.insert(
924 field.to_string(),
925 serde_json::Value::String(temp_path.to_string()),
926 );
927 serde_json::Value::Object(m)
928 } else {
929 serde_json::json!({ field: temp_path })
930 };
931
932 serde_json::json!({
933 "permission": "allow",
934 "updated_input": updated_input,
935 "hookSpecificOutput": {
936 "hookEventName": "PreToolUse",
937 "permissionDecision": "allow",
938 "updatedInput": { field: temp_path }
939 }
940 })
941 .to_string()
942}
943
944const PASSTHROUGH_SUBSTRINGS: &[&str] = &[
945 ".cursorrules",
946 ".cursor/rules",
947 ".cursor/hooks",
948 "skill.md",
949 "agents.md",
950 ".env",
951 "hooks.json",
952 "node_modules",
953];
954
955const PASSTHROUGH_EXTENSIONS: &[&str] = &[
956 "lock", "png", "jpg", "jpeg", "gif", "webp", "pdf", "ico", "svg", "woff", "woff2", "ttf", "eot",
957];
958
959fn should_passthrough(path: &str) -> bool {
960 let p = path.to_lowercase();
961
962 if PASSTHROUGH_SUBSTRINGS.iter().any(|s| p.contains(s)) {
963 return true;
964 }
965
966 std::path::Path::new(&p)
967 .extension()
968 .and_then(|ext| ext.to_str())
969 .is_some_and(|ext| {
970 PASSTHROUGH_EXTENSIONS
971 .iter()
972 .any(|e| ext.eq_ignore_ascii_case(e))
973 })
974}
975
976fn codex_reroute_message(rewritten: &str) -> String {
977 format!(
978 "Command should run via lean-ctx for compact output. Do not retry the original command. Re-run with: {rewritten}"
979 )
980}
981
982pub fn handle_codex_pretooluse() {
983 if is_disabled() {
984 return;
985 }
986 let binary = resolve_binary();
987 let Some(input) = read_stdin_with_timeout(HOOK_STDIN_TIMEOUT) else {
988 return;
989 };
990
991 let tool = extract_json_field(&input, "tool_name");
992 if !matches!(tool.as_deref(), Some("Bash" | "bash")) {
993 return;
994 }
995
996 let Some(cmd) = extract_json_field(&input, "command") else {
997 return;
998 };
999
1000 if let Some(rewritten) = rewrite_candidate(&cmd, &binary) {
1001 if is_quiet() {
1002 eprintln!("Re-run: {rewritten}");
1003 } else {
1004 eprintln!("{}", codex_reroute_message(&rewritten));
1005 }
1006 std::process::exit(2);
1007 }
1008}
1009
1010pub fn handle_codex_session_start() {
1011 if is_quiet() {
1012 return;
1013 }
1014 println!(
1015 "For shell commands matched by lean-ctx compression rules, prefer `lean-ctx -c \"<command>\"`. If a Bash call is blocked, rerun it with the exact command suggested by the hook."
1016 );
1017}
1018
1019pub fn handle_copilot() {
1023 if is_disabled() {
1024 return;
1025 }
1026 let binary = resolve_binary();
1027 let Some(input) = read_stdin_with_timeout(HOOK_STDIN_TIMEOUT) else {
1028 return;
1029 };
1030
1031 let tool = extract_json_field(&input, "tool_name");
1032 let Some(tool_name) = tool.as_deref() else {
1033 return;
1034 };
1035
1036 let is_shell_tool = matches!(
1037 tool_name,
1038 "Bash" | "bash" | "runInTerminal" | "run_in_terminal" | "terminal" | "shell"
1039 );
1040 if !is_shell_tool {
1041 return;
1042 }
1043
1044 let Some(cmd) = extract_json_field(&input, "command") else {
1045 return;
1046 };
1047
1048 if let Some(rewritten) = rewrite_candidate(&cmd, &binary) {
1049 emit_rewrite(&rewritten);
1050 }
1051}
1052
1053pub fn handle_rewrite_inline() {
1058 if is_disabled() {
1059 return;
1060 }
1061 let binary = resolve_binary_native();
1062 let args: Vec<String> = std::env::args().collect();
1063 if args.len() < 4 {
1065 return;
1066 }
1067 let cmd = args[3..].join(" ");
1068
1069 if let Some(rewritten) = rewrite_candidate(&cmd, &binary) {
1070 print!("{rewritten}");
1071 return;
1072 }
1073
1074 if cmd.starts_with("lean-ctx ") || cmd.starts_with(&format!("{binary} ")) {
1075 print!("{cmd}");
1076 return;
1077 }
1078
1079 print!("{cmd}");
1080}
1081
1082fn resolve_binary() -> String {
1083 let path = crate::core::portable_binary::resolve_portable_binary();
1084 crate::hooks::to_bash_compatible_path(&path)
1085}
1086
1087fn resolve_binary_native() -> String {
1088 crate::core::portable_binary::resolve_portable_binary()
1089}
1090
1091fn extract_json_field(input: &str, field: &str) -> Option<String> {
1092 let key = format!("\"{field}\":");
1093 let key_pos = input.find(&key)?;
1094 let after_colon = &input[key_pos + key.len()..];
1095 let trimmed = after_colon.trim_start();
1096 if !trimmed.starts_with('"') {
1097 return None;
1098 }
1099 let rest = &trimmed[1..];
1100 let bytes = rest.as_bytes();
1101 let mut end = 0;
1102 while end < bytes.len() {
1103 if bytes[end] == b'\\' && end + 1 < bytes.len() {
1104 end += 2;
1105 continue;
1106 }
1107 if bytes[end] == b'"' {
1108 break;
1109 }
1110 end += 1;
1111 }
1112 if end >= bytes.len() {
1113 return None;
1114 }
1115 let raw = &rest[..end];
1116 Some(raw.replace("\\\"", "\"").replace("\\\\", "\\"))
1117}
1118
1119#[cfg(test)]
1120mod tests {
1121 use super::*;
1122
1123 #[test]
1124 fn is_rewritable_basic() {
1125 assert!(is_rewritable("git status"));
1126 assert!(is_rewritable("cargo test --lib"));
1127 assert!(is_rewritable("npm run build"));
1128 assert!(!is_rewritable("echo hello"));
1129 assert!(!is_rewritable("cd src"));
1130 assert!(!is_rewritable("cat file.rs"));
1131 }
1132
1133 #[test]
1134 fn file_read_rewrite_cat() {
1135 let r = rewrite_file_read_command("cat src/main.rs", "lean-ctx");
1136 assert_eq!(r, Some("lean-ctx read src/main.rs".to_string()));
1137 }
1138
1139 #[test]
1140 fn file_read_rewrite_head_with_n() {
1141 let r = rewrite_file_read_command("head -n 20 src/main.rs", "lean-ctx");
1142 assert_eq!(
1143 r,
1144 Some("lean-ctx read src/main.rs -m lines:1-20".to_string())
1145 );
1146 }
1147
1148 #[test]
1149 fn file_read_rewrite_head_short() {
1150 let r = rewrite_file_read_command("head -50 src/main.rs", "lean-ctx");
1151 assert_eq!(
1152 r,
1153 Some("lean-ctx read src/main.rs -m lines:1-50".to_string())
1154 );
1155 }
1156
1157 #[test]
1158 fn file_read_rewrite_tail() {
1159 let r = rewrite_file_read_command("tail -n 10 src/main.rs", "lean-ctx");
1160 assert_eq!(
1161 r,
1162 Some("lean-ctx read src/main.rs -m lines:-10".to_string())
1163 );
1164 }
1165
1166 #[test]
1167 fn file_read_rewrite_not_git() {
1168 assert_eq!(rewrite_file_read_command("git status", "lean-ctx"), None);
1169 }
1170
1171 #[test]
1172 fn parse_head_tail_args_basic() {
1173 let (n, path) = parse_head_tail_args(&["-n", "20", "file.rs"]);
1174 assert_eq!(n, Some(20));
1175 assert_eq!(path, Some("file.rs"));
1176 }
1177
1178 #[test]
1179 fn parse_head_tail_args_combined() {
1180 let (n, path) = parse_head_tail_args(&["-n20", "file.rs"]);
1181 assert_eq!(n, Some(20));
1182 assert_eq!(path, Some("file.rs"));
1183 }
1184
1185 #[test]
1186 fn parse_head_tail_args_short_flag() {
1187 let (n, path) = parse_head_tail_args(&["-50", "file.rs"]);
1188 assert_eq!(n, Some(50));
1189 assert_eq!(path, Some("file.rs"));
1190 }
1191
1192 #[test]
1193 fn should_passthrough_rules_files() {
1194 assert!(should_passthrough("/home/user/.cursorrules"));
1195 assert!(should_passthrough("/project/.cursor/rules/test.mdc"));
1196 assert!(should_passthrough("/home/.cursor/hooks/hooks.json"));
1197 assert!(should_passthrough("/project/SKILL.md"));
1198 assert!(should_passthrough("/project/AGENTS.md"));
1199 assert!(should_passthrough("/project/icon.png"));
1200 assert!(!should_passthrough("/project/src/main.rs"));
1201 assert!(!should_passthrough("/project/src/lib.ts"));
1202 }
1203
1204 #[test]
1205 fn wrap_single() {
1206 let r = wrap_single_command("git status", "lean-ctx");
1207 assert_eq!(r, "lean-ctx -c 'git status'");
1208 }
1209
1210 #[test]
1211 fn wrap_with_quotes() {
1212 let r = wrap_single_command(r#"curl -H "Auth" https://api.com"#, "lean-ctx");
1213 assert_eq!(r, r#"lean-ctx -c 'curl -H "Auth" https://api.com'"#);
1214 }
1215
1216 #[test]
1217 fn rewrite_candidate_returns_none_for_existing_lean_ctx_command() {
1218 assert_eq!(
1219 rewrite_candidate("lean-ctx -c git status", "lean-ctx"),
1220 None
1221 );
1222 }
1223
1224 #[test]
1225 fn rewrite_candidate_wraps_single_command() {
1226 assert_eq!(
1227 rewrite_candidate("git status", "lean-ctx"),
1228 Some("lean-ctx -c 'git status'".to_string())
1229 );
1230 }
1231
1232 #[test]
1233 fn rewrite_candidate_passes_through_heredoc() {
1234 assert_eq!(
1235 rewrite_candidate(
1236 "git commit -m \"$(cat <<'EOF'\nfix: something\nEOF\n)\"",
1237 "lean-ctx"
1238 ),
1239 None
1240 );
1241 }
1242
1243 #[test]
1244 fn rewrite_candidate_passes_through_heredoc_compound() {
1245 assert_eq!(
1246 rewrite_candidate(
1247 "git add . && git commit -m \"$(cat <<EOF\nfeat: add\nEOF\n)\"",
1248 "lean-ctx"
1249 ),
1250 None
1251 );
1252 }
1253
1254 #[test]
1255 fn codex_reroute_message_includes_exact_rewritten_command() {
1256 let message = codex_reroute_message("lean-ctx -c 'git status'");
1257 assert_eq!(
1258 message,
1259 "Command should run via lean-ctx for compact output. Do not retry the original command. Re-run with: lean-ctx -c 'git status'"
1260 );
1261 }
1262
1263 #[test]
1264 fn compound_rewrite_and_chain() {
1265 let result = build_rewrite_compound("cd src && git status && echo done", "lean-ctx");
1266 assert_eq!(
1267 result,
1268 Some("cd src && lean-ctx -c 'git status' && echo done".into())
1269 );
1270 }
1271
1272 #[test]
1273 fn compound_rewrite_pipe() {
1274 let result = build_rewrite_compound("git log --oneline | head -5", "lean-ctx");
1275 assert_eq!(
1276 result,
1277 Some("lean-ctx -c 'git log --oneline' | head -5".into())
1278 );
1279 }
1280
1281 #[test]
1282 fn compound_rewrite_no_match() {
1283 let result = build_rewrite_compound("cd src && echo done", "lean-ctx");
1284 assert_eq!(result, None);
1285 }
1286
1287 #[test]
1288 fn compound_rewrite_multiple_rewritable() {
1289 let result = build_rewrite_compound("git add . && cargo test && npm run lint", "lean-ctx");
1290 assert_eq!(
1291 result,
1292 Some(
1293 "lean-ctx -c 'git add .' && lean-ctx -c 'cargo test' && lean-ctx -c 'npm run lint'"
1294 .into()
1295 )
1296 );
1297 }
1298
1299 #[test]
1300 fn compound_rewrite_semicolons() {
1301 let result = build_rewrite_compound("git add .; git commit -m 'fix'", "lean-ctx");
1302 assert_eq!(
1303 result,
1304 Some("lean-ctx -c 'git add .' ; lean-ctx -c 'git commit -m '\\''fix'\\'''".into())
1305 );
1306 }
1307
1308 #[test]
1309 fn compound_rewrite_or_chain() {
1310 let result = build_rewrite_compound("git pull || echo failed", "lean-ctx");
1311 assert_eq!(result, Some("lean-ctx -c 'git pull' || echo failed".into()));
1312 }
1313
1314 #[test]
1315 fn compound_skips_already_rewritten() {
1316 let result = build_rewrite_compound("lean-ctx -c git status && git diff", "lean-ctx");
1317 assert_eq!(
1318 result,
1319 Some("lean-ctx -c git status && lean-ctx -c 'git diff'".into())
1320 );
1321 }
1322
1323 #[test]
1324 fn single_command_not_compound() {
1325 let result = build_rewrite_compound("git status", "lean-ctx");
1326 assert_eq!(result, None);
1327 }
1328
1329 #[test]
1330 fn extract_field_works() {
1331 let input = r#"{"tool_name":"Bash","command":"git status"}"#;
1332 assert_eq!(
1333 extract_json_field(input, "tool_name"),
1334 Some("Bash".to_string())
1335 );
1336 assert_eq!(
1337 extract_json_field(input, "command"),
1338 Some("git status".to_string())
1339 );
1340 }
1341
1342 #[test]
1343 fn extract_field_with_spaces_after_colon() {
1344 let input = r#"{"tool_name": "Bash", "tool_input": {"command": "git status"}}"#;
1345 assert_eq!(
1346 extract_json_field(input, "tool_name"),
1347 Some("Bash".to_string())
1348 );
1349 assert_eq!(
1350 extract_json_field(input, "command"),
1351 Some("git status".to_string())
1352 );
1353 }
1354
1355 #[test]
1356 fn extract_field_pretty_printed() {
1357 let input = "{\n \"tool_name\": \"Bash\",\n \"tool_input\": {\n \"command\": \"npm test\"\n }\n}";
1358 assert_eq!(
1359 extract_json_field(input, "tool_name"),
1360 Some("Bash".to_string())
1361 );
1362 assert_eq!(
1363 extract_json_field(input, "command"),
1364 Some("npm test".to_string())
1365 );
1366 }
1367
1368 #[test]
1369 fn extract_field_handles_escaped_quotes() {
1370 let input = r#"{"tool_name":"Bash","command":"grep -r \"TODO\" src/"}"#;
1371 assert_eq!(
1372 extract_json_field(input, "command"),
1373 Some(r#"grep -r "TODO" src/"#.to_string())
1374 );
1375 }
1376
1377 #[test]
1378 fn extract_field_handles_escaped_backslash() {
1379 let input = r#"{"tool_name":"Bash","command":"echo \\\"hello\\\""}"#;
1380 assert_eq!(
1381 extract_json_field(input, "command"),
1382 Some(r#"echo \"hello\""#.to_string())
1383 );
1384 }
1385
1386 #[test]
1387 fn extract_field_handles_complex_curl() {
1388 let input = r#"{"tool_name":"Bash","command":"curl -H \"Authorization: Bearer token\" https://api.com"}"#;
1389 assert_eq!(
1390 extract_json_field(input, "command"),
1391 Some(r#"curl -H "Authorization: Bearer token" https://api.com"#.to_string())
1392 );
1393 }
1394
1395 #[test]
1396 fn to_bash_compatible_path_windows_drive() {
1397 let p = crate::hooks::to_bash_compatible_path(r"E:\packages\lean-ctx.exe");
1398 assert_eq!(p, "/e/packages/lean-ctx.exe");
1399 }
1400
1401 #[test]
1402 fn to_bash_compatible_path_backslashes() {
1403 let p = crate::hooks::to_bash_compatible_path(r"C:\Users\test\bin\lean-ctx.exe");
1404 assert_eq!(p, "/c/Users/test/bin/lean-ctx.exe");
1405 }
1406
1407 #[test]
1408 fn to_bash_compatible_path_unix_unchanged() {
1409 let p = crate::hooks::to_bash_compatible_path("/usr/local/bin/lean-ctx");
1410 assert_eq!(p, "/usr/local/bin/lean-ctx");
1411 }
1412
1413 #[test]
1414 fn to_bash_compatible_path_msys2_unchanged() {
1415 let p = crate::hooks::to_bash_compatible_path("/e/packages/lean-ctx.exe");
1416 assert_eq!(p, "/e/packages/lean-ctx.exe");
1417 }
1418
1419 #[test]
1420 fn wrap_command_with_bash_path() {
1421 let binary = crate::hooks::to_bash_compatible_path(r"E:\packages\lean-ctx.exe");
1422 let result = wrap_single_command("git status", &binary);
1423 assert!(
1424 !result.contains('\\'),
1425 "wrapped command must not contain backslashes, got: {result}"
1426 );
1427 assert!(
1428 result.starts_with("/e/packages/lean-ctx.exe"),
1429 "must use bash-compatible path, got: {result}"
1430 );
1431 }
1432
1433 #[test]
1434 fn wrap_single_command_em_dash() {
1435 let r = wrap_single_command("gh --comment \"closing — see #407\"", "lean-ctx");
1436 assert_eq!(r, "lean-ctx -c 'gh --comment \"closing — see #407\"'");
1437 }
1438
1439 #[test]
1440 fn wrap_single_command_dollar_sign() {
1441 let r = wrap_single_command("echo $HOME", "lean-ctx");
1442 assert_eq!(r, "lean-ctx -c 'echo $HOME'");
1443 }
1444
1445 #[test]
1446 fn wrap_single_command_backticks() {
1447 let r = wrap_single_command("echo `date`", "lean-ctx");
1448 assert_eq!(r, "lean-ctx -c 'echo `date`'");
1449 }
1450
1451 #[test]
1452 fn wrap_single_command_nested_single_quotes() {
1453 let r = wrap_single_command("echo 'hello world'", "lean-ctx");
1454 assert_eq!(r, r"lean-ctx -c 'echo '\''hello world'\'''");
1455 }
1456
1457 #[test]
1458 fn wrap_single_command_exclamation_mark() {
1459 let r = wrap_single_command("echo hello!", "lean-ctx");
1460 assert_eq!(r, "lean-ctx -c 'echo hello!'");
1461 }
1462
1463 #[test]
1464 fn wrap_single_command_find_with_many_excludes() {
1465 let r = wrap_single_command(
1466 "find . -not -path ./node_modules -not -path ./.git -not -path ./dist",
1467 "lean-ctx",
1468 );
1469 assert_eq!(
1470 r,
1471 "lean-ctx -c 'find . -not -path ./node_modules -not -path ./.git -not -path ./dist'"
1472 );
1473 }
1474}