rippy-cli 0.1.2

A shell command safety hook for AI coding tools (Claude Code, Cursor, Gemini CLI) — Rust rewrite of Dippy
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

# Git permissive style: allow everything except operations that lose data.

[[rules]]
action = "allow"
command = "git"
subcommands = [
    "add", "commit", "push", "pull", "merge", "rebase", "cherry-pick",
    "checkout", "switch", "am", "apply", "fetch",
    "rm", "mv", "restore", "revert", "init", "clone",
    "submodule", "worktree", "gc", "prune", "reset",
]

[[rules]]
action = "allow"
command = "git"
subcommand = "stash"

# Allow branch ops including -d (safe delete — refuses if unmerged)
[[rules]]
action = "allow"
command = "git"
subcommand = "branch"

[[rules]]
action = "allow"
command = "git"
subcommand = "tag"

# --- Still ask for truly destructive operations ---

[[rules]]
action = "ask"
command = "git"
subcommand = "push"
flags = ["--force", "-f", "--force-with-lease"]
message = "Force push can rewrite remote history"

[[rules]]
action = "ask"
command = "git"
subcommand = "reset"
flags = ["--hard"]
message = "Hard reset can lose uncommitted work"

[[rules]]
action = "ask"
command = "git"
subcommand = "clean"
message = "Clean removes untracked files permanently"

# -D bypasses the unmerged check that -d has
[[rules]]
action = "ask"
command = "git"
subcommand = "branch"
flags = ["-D"]
message = "Force branch deletion bypasses unmerged check"

[[rules]]
action = "ask"
command = "git"
subcommand = "stash"
args-contain = "clear"
message = "Stash clear permanently removes all stash entries"