Hook-System Python-Erweiterung
Status: ✅ IMPLEMENTIERT (2025-12-28)
Task: #506
Problem
Das Claude Code Hook-System (/var/www/tools/ki-protokoll/claude-hook/) prüfte nur PHP-Dateien. Python-Dateien in der Pipeline (/var/www/scripts/pipeline/) wurden nicht validiert.
Root Cause
# hook_dispatcher.py Zeile 78-80 (vorher)
if not file_path.endswith(".php"):
sys.exit(0)Implementierung
Phase 1: Dispatcher (hook_dispatcher.py)
ALLOWED_EXTENSIONS = {".php", ".py"}
PYTHON_CHECK_PATHS = ["/var/www/scripts/pipeline/"]
SKIP_PATHS = ["/venv/", "/__pycache__/", "/tests/", "/vendor/"]
def should_check(file_path: str) -> bool:
if any(skip in file_path for skip in SKIP_PATHS):
return False
ext = Path(file_path).suffix
if ext not in ALLOWED_EXTENSIONS:
return False
if ext == ".php":
return True
if ext == ".py":
return any(file_path.startswith(p) for p in PYTHON_CHECK_PATHS)
return FalsePhase 2: Python-Regeln (pre_rules_python.py)
PP1.1: Hardcoded Model-Namen blockieren
- BLOCKIERT:
default="mistral",model="gemma" - ERLAUBT:
get_pipeline_model(),DEFAULT_MODEL = "mistral"
PP1.2: Hardcoded Pipeline-IDs blockieren
- BLOCKIERT:
pipeline_id = 5 - ERLAUBT:
DEFAULT_PIPELINE_ID = 5,args.pipeline_id
Phase 3: Integration (pre_rules.py)
# Regelfilterung nach Dateityp
if file_path.endswith(".php"):
rules = PHP_RULES
elif file_path.endswith(".py"):
rules = PYTHON_RULES
else:
return allow()Testmatrix (7/7 bestanden)
| Test | Szenario | Erwartet | Ergebnis |
|---|---|---|---|
| 1 | PP1.1 default="mistral" | DENY | ✅ |
| 2 | PP1.1 get_pipeline_model() | ALLOW | ✅ |
| 3 | PP1.1 DEFAULT_MODEL = "mistral" | ALLOW | ✅ |
| 4 | PP1.2 pipeline_id = 5 | DENY | ✅ |
| 5 | PP1.2 DEFAULT_PIPELINE_ID = 5 | ALLOW | ✅ |
| 6 | Skip /venv/ Pfade | ALLOW | ✅ |
| 7 | PHP P1.1 @responsibility | DENY | ✅ |
Dateien
| Datei | Aktion |
|---|---|
hook_dispatcher.py | MODIFIZIERT |
quality/pre_rules_python.py | NEU |
quality/pre_rules.py | MODIFIZIERT |