coily lockdown emits 5-line comment header that fails agentic-os code-comments TOL=2 #92

New issue

Closed

opened 2026-05-26 05:22:49 +00:00 by coilysiren · 1 comment

coilysiren commented

2026-05-26 05:22:49 +00:00

Owner

Problem

coily lockdown --apply --replace writes .claude/lockdown-deny.sh whose header is a 5-line contiguous comment block (lines 2-6 below the shebang):

#!/bin/sh
# Auto-generated by coily. Do not edit; regenerate via coily lockdown --apply --replace.
#
# Delegates to coily hook pre-tool-use, which calls the shared
# cli-guard/hook engine with coily's integrity rules + route
# table. See coilysiren/coily#248 + cli-guard#74.
exec coily hook pre-tool-use

The agentic-os code-comments pre-commit hook (since v0.2.8) enforces MAX_CONTIGUOUS=2. Every consumer repo that runs the suite v0.2.8+ now fails on the file the moment they re-apply lockdown. Caught while cleaning up coilysiren/otel-a2a-relay#135.

Fix

Trim the generated header to <=2 contiguous comment lines, e.g.:

#!/bin/sh
# Auto-generated by coily. Regenerate via coily lockdown --apply --replace.
# Delegates to coily hook pre-tool-use. See coilysiren/coily#248 + cli-guard#74.
exec coily hook pre-tool-use

The blank-comment line on line 3 is what visually splits the block but counts as contiguous to the hook.

Repro

coily v2.37.1:

coily lockdown --apply --replace --path <consumer-repo>
pre-commit run code-comments --all-files

Rule shape

TOL=2 softened from TOL=1 in coilysiren/agentic-os#24.

Ported from coilysiren/coily#336.

**Problem** `coily lockdown --apply --replace` writes `.claude/lockdown-deny.sh` whose header is a 5-line contiguous comment block (lines 2-6 below the shebang): ```sh #!/bin/sh # Auto-generated by coily. Do not edit; regenerate via coily lockdown --apply --replace. # # Delegates to coily hook pre-tool-use, which calls the shared # cli-guard/hook engine with coily's integrity rules + route # table. See coilysiren/coily#248 + cli-guard#74. exec coily hook pre-tool-use ``` The agentic-os `code-comments` pre-commit hook (since v0.2.8) enforces MAX_CONTIGUOUS=2. Every consumer repo that runs the suite v0.2.8+ now fails on the file the moment they re-apply lockdown. Caught while cleaning up coilysiren/otel-a2a-relay#135. **Fix** Trim the generated header to <=2 contiguous comment lines, e.g.: ```sh #!/bin/sh # Auto-generated by coily. Regenerate via coily lockdown --apply --replace. # Delegates to coily hook pre-tool-use. See coilysiren/coily#248 + cli-guard#74. exec coily hook pre-tool-use ``` The blank-comment line on line 3 is what visually splits the block but counts as contiguous to the hook. **Repro** coily v2.37.1: ``` coily lockdown --apply --replace --path <consumer-repo> pre-commit run code-comments --all-files ``` **Rule shape** TOL=2 softened from TOL=1 in coilysiren/agentic-os#24. --- _Ported from coilysiren/coily#336._

coilysiren commented

2026-05-30 05:43:11 +00:00

Author

Owner

Merged into #85 in the 2026-05-29 backlog burn-down. Duplicate lockdown-deny.sh comment-header TOL=2 bug Reopen if it should stand alone.

coilysiren closed this issue

2026-05-30 05:43:11 +00:00

coilysiren added the

label

2026-05-31 01:52:40 +00:00

No labels

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

coilyco-bridge/coily#92

No description provided.

Rows
Columns