Install gate, Phase 3 (lane 1): uv gate + yarn/pnpm named-only wrappers#113
Open
juangaitanv wants to merge 3 commits into
Open
Install gate, Phase 3 (lane 1): uv gate + yarn/pnpm named-only wrappers#113juangaitanv wants to merge 3 commits into
juangaitanv wants to merge 3 commits into
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
juangaitanv
force-pushed
the
install-gate-phase-2
branch
from
936d69a to
dd4b575
Compare
juangaitanv
added a commit
that referenced
this pull request
Jun 12, 2026
… guard Addresses Cursor review on #113. - uv commands are now classified after skipping leading global flags, so `uv --project ./app sync` / `uv --quiet add x` are gated instead of falling through to ungated passthrough. - the custom-index warning (from Phase 1) now fires for uv install/add/sync too, listing uv's index flags (--index, --default-index, --find-links, …). - the pip↔uv wrong-manager guard is applied consistently: it stays on `uv add` (project management, writes pyproject) but NOT `uv pip install` / `uv pip sync` — those are uv's pip-compatible interface, correct to use in a requirements project, and already fully gated by the tree pass. (Partial decline of the review's ask, with the reasoning above.) - parse_uv_lock now verdicts ONLY registry-sourced packages: git/url direct artifacts are skipped (their name@version is not a PyPI identity), and a registry package missing a version fails closed instead of being silently dropped. - the Node wrong-manager guard walks past a workspace MEMBER's leaf package.json to the workspace root (root `workspaces` field or pnpm-workspace.yaml), so a member install is checked against the root's manager. Standalone fresh projects still stop at their own leaf.
juangaitanv
force-pushed
the
install-gate-phase-3-uv
branch
from
c39ab0f to
d9af832
Compare
juangaitanv
force-pushed
the
install-gate-phase-2
branch
from
dd4b575 to
c86aa2d
Compare
juangaitanv
added a commit
that referenced
this pull request
Jun 12, 2026
… guard Addresses Cursor review on #113. - uv commands are now classified after skipping leading global flags, so `uv --project ./app sync` / `uv --quiet add x` are gated instead of falling through to ungated passthrough. - the custom-index warning (from Phase 1) now fires for uv install/add/sync too, listing uv's index flags (--index, --default-index, --find-links, …). - the pip↔uv wrong-manager guard is applied consistently: it stays on `uv add` (project management, writes pyproject) but NOT `uv pip install` / `uv pip sync` — those are uv's pip-compatible interface, correct to use in a requirements project, and already fully gated by the tree pass. (Partial decline of the review's ask, with the reasoning above.) - parse_uv_lock now verdicts ONLY registry-sourced packages: git/url direct artifacts are skipped (their name@version is not a PyPI identity), and a registry package missing a version fails closed instead of being silently dropped. - the Node wrong-manager guard walks past a workspace MEMBER's leaf package.json to the workspace root (root `workspaces` field or pnpm-workspace.yaml), so a member install is checked against the root's manager. Standalone fresh projects still stop at their own leaf.
juangaitanv
force-pushed
the
install-gate-phase-3-uv
branch
from
d9af832 to
36350f3
Compare
Harvested from the install-vuln-gate spike (dfac68e); still public-mode only, no --json. - corgea uv: `uv pip install` / `uv add` / `uv pip sync` gate through `uv pip compile` (--only-binary :all:, temp .in file) so the full resolved set is verdicted; `uv sync` is gated from the nearest-ancestor uv.lock (local/editable stanzas skipped, unparsable lock refuses, --force escape); `uv lock` and everything else passes through; top-level `uv install` gets a did-you-mean - corgea yarn|pnpm: named targets verified (with the loud named-only warning — no safe dry-run); bare installs exec unchecked behind an honest stderr note; bare `yarn` routes through `yarn install` - wrong-package-manager guard: npm/yarn/pnpm cross-checked against lockfiles + the packageManager field (ambiguous indicators stand down, fresh projects don't inherit ancestor lockfiles); pip↔uv cross-checked against uv.lock / requirements files; all suggestions name the corgea-wrapped command; --force bypasses - SKILL.md updated for the new managers and limitations
… guard Addresses Cursor review on #113. - uv commands are now classified after skipping leading global flags, so `uv --project ./app sync` / `uv --quiet add x` are gated instead of falling through to ungated passthrough. - the custom-index warning (from Phase 1) now fires for uv install/add/sync too, listing uv's index flags (--index, --default-index, --find-links, …). - the pip↔uv wrong-manager guard is applied consistently: it stays on `uv add` (project management, writes pyproject) but NOT `uv pip install` / `uv pip sync` — those are uv's pip-compatible interface, correct to use in a requirements project, and already fully gated by the tree pass. (Partial decline of the review's ask, with the reasoning above.) - parse_uv_lock now verdicts ONLY registry-sourced packages: git/url direct artifacts are skipped (their name@version is not a PyPI identity), and a registry package missing a version fails closed instead of being silently dropped. - the Node wrong-manager guard walks past a workspace MEMBER's leaf package.json to the workspace root (root `workspaces` field or pnpm-workspace.yaml), so a member install is checked against the root's manager. Standalone fresh projects still stop at their own leaf.
…flag-skip, ungated disclosures
- SECURITY: valued global flags missing from takes_value made their VALUE
classify as the subcommand → silent ungated passthrough. Added uv's
--color/--config-file/--cache-dir/--allow-insecure-host and yarn's
--cwd ('corgea uv --color always add x' and 'corgea yarn --cwd dir add
x' installed unchecked). Unit + e2e regression tests with valued flags.
- classify_uv_command skips flags between 'pip' and its verb, so
'uv pip --quiet install x' gates instead of passing through.
- uv add's --optional/--bounds/--script values no longer parse as specs.
- 'uv run' / 'uv tool install|run|upgrade' print an ungated-install note
(and SKILL.md lists them as limitations) instead of passing silently;
same for 'yarn global add'.
- Workspace-member walk now checks dir membership against the declared
globs (package.json workspaces / pnpm-workspace.yaml packages), so a
standalone project nested under an unrelated monorepo keeps its leaf
boundary instead of being wrong-manager-refused.
- uv.lock parsing discloses skipped non-registry pin counts and warns on
non-default registry sources; run_uv_sync echoes the command correctly
behind global flags.
juangaitanv
force-pushed
the
install-gate-phase-2
branch
from
c86aa2d to
33da96b
Compare
juangaitanv
force-pushed
the
install-gate-phase-3-uv
branch
from
36350f3 to
f8426b6
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Phase 3, lane 1 of the install-gate restart
Stacked on #112 (Phase 2). Base:
install-gate-phase-2. The PRD splits Phase 3 into three independent lanes, each its own PR — this is lane 1 (breadth). Still public-mode only, no--json.Scope (per the PRD)
uv pip install/uv add/uv pip syncgate throughuv pip compile(--only-binary :all:, temp.infile) so the full resolved set is verdicted.uv syncis gated from the nearest-ancestoruv.lock(local/editable stanzas skipped; unparsable lock refuses;--forceescape).uv lockand everything else passes through; top-leveluv installgets a did-you-mean.yarnroutes throughyarn install.packageManagerfield (ambiguous indicators stand down; fresh projects don't inherit ancestor lockfiles); pip↔uv cross-checked againstuv.lock/ requirements files. Suggestions name the corgea-wrapped command;--forcebypasses.Out of scope:
--json(lane 2), auth/fail-closed (lane 3).Exit criteria — met
Covered by
tests/cli_uv_sync.rsand extensions to the tree/bare-install suites; confirmed live (corgea uv pip install mezzanine==6.0.0resolves a 24-package tree via realuv pip compileand blocks;corgea pnpm addin an npm project refuses with a suggestion)../harness checkgreen.🤖 Generated with Claude Code