tking/gsh
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
16 commits 1 branch 0 tags 361 KiB
Commit graph

6 commits

Author SHA256 Message Date
Tyler J King
02bcd58c99 feat: display DEFCON posture in banner + prompt 
Reads BASCULE_DEFCON_LEVEL from env. At DEFCON <5:
  Banner: DEFCON level + label (RESTRICTED/CRITICAL/LOCKDOWN) + reason
  Prompt: [restricted] at DEFCON 3, [DEFCON] at ≤2

DEFCON 5 (peacetime): no DEFCON line in banner, normal prompt.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-04 13:10:17 -04:00
Tyler J King
231bed5f92 feat: display name in banner + prompt 
Banner shows human-readable principal and DID on separate lines:
  Principal: tking@guildhouse.dev
  DID:       did:web:guildhouse.dev/user/tking

Prompt uses short name: [governed] tking@gsh

Reads BASCULE_DISPLAY_NAME env. Fallback: parse DID to name@domain.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-03 10:18:13 -04:00
Tyler J King
e7bc2ee2b4 fix: align CR format with broker CompleteRequest schema 
- Add session_id field to CrEvidence (broker expects it)
- Change merkle_root to Option<String> (null vs empty string)
- Change events to Vec<serde_json::Value> (broker expects list[dict])
- Fixes 422 Unprocessable Entity on CR posting

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-02 23:11:22 -04:00
Tyler J King
5f7f9c0ff7 feat: configurable corpus base dir + Bascule dev config 
- corpus_check_with_base(): accepts explicit base directory
- corpus_check(): still defaults to /opt/substrate/corpus
- Improved corpus test with actual Allowed/Denied assertions
- Updated bascule-dev.toml with [gsap] section and shell_command

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-02 18:46:27 -04:00
Tyler J King
63a6c0c520 feat: gsh human mode — interactive governed shell with reedline 
Phase 3 / Sprint 2 finish line.

Human mode: reedline REPL with governed prompt.
  [governed] tyler@gsh:~$

Mode detection:
  --exec "cmd"              → machine mode (unchanged)
  --ungoverned --exec "cmd" → ungoverned machine (unchanged)
  (no --exec, TTY attached) → human mode (NEW)
  (no --exec, no TTY)       → error

Command classification per-keystroke (libgsh/classifier.rs):
  Free:       ls, cat, grep, echo, cd, git, ssh, curl — zero overhead
  Governed:   binaries in corpus dir — via org-ops wrapper, CR posted
  Ungoverned: not in corpus but on PATH — warn + execute
  Denied:     corpus manifest but removed — killswitch active

Session lifecycle:
  Start:  validate AC, post SESSION_STARTED CR, print banner
  Active: classify each command, governed ops post lightweight CRs
  End:    print summary (governed/free/denied/ungoverned), post SESSION_ENDED CR

Banner: principal, corpus, session ID, expiry, risk level
Prompt coloring from risk level:
  Baseline/Standard: green [governed]
  Elevated:          yellow [elevated]
  High/Critical:     red [HIGH]

New modules:
  libgsh/classifier.rs — command classification against corpus (4 tests)
  libgsh/session.rs    — session state tracking
  gsh/human.rs         — reedline REPL, prompt, banner, summary

Machine mode: zero changes (regression tested).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-02 15:44:34 -04:00
Tyler J King
919d8accde refactor: extract libgsh from monolith 
Phase 2 of the WSL2 jumphost build.

Workspace: gsh/ (binary) + libgsh/ (library).

libgsh modules:
  ac.rs       — AC validation (R-22 single-use, R-23 corpus match, expiry)
  cr.rs       — CR construction + broker posting + inline AC request
  corpus.rs   — Corpus directory gate (killswitch)
  config.rs   — GshConfig from environment
  registry.rs — Filesystem-based consumed AC registry

gsh/src/main.rs: CLI only (~170 lines).
  Clap args, mode detection, calls libgsh, formats output.

11 unit tests in libgsh:
  ac: valid AC, expired, corpus mismatch, replay, missing context_id
  cr: broker URL formatting
  corpus: ungoverned skip, missing dir, command name extraction
  registry: consume and check
  config: default corpus_cid

Zero behavior change. Same JSON output, same exit codes,
same flags, same env vars, same broker interaction.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-02 09:31:50 -04:00