feat: runtime kill-switch via marker file or env var (v3.3.0)#21
Open
royosherove wants to merge 1 commit into
Open
feat: runtime kill-switch via marker file or env var (v3.3.0)#21royosherove wants to merge 1 commit into
royosherove wants to merge 1 commit into
Conversation
- Check ~/.pi-branch-enforcer/disabled or PI_BRANCH_ENFORCER_DISABLED=1 on every bash tool_call; if set, return immediately (fail-open) - Lets external tooling (e.g. roundhouse /toggle-enforce-branches) disable enforcement immediately without restarting the agent - File-based switch persists across agent restarts - Add .gitignore (node_modules, package-lock, dist) - README documents both file and env-var paths Bump 3.2.2 -> 3.3.0
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds an immediate runtime kill-switch so external tooling (e.g. roundhouse
/toggle-enforce-branches) can disable enforcement without restarting the agent.Mechanism
Checked on every
bashtool_call, before any tier runs:~/.pi-branch-enforcer/disabledexists → fail-openPI_BRANCH_ENFORCER_DISABLED=1→ fail-openEffect is immediate — next bash command sees the new state. No agent restart needed.
Why a marker file (not just env var)
Changes
index.ts:isDisabled()check at top of tool_call handlerREADME.md: 'Disabling at runtime' sectionCHANGELOG.md: 3.3.0 entry.gitignore: added (was missing — node_modules was untracked clutter)Out of scope
The Telegram
/toggle-enforce-branchescommand lives in roundhouse (PR coming separately). This repo just exposes the marker file as a stable contract.