Skip to content

Commit 4b47640

Browse files
turegjorupclaude
turegjorup
and
claude
committed
6869: Improve Claude Code hooks and permissions
- Add PHPStan, twig-cs-fixer, and composer normalize PostToolUse hooks - Add SessionStart hook to ensure Docker services are running - Add Stop hook for Symfony DI container validation - Scope docker compose permissions (destructive commands require confirmation) - Restore php-lsp plugin - Set COMPOSE_USER env var Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 8c33faf commit 4b47640

1 file changed

Lines changed: 48 additions & 11 deletions

File tree

.claude/settings.json

Lines changed: 48 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"$schema": "https://json.schemastore.org/claude-code-settings.json",
33
"env": {
4-
"CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS": "1"
4+
"COMPOSE_USER": "deploy"
55
},
66
"permissions": {
77
"allow": [
@@ -20,19 +20,34 @@
2020
"Bash(tree:*)",
2121
"Bash(wc:*)",
2222
"Bash(which:*)",
23-
"Bash(docker compose:*)",
23+
"Bash(docker compose exec:*)",
24+
"Bash(docker compose run:*)",
25+
"Bash(docker compose up:*)",
26+
"Bash(docker compose ps:*)",
27+
"Bash(docker compose logs:*)",
28+
"Bash(docker compose top:*)",
29+
"Bash(docker compose config:*)",
30+
"Bash(docker compose pull:*)",
31+
"Bash(docker compose images:*)",
2432
"Bash(docker network:*)"
2533
],
2634
"deny": [
2735
"Bash(rm -rf:*)",
36+
"Bash(gh issue delete:*)",
37+
"Bash(gh release delete:*)",
38+
"Bash(gh repo delete:*)",
39+
"Bash(gh label delete:*)",
2840
"Read(./.env.local)",
2941
"Read(./.env.local.*)",
3042
"Read(./config/secrets/*)"
3143
],
3244
"ask": [
45+
"Bash(docker compose down:*)",
46+
"Bash(docker compose stop:*)",
47+
"Bash(docker compose rm:*)",
48+
"Bash(docker compose restart:*)",
3349
"Bash(gh issue create:*)",
3450
"Bash(gh issue close:*)",
35-
"Bash(gh issue delete:*)",
3651
"Bash(gh issue edit:*)",
3752
"Bash(gh issue comment:*)",
3853
"Bash(gh pr create:*)",
@@ -42,12 +57,9 @@
4257
"Bash(gh pr comment:*)",
4358
"Bash(gh pr review:*)",
4459
"Bash(gh release create:*)",
45-
"Bash(gh release delete:*)",
4660
"Bash(gh release edit:*)",
4761
"Bash(gh repo create:*)",
48-
"Bash(gh repo delete:*)",
4962
"Bash(gh label create:*)",
50-
"Bash(gh label delete:*)",
5163
"Bash(gh label edit:*)",
5264
"Bash(git push:*)",
5365
"Bash(git branch -d:*)",
@@ -66,6 +78,19 @@
6678
]
6779
},
6880
"hooks": {
81+
"SessionStart": [
82+
{
83+
"matcher": "startup",
84+
"hooks": [
85+
{
86+
"type": "command",
87+
"command": "docker compose up --detach --quiet-pull 2>/dev/null || true",
88+
"timeout": 60,
89+
"statusMessage": "Starting Docker services..."
90+
}
91+
]
92+
}
93+
],
6994
"PostToolUse": [
7095
{
7196
"matcher": "Write|Edit",
@@ -77,18 +102,30 @@
77102
},
78103
{
79104
"type": "command",
80-
"command": "case \"$CLAUDE_FILE_PATH\" in *.yaml|*.yml) docker compose exec -T phpfpm bin/console lint:yaml \"$CLAUDE_FILE_PATH\" 2>/dev/null || true ;; esac",
81-
"timeout": 15
105+
"command": "case \"$CLAUDE_FILE_PATH\" in *.php) docker compose exec -T phpfpm vendor/bin/phpstan analyse --no-progress --error-format=raw \"$CLAUDE_FILE_PATH\" 2>/dev/null || true ;; esac",
106+
"timeout": 30
82107
},
83108
{
84109
"type": "command",
85-
"command": "case \"$CLAUDE_FILE_PATH\" in *.twig) docker compose exec -T phpfpm bin/console lint:twig \"$CLAUDE_FILE_PATH\" 2>/dev/null || true ;; esac",
110+
"command": "case \"$CLAUDE_FILE_PATH\" in *.twig) docker compose exec -T phpfpm vendor/bin/twig-cs-fixer lint --fix \"$CLAUDE_FILE_PATH\" 2>/dev/null || true ;; esac",
86111
"timeout": 15
87112
},
88113
{
89114
"type": "command",
90-
"command": "case \"$CLAUDE_FILE_PATH\" in *.json) python3 -m json.tool \"$CLAUDE_FILE_PATH\" > /dev/null 2>&1 || true ;; esac",
91-
"timeout": 10
115+
"command": "case \"$CLAUDE_FILE_PATH\" in */composer.json) docker compose exec -T phpfpm composer normalize --quiet 2>/dev/null || true ;; esac",
116+
"timeout": 30
117+
}
118+
]
119+
}
120+
],
121+
"Stop": [
122+
{
123+
"hooks": [
124+
{
125+
"type": "command",
126+
"command": "docker compose exec -T phpfpm bin/console lint:container 2>/dev/null || true",
127+
"timeout": 30,
128+
"statusMessage": "Validating Symfony DI container..."
92129
}
93130
]
94131
}

0 commit comments

Comments
 (0)