Release shield-v0.7.0 · AperionAI/shield · GitHub

//releases/show" data-turbo-transient="true" />

Skip to content

Search or jump to...

Search code, repositories, users, issues, pull requests...

-->

Search

Clear

Search syntax tips

Provide feedback

--><br>We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Cancel

Submit feedback

Saved searches

Use saved searches to filter your results more quickly

-->

Name

Query

To see all available qualifiers, see our documentation.

Cancel

Create saved search

Sign in

//releases/show;ref_cta:Sign up;ref_loc:header logged out"}"<br>Sign up

Appearance settings

Resetting focus

You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

{{ message }}

AperionAI

shield

Public

Notifications<br>You must be signed in to change notification settings

Fork

Star

shield-v0.7.0

Latest

Latest

Compare

Choose a tag to compare

Sorry, something went wrong.

Filter

Loading

Sorry, something went wrong.

Uh oh!

There was an error while loading. Please reload this page.

No results found

View all tags

github-actions

released this

20 May 20:36

shield-v0.7.0

16125e7

aperion-shield v0.7.0 — git hooks close the MCP-bypass gap

The release that closes the most-cited objection to MCP-only enforcement: "the agent just opens a shell and reaches around your guardrail." v0.7 runs the same engine on the way to git, regardless of how the destructive change got there.

Headline features

1. aperion-shield --install-hooks (git pre-commit + pre-push)

Writes a managed pre-commit and pre-push hook into .git/hooks/. Same engine, same shieldset.yaml, same severity tiers — now enforced on every git commit and git push. Idempotent (re-runnable). Coexists with husky / pre-commit / lefthook via --chain-existing. Honours git --no-verify and SHIELD_HOOKS_DISABLE=1 for the rare legitimate bypass.

.git/hooks/pre-commit<br>[aperion-shield] writing pre-push -> .git/hooks/pre-push<br>[aperion-shield] both hooks installed (managed by APERION-SHIELD-HOOK v1)">$ aperion-shield --install-hooks<br>[aperion-shield] writing pre-commit -> .git/hooks/pre-commit<br>[aperion-shield] writing pre-push -> .git/hooks/pre-push<br>[aperion-shield] both hooks installed (managed by APERION-SHIELD-HOOK v1)

2. aperion-shield --suggest-rules (audit-log → rule tuning)

Reads your local shield_eval JSON-Lines audit log and emits text / markdown / yaml-patch suggestions across three classes — rules that never fire, rules that get consistently demoted by decision memory, and noisy Warn rules that should probably be Info. --suggest-format yaml-patch produces splice-ready snippets for shieldset.yaml with # rationale: comments. Stays local — never reads from a network source, never writes anywhere except the file you ask it to.

$ aperion-shield --suggest-rules \<br>--audit-log ~/.aperion-shield/audit.jsonl \<br>--suggest-window-days 14 \<br>--suggest-format yaml-patch

3. Four new IDE quickstarts: Cline, Continue, Windsurf, Zed

Joining Cursor + Claude Code. Per-IDE schema notes in the README (notably Zed uses context_servers, not mcpServers).

What's under the hood

New CLI surface: --install-hooks, --uninstall-hooks, --repo , --chain-existing, --check-staged, --check-pushed-refs, --suggest-rules, --audit-log , --suggest-window-days , --suggest-min-occurrences , --suggest-format .

--check-staged parses git diff --cached --unified=0, classifies files by kind (.sql / shell / Dockerfile / Makefile / source-code), evaluates each line through the engine, and exits 0 clean / 1 block / 2 approval-required / 3 operational-error.

--check-pushed-refs reads git's pre-push stdin protocol ( per line), recognises protected-branch deletions (remote-sha is zero) and force-pushes (via git merge-base --is-ancestor). Override protected branches with SHIELD_PROTECTED_BRANCHES=trunk,deploy/*.

Hooks are written with an APERION-SHIELD-HOOK v1 banner so --install-hooks is idempotent and never clobbers a foreign hook silently. --chain-existing renames the foreign hook to .aperion-backup and chains Shield in front of it.

--suggest-rules aggregates per-rule statistics across the analysis window, then evaluates three emit conditions: RULE_NEVER_FIRES (zero matches with rule present in shieldset), CONSISTENTLY_DEMOTED (≥ N matches with > 70% Allow/AllowWithWarn after the adaptive layer demoted), NOISY_WARN (high-frequency Warn with no human intervention recorded).

Tests

192 total tests, all green (was 148 in v0.6.0):

26 new unit tests covering hooks install round-trips, diff parser fixtures, protected-branch glob matching, env-var override, audit JSONL parsing, RuleStats aggregator, and YAML-patch shape.

18 new end-to-end integration tests against real tempdir git repos: install/uninstall idempotency, DROP...