.claude/guard-branch.sh

#!/usr/bin/env bash
set -euo pipefail

# PreToolUse hook for Bash tool: blocks git commit/push on protected branches.
# TOOL_INPUT is JSON with a "command" field containing the bash command.

PROTECTED_BRANCHES=("develop" "main" "master")

COMMAND="${TOOL_INPUT:-}"

# Only check commands that look like git commit or git push
if ! echo "$COMMAND" | grep -qE '\bgit\b.*(commit|push)'; then
  exit 0
fi

BRANCH="$(git rev-parse --abbrev-ref HEAD 2>/dev/null || echo "")"

for protected in "${PROTECTED_BRANCHES[@]}"; do
  if [[ "$BRANCH" == "$protected" ]]; then
    echo "BLOCKED: Cannot commit or push on protected branch '$BRANCH'."
    echo "Create a feature branch first: git checkout -b feature/<name>"
    exit 2
  fi
done

exit 0
feat: enforce feature branch workflow with PreToolUse hook Add a guard script that blocks git commit/push on protected branches (develop, main, master) via a PreToolUse hook. Update CLAUDE.md with stricter branching rules: one commit per task, immediate commits on feature branches, no direct commits to protected branches. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-03-21 10:45:58 +01:00			`#!/usr/bin/env bash`
			`set -euo pipefail`

			`# PreToolUse hook for Bash tool: blocks git commit/push on protected branches.`
			`# TOOL_INPUT is JSON with a "command" field containing the bash command.`

			`PROTECTED_BRANCHES=("develop" "main" "master")`

			`COMMAND="${TOOL_INPUT:-}"`

			`# Only check commands that look like git commit or git push`
			`if ! echo "$COMMAND" \| grep -qE '\bgit\b.*(commit\|push)'; then`
			`exit 0`
			`fi`

			`BRANCH="$(git rev-parse --abbrev-ref HEAD 2>/dev/null \|\| echo "")"`

			`for protected in "${PROTECTED_BRANCHES[@]}"; do`
			`if [[ "$BRANCH" == "$protected" ]]; then`
			`echo "BLOCKED: Cannot commit or push on protected branch '$BRANCH'."`
			`echo "Create a feature branch first: git checkout -b feature/<name>"`
			`exit 2`
			`fi`
			`done`

			`exit 0`