Skip to content

feat: git-style scope auto-detection with .dotf/ walk-up#15

Merged
chrisfentiman merged 9 commits into
mainfrom
feat/scope-auto-detect
Mar 14, 2026
Merged

feat: git-style scope auto-detection with .dotf/ walk-up#15
chrisfentiman merged 9 commits into
mainfrom
feat/scope-auto-detect

Conversation

@chrisfentiman
Copy link
Copy Markdown
Owner

@chrisfentiman chrisfentiman commented Mar 14, 2026

Summary

  • Scope auto-detection: dotf now walks up from cwd looking for .dotf/ directories (like git finds .git/), with CVE-2022-24765-style ownership check via getuid()
  • ~/dotfiles~/.dotf: global data directory renamed for consistency with local .dotf/ convention
  • --dir--global/-G: replaced explicit directory flag with escape hatch to force global mode; dotf init [path] replaces dotf --dir <path> init
  • Mode headers: status, sync, and diff now print which scope was resolved (to stderr, keeping stdout pipeable)
  • Security: -- separator added before user-controlled values in all secret backend CLI calls (pass, op, bw) to prevent flag injection
  • Shared boundary check: extracted validate_link_boundary() onto DotfContext, used by both config and render_and_symlink_all
  • Init guards: warns on nested .dotf/ creation, shows migration hint when ~/dotfiles exists

Test plan

  • 162 tests pass (145 unit + 17 integration)
  • Clippy clean, cargo fmt clean
  • 8 fuzz targets clean (~14.6M total runs)
  • 276 mutants tested (160 caught, 66 missed in cosmetic/CLI paths, 51 unviable)
  • Manual: dotf init creates ~/.dotf/, dotf init . creates local .dotf/
  • Manual: dotf -G status forces global from inside a local project
  • Manual: walk-up finds .dotf/ from nested subdirectory

🤖 Generated with Claude Code

Chris Fentiman and others added 9 commits March 13, 2026 21:06
@claude
feat: git-style scope auto-detection with .dotf/ walk-up
4fe5c08 
Replace ~/dotfiles with ~/.dotf as the global data directory. Add
find_dotf_root() that walks up from cwd looking for .dotf/ directories,
with CVE-2022-24765-style ownership check via libc::getuid(). Add
resolve_context() for automatic Global vs Local mode detection.

Extract validate_link_boundary() and print_mode_header() onto DotfContext
for reuse across commands. Add local_from_path() constructor for init.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
feat: replace --dir flag with --global/-G and positional init path
4fbdbfe 
Remove --dir <PATH> in favor of automatic scope detection. Add --global/-G
as a top-level escape hatch to force global mode from any directory.
Split Command enum with #[command(flatten)] so Init and Completions are
handled before scope resolution. Extract unwrap_or_exit helper.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
feat: add mode headers and adopt shared boundary check in commands
5873073 
Add print_mode_header() to status, sync, and diff so users see which
scope was resolved. Use validate_link_boundary() in config command
instead of inline check. Update test helpers for ~/dotfiles → ~/.dotf.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
fix: add -- separator to prevent flag injection in secret backends
8b44918 
Insert -- before user-controlled URI/item arguments in pass, op, and bw
CLI invocations to prevent crafted values like --help from being
interpreted as flags.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
feat: nested .dotf guard, migration hint, and local init tests
1e3d7a4 
Warn when creating a .dotf/ inside a directory that already has a parent
.dotf/. Show migration hint when ~/dotfiles exists but ~/.dotf doesn't.
Add tests for local init: directory creation, .gitignore idempotency,
preserving existing content, edge cases.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
test: update integration tests and fuzz targets for .dotf rename
947d83e 
Update TestEnv to use ~/.dotf instead of ~/dotfiles. Add fuzz targets
for find_dotf_root and validation helpers.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
docs: update all references from ~/dotfiles and --dir to ~/.dotf
9962540 
Update README, SECURITY.md, and docs site to reflect the new ~/.dotf
directory, --global/-G flag, and dotf init [path] syntax.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
ci: add fuzz_find_dotf_root and fuzz_validation to CI matrix
fadc43d 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
ci: prevent mutation testing from showing as failed in PR checks
2585b85 
Replace continue-on-error with || true on cargo mutants so the job
reports green in the GitHub UI. Missed mutants are still surfaced in
the step summary — they just don't break the pipeline.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@chrisfentiman chrisfentiman merged commit 13e3ccc into main Mar 14, 2026
15 checks passed
@chrisfentiman chrisfentiman deleted the feat/scope-auto-detect branch March 14, 2026 04:22
@chrisfentiman chrisfentiman mentioned this pull request Mar 14, 2026
Merged
chrisfentiman added a commit that referenced this pull request Mar 14, 2026
@chrisfentiman
chore(main): release 0.9.0 (#16)
9cf3a7e 
🤖 I have created a release *beep* *boop*
---


## [0.9.0](v0.8.1...v0.9.0)
(2026-03-14)


### Features

* git-style scope auto-detection with .dotf/ walk-up
([#15](#15))
([13e3ccc](13e3ccc))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chrisfentiman