j0(dZddlmZddlZddlmcmZddl Z ddl Z ddl Z ddl m Z ddlZdZdddZej"dZej&j)dgd d Zd Zd Zd ZdZdZdZdZdZdZdZdZ dZ!dZ"dZ#y)u1task-2579 v3.1 audit-trail Bash capture follow-up hardening tests. 회장 결정 2026-05-14 — task-2579 anu-direct implementation: - LOKI-REC-1: Python destructive ops capture (os.remove/unlink/rmdir/shutil.rmtree/open-write/write_text) - LOKI-REC-4: JWT / Authorization Token (non-Bearer) redaction - audit_log_dir_overridden 가시성 필드 (false attribution guard 확장) - captured_by = post-tool-use.sh.v3.1 (forward marker) - jq-fallback 필드 통일 (MAAT-REC-4) 본 test는 production hook을 stdin feed로 호출 + AUDIT_TRAIL_LOG_DIR override. ) annotationsN)Pathz(/home/jay/.claude/hooks/post-tool-use.shchd||d|id}itjdt|i}tjdt gt j|dd|d}|j}d }||k(} | stjd | fd ||fd tjvstj|rtj|nd tj|tj|d z} tjd|j dzd| iz} t#tj$| dx}x} }|dz } | j'sgS| j)j+D cgc](} | j-st j.| *c} Scc} w)NBashcommand) tool_namecwd session_id tool_inputAUDIT_TRAIL_LOG_DIRbashT )inputcapture_outputtextenvtimeoutr==)z2%(py2)s {%(py2)s = %(py0)s.returncode } == %(py5)sresult)py0py2py5z hook failed: z >assert %(py7)spy7zaudit-trail.jsonl)osenvironstr subprocessrun HOOK_PATHjsondumps returncode @pytest_ar_call_reprcompare @py_builtinslocals_should_repr_global_name _saferepr_format_assertmsgstderrAssertionError_format_explanationexists read_text splitlinesstriploads)rlog_dirr r payloadrr @py_assert1 @py_assert4 @py_assert3 @py_format6 @py_format8log_filelines F/home/jay/workspace/tests/regression/test_audit_trail_followup_2579.py _run_hookr=s?  '* G >RZZ =.G =C ^^ jj!   F   BB  !BBB BBBBBB6BBB6BBB BBBBBB]6==/#BBBBBBBB,,H ??  )1););)=)H)H)J [djjlDJJt  [[ [s ?F/F/c |dz S)Nlogs)tmp_paths r< tmp_audit_dirrB1s f zcommand, expected_pattern))-python3 -c "import os; os.remove('/tmp/abc')"python-destructive)z,python -c "import os; os.unlink('/tmp/xyz')"rE)z-python3 -c "import os; os.rmdir('/tmp/dir1')"rE)z6python3 -c "import shutil; shutil.rmtree('/tmp/dir2')"rE)z>python3 -c "from pathlib import Path; Path('/tmp/p').unlink()"rE)/python3 -c "open('/tmp/f.txt', 'w').write('x')"python-open-write)z1python3 -c "open('/tmp/f.bin', 'wb').write(b'x')"rG)zIpython3 -c "from pathlib import Path; Path('/tmp/p').write_text('hello')"zpython-write-textct||}t|}d}||k(}|stjd|fd||fdt j vstj trtjtnddt j vstj |rtj|ndtj|tj|dz}dd|iz}ttj|dx}x}}|d } | d } d } | | k(}|sltjd|fd | | ftj| tj| d z} dd| iz}ttj|dx} x}} | d} d} | | u}|stjd|fd| | ftj| tj| d z} tjd|dzd| iz}ttj|dx} x}} | d}||v} | stjd| fd||fdt j vstj |rtj|ndtj|dz}tjd|d| dddzd|iz}ttj|dx} }y) Nrz0%(py3)s {%(py3)s = %(py0)s(%(py1)s) } == %(py6)slenentriesrpy1py3py6assert %(py8)spy8rschema_versionz%(py1)s == %(py4)srNpy4assert %(py6)srPis_destructiveTisz%(py1)s is %(py4)sz"is_destructive expected True for:  >assert %(py6)sdestructive_pattern_matchedin)z%(py0)s in %(py3)sexpected_patternrrOz pattern 'z ' not in '' >assert %(py5)sr r=rKr$r%r&r'r(r)r,r-r*)rBrrarL @py_assert2 @py_assert5r6 @py_format7 @py_format9entry @py_assert0r7 @py_format5r5 @py_format4r8s r<(test_python_destructive_pattern_capturedrn;s/G w<1<1 <133ww<1 AJE ! "'a' "a '''' "a''' "'''a''''''' ! "ZdZ "d *ZZZ "dZZZ "ZZZdZZZ.PQXPY,ZZZZZZZZ$%BC C C C   D $%Z6S0T/UUVWrCc@td|}t|}d}||k(}|stjd|fd||fdt j vstj trtjtnddt j vstj |rtj|ndtj|tj|dz}dd |iz}ttj|d x}x}}|d d }d }||u}|sltjd|fd||ftj|tj|dz} dd| iz}ttj|d x}x}}y )z7python read-only ops should NOT be flagged destructive.z1python3 -c "import os; print(os.listdir('/tmp'))"rIrrJrKrLrMrQrRNrrYFrZr\rVrXrP r=rKr$r%r&r'r(r)r,r- rBrLrfrgr6rhrirkr7rls r<'test_python_non_destructive_not_flaggedrrSsM}]G w<1<1 <133ww<1 1:& '050 '5 0000 '5000 '00050000000rCc@td|}t|}d}||k(}|stjd|fd||fdt j vstj trtjtnddt j vstj |rtj|ndtj|tj|dz}dd |iz}ttj|d x}x}}|d d }d }||u}|sltjd|fd||ftj|tj|dz} dd| iz}ttj|d x}x}}y )z0python open with 'r' mode should NOT be flagged.z+python3 -c "open('/tmp/f.txt', 'r').read()"rIrrJrKrLrMrQrRNrrYFrZr\rVrXrPrprqs r<!test_python_open_read_not_flaggedrtZsGWG w<1<1 <133ww<1 1:& '050 '5 0000 '5000 '00050000000rCcd}d|d}t||}t|}d}||k(}|stjd|fd||fdt j vstj trtjtnddt j vstj |rtj|ndtj|tj|d z}d d |iz}ttj|d x}x}}|d } | d} d} | | u}|sltjd|fd| | ftj| tj| dz} dd| iz}ttj|d x} x}} d} | d} | | v}|stjd|fd| | ftj| tj| dz} tjd| ddzd| iz}ttj|d x} x}} y )z4JWT format eyJ...header.payload.signature redaction.zdeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4ifQ.abcdefghijklmnopzcurl -H "X-Auth: z" https://api.example.comrIrrJrKrLrMrQrRNrredaction_appliedTrZr\rVrXrPzrr_z%(py1)s in %(py4)szjwt placeholder missing: r]re) rB jwt_tokencmdrLrfrgr6rhrirjrkr7rls r<test_jwt_redactionrzfsyvI i[(A BC]+G w<1<1 <133ww<1 AJE $ %-- % ---- %--- %---------- _uY/_ / /___ /___ ___/___3LUS\M]L^1________rCc~d}t||}t|}d}||k(}|stjd|fd||fdt j vstj trtjtnddt j vstj |rtj|ndtj|tj|dz}dd |iz}ttj|d x}x}}|d }|d } d } | | u}|sltjd|fd| | ftj| tj| dz} dd| iz}ttj|d x} x}} d} |d} | | v}|stjd|fd| | ftj| tj| dz} tjd|ddzd| iz}ttj|d x} x}} y )zJAuthorization header with non-Bearer scheme (e.g. Token, Basic) redaction.zUcurl -H "Authorization: Token abc123def456ghi789jkl012mno345" https://api.example.comrIrrJrKrLrMrQrRNrrvTrZr\rVrXrPrr_rwz!authz_token placeholder missing: r]re rBryrLrfrgr6rhrirjrkr7rls r<'test_authorization_non_bearer_redactionr~qsk aC]+G w<1<1 <133ww<1 AJE $ %-- % ---- %--- %---------- #ouY'7o #'7 7ooo #'7ooo #ooo'7ooo;\]bcl]m\n9oooooooorCcd}t||}t|}d}||k(}|stjd|fd||fdt j vstj trtjtnddt j vstj |rtj|ndtj|tj|dz}dd |iz}ttj|d x}x}}|d }|d } d } | | u}|sltjd|fd| | ftj| tj| dz} dd| iz}ttj|d x} x}} g} d}|d}||v}|} |s d} |d}| |v}|} | stjd|fd||ftj|tj|dz}dd |iz}| j||s_tjdfd ftj| tj|dz}dd|iz}| j|tj| diz}dd|iz}ttj|d x} x} x}x}x}x} x}}y ) u<Bearer 토큰은 기존 token redaction 유지 (regression).zPcurl -H "Authorization: Bearer abc123def456ghi789jkl012" https://api.example.comrIrrJrKrLrMrQrRNrrvTrZr\rVrXrPzrr|r_)z%(py3)s in %(py6)s)rOrPz%(py8)s)z%(py11)s in %(py14)s)py11py14z%(py16)spy16zassert %(py19)spy19) r=rKr$r%r&r'r(r)r,r-append_format_boolop)rBryrLrfrgr6rhrirjrkr7rlr5 @py_assert10 @py_assert13 @py_assert12 @py_format15 @py_format17 @py_format18 @py_format20s r<#test_bearer_still_redacted_as_tokenr{s \C]+G w<1<1 <133ww<1 AJE $ %-- % ---- %--- %----------e e% "2e "2 2e8PeTYZcTde8PTd8deee "2eee eee"2eeeeeee8PTdeee8PeeeTdeeeeeeeeeeeeeerCctd|}t|}d}||k(}|stjd|fd||fdt j vstj trtjtnddt j vstj |rtj|ndtj|tj|dz}dd |iz}ttj|d x}x}}|d }d }||v}|stjd |fd||ftj|dt j vstj |rtj|nddz} dd| iz} ttj| d x}}|d }d} || u}|sltjd|fd|| ftj|tj| dz} dd| iz}ttj|d x}x}} |d}t|}||k(}|stjd|fd||ftj|dt j vstj trtjtnddt j vstj |rtj|ndtj|dz}dd |iz}ttj|d x}x}}y )u?AUDIT_TRAIL_LOG_DIR override 시 audit_log_dir_overridden=true.zecho override-testrIrrJrKrLrMrQrRNraudit_log_dir_overriddenr_z%(py1)s in %(py3)srjrNrOassert %(py5)srTrZr\rVrXrP audit_log_dir)z0%(py1)s == %(py6)s {%(py6)s = %(py3)s(%(py4)s) }rrB)rNrOrWrP) r=rKr$r%r&r'r(r)r,r-r) rBrLrfrgr6rhrirjrkrmr8r7rls r<6test_audit_log_dir_overridden_field_true_when_test_envrs,mtsbotr filetoolmemberts_kstrsessiontask_idr command_hashr claimed_actorrYrSrvaffected_path_candidatesrowner_attribution_statusactor_verification_evidencer^zmissing v3.1 fields: z >assert not %(py0)srmissingNrSrTrrUrVrXrPrr) r=keysr$r*r&r'r(r)r,r-r%) rBrLrj v3_1_requiredrr5 @py_format2rkr7rfrlrhs r<(test_schema_v3_1_required_fields_presentrs%/?G AJEM0ejjl*G;9;99/y9999999w999w999999 ! "'a' "a '''' "a''' "'''a'''''''  :#:: #: :::: #:::: :::#::::::::rCcFd}t||}t|}d}||k(}|stjd|fd||fdt j vstj trtjtnddt j vstj |rtj|ndtj|tj|dz}dd |iz}ttj|d x}x}}|d }|d } d } | | u}|sltjd|fd| | ftj| tj| dz} dd| iz}ttj|d x} x}} d} |d} | | v}|sltjd|fd| | ftj| tj| dz} dd| iz}ttj|d x} x}} y )u`task-2516+1 forensic 동기 시나리오: python으로 file truncate 시도가 capture되는지.z@python3 -c "open('utils/replacement_pr_runner.py', 'w').close()"rIrrJrKrLrMrQrRNrrYTrZr\rVrXrPrGr^r_rwrpr}s r<5test_task_2516plus1_python_truncate_scenario_capturedrsQ NC]+G w<1<1 <133ww<1 AJE ! "*d* "d **** "d*** "***d******* F%(E"FF "F FFFF "FFFF FFF"FFFFFFFFrCcddl}d}g}tdD]H}|j}t||d||j |j|z dzJ|j |t |dz}d }||k}|stjd |fd ||fd tjvstj|rtj|nd tj|d z} tjd|dd|dzd| iz} ttj| dx}}y)uD-AUDIT-9: python -c 미포함 명령은 sub-pattern grep 진입 안 함 → fast path. median hook latency 200ms 미만 강제 (회장 hard limit). rNzecho hello worldrzperf-)r i)<)z%(py0)s < %(py3)s median_msrbz)D-AUDIT-9 violation: median hook latency z.1fz/ms exceeds 200ms hard limit. All measurements: rdr)timerange perf_counterr=rsortrKr$r%r&r'r(r)r*r,r-) rBrry latencies_ms_startrrfr5rmr8s r<*test_d_audit_9_no_python_command_fast_pathrs6 CL 2YB!!##}5=T..058D@AB S.!34I9s?9s   4Ic?C)N ,rCcDtd|}t|}d}||k(}|stjd|fd||fdt j vstj trtjtnddt j vstj |rtj|ndtj|tj|dz}dd |iz}ttj|d x}x}}|d d }d }||u}|sltjd|fd||ftj|tj|dz} dd| iz}ttj|d x}x}}d}|d d}||v}|sltjd|fd||ftj|tj|dz} dd| iz}ttj|d x}x}}y )uKhotfix 후에도 python destructive ops capture 정상 작동 (regression).rDrIrrJrKrLrMrQrRNrrYTrZr\rVrXrPrEr^r_rwrprqs r<=test_d_audit_9_python_destructive_still_captured_after_hotfixrsLI=YG w<1<1 <133ww<1 1:& '/4/ '4 //// '4/// '///4/////// L71:.K#LL #L LLLL #LLLL LLL#LLLLLLLLrCcDtd|}t|}d}||k(}|stjd|fd||fdt j vstj trtjtnddt j vstj |rtj|ndtj|tj|dz}dd |iz}ttj|d x}x}}|d d }d }||u}|sltjd|fd||ftj|tj|dz} dd| iz}ttj|d x}x}}d}|d d}||v}|sltjd|fd||ftj|tj|dz} dd| iz}ttj|d x}x}}y )u,hotfix 후 open-write 패턴 정상 capture.rFrIrrJrKrLrMrQrRNrrYTrZr\rVrXrPrGr^r_rwrprqs r<rs #  6 \0   11`pf 8$@;NG *ML1rC