fix(hooks): repair @socketsecurityhook- regression in package names + sync canonical formatting

jdalton · jdalton · commit efadd203a8aa · 2026-04-27T07:50:21.000-04:00
A botched perl rename had corrupted hook package.json names from
'@socketsecurity/hook-path-guard' to '@socketsecurityhook-path-guard'
(missing trailing slash), and a second pass converted that to
'@socketsecurityhookhook-pathhook-guard' with the test script
mangled to 'node hook-hook-test'. README and test-file references
inherited the same broken substring.

This commit overwrites all hook package.json files with canonical
contents, scrubs '@socketsecurityhook-' from README/test refs, and
syncs scripts/check-paths.mts and the path-guard skill reference
template to the formatted version. Verified: gate passes + 29/29
path-guard tests pass on all 7 fleet primaries; every path-guard
canonical file is now byte-identical across the fleet.
diff --git a/.claude/hooks/check-new-deps/package.json b/.claude/hooks/check-new-deps/package.json
@@ -1,5 +1,5 @@
 {
-  "name": "@socketsecurityhook-check-new-deps",
+  "name": "hook-check-new-deps",
   "private": true,
   "type": "module",
   "main": "./index.mts",
@@ -11,7 +11,7 @@
   },
   "dependencies": {
     "@socketregistry/packageurl-js": "1.4.2",
-    "@socketsecurity/lib": "5.24.0",
+    "@socketsecurity/lib": "catalog:",
     "@socketsecurity/sdk": "4.0.1"
   },
   "devDependencies": {
diff --git a/.claude/skills/path-guard/reference/check-paths.mts.tmpl b/.claude/skills/path-guard/reference/check-paths.mts.tmpl
@@ -229,7 +229,8 @@ const loadAllowlist = (): AllowlistEntry[] => {
         blockLines = []
         return
       }
-      ;(current as any)[key] = key === 'line' ? Number(unquote(trimmed)) : unquote(trimmed)
+      ;(current as any)[key] =
+        key === 'line' ? Number(unquote(trimmed)) : unquote(trimmed)
     }
     if (line.startsWith('- ')) {
       if (current && current.reason) {
@@ -317,8 +318,7 @@ const isAllowlisted = (finding: Finding): boolean =>
     const hashProvided =
       typeof entry.snippet_hash === 'string' && entry.snippet_hash.length > 0
     if (lineProvided || hashProvided) {
-      const lineMatches =
-        lineProvided && entry.line === finding.line
+      const lineMatches = lineProvided && entry.line === finding.line
       const hashMatches =
         hashProvided && entry.snippet_hash === snippetHash(finding.snippet)
       if (!(lineMatches || hashMatches)) {
@@ -382,7 +382,8 @@ const STRING_LITERAL_RE = /(['"])((?:\\.|(?!\1)[^\\])*)\1/g
 // (including those with `${...}` placeholders) so Rule A also catches
 // path construction via template literals like
 // `${buildDir}/out/Final/${binary}` or `build/${mode}/out/Final`.
-const TEMPLATE_LITERAL_RE = /`((?:\\.|(?:\$\{(?:[^{}]|\{[^{}]*\})*\})|(?!`)[^\\])*)`/g
+const TEMPLATE_LITERAL_RE =
+  /`((?:\\.|(?:\$\{(?:[^{}]|\{[^{}]*\})*\})|(?!`)[^\\])*)`/g
 
 /**
  * Convert a template-literal body into a synthetic forward-slash path
