Paths containing spaces (common on Windows, e.g. C:\Users\Some User\...)
cause shell word-splitting when CLAUDE_PLUGIN_ROOT is unquoted, resulting
in hooks erroring with "No such file or directory" on every tool call.
Wraps the path in double quotes for all five affected hook commands.
Fixes the pattern reported in issue #57946. Closes the fix surfaced in PR #1921.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* Bump 26 plugin SHA pins to upstream HEAD
* Revert mercadopago SHA bump
The new upstream SHA adds a PreToolUse hook that fires on every
Bash/Edit/Write/Read in all sessions and globally blocks reading .env
files, regardless of project relevance. The policy scan flags this as
out of scope for what the plugin description advertises. Leave at the
prior pin until the upstream gates the hook on project relevance.
* Fix broken plugin source configs and bump their SHAs
Several external plugins had source configs that no longer matched the
upstream layout, so the automated SHA bump skipped them indefinitely.
Add the missing path field where the manifest moved into a subdirectory,
correct stale ref/commit metadata, and update the skills list for the
one strict:false skills-only entry.
- rc, revenuecat: upstream moved the plugin from repo root into
revenuecat/. Add path and bump SHA.
- zilliz: plugin moved from repo root into plugins/zilliz/. Add path
and bump SHA.
- sumup: plugin lives at providers/claude/plugin/ (declared by the
upstream marketplace.json) but our entry never had a path. Add it
and bump SHA.
- mintlify: pure SHA bump. Repo layout unchanged between SHAs; the
upstream remains a marketplace-style repo with no plugin.json, same
as the currently pinned SHA.
- netsuite-suitecloud (strict:false skills entry): bump SHA and add
the four new skill directories upstream added since the last pin.
- 42crunch-api-security-testing: ref said v1.0.1 but the pinned SHA
is actually v1.5.5. Correct the label; the SHA is already current.
- jfrog: commit and sha fields had drifted apart. Set both to
upstream HEAD.
Each new SHA verified to be on the upstream default branch and the
referenced manifest validated with claude plugin validate.
* Revert mintlify and netsuite-suitecloud changes
The validate-plugins check requires a plugin manifest at the pinned SHA
even for strict:false entries. Neither repo has one at any SHA, so a
SHA bump fails CI. Leave them at the existing pin until either the
upstream adds a manifest or the validator learns to honor strict:false.
* Cache scan verdicts and drop policy-failing entries from bump PRs
Three changes that together let the nightly bump clear any backlog in a
single run without blocking on a single bad upstream or re-burning Claude
time on already-scanned SHAs:
- bump-plugin-shas.yml: raise max-bumps default 20 -> 130 (above the
external entry count, so a single run can clear a full backlog) and add
an explicit 60-min job timeout. The cap was the only thing bounding the
blast radius of a single policy failure; the changes below take over
that role so the cap can be lifted.
- scan-plugins.yml: add a verdict cache keyed on (plugin, sha, policy
hash). The bump action force-resets bump/plugin-shas every night, which
makes the same SHAs reappear in the diff on consecutive nights — without
the cache the scan would re-burn ~90s of Claude time per entry per
night. Cached verdicts (pass and fail) are served from disk; only
uncached SHAs are scanned. The job still fails on cached failures so
the required check stays honest.
- revert-failed-bumps.yml (new): after a Scan Plugins workflow_run on
bump/plugin-shas concludes with a failure, drop just the failing
entries' source.sha back to main's pin via a follow-up signed commit
and re-dispatch the scan. The re-dispatch finds only cached-pass
entries and goes green in seconds. Bounded at 3 passes/night, restricted
to SHA-only diffs, and aborts if the bump branch was tampered with.
* Harden bump cache and revert workflows after review
- revert-failed-bumps: replace the time-based revert budget (anchored on
the PR head, which a revert commit immediately replaces — never
accumulating past 1) with a commit count: every nightly bump force-
resets to one commit and every revert pass adds exactly one, so
commits > MAX+1 is the budget without date math, pagination, or
exposure to comment spoofing.
- revert-failed-bumps: filter the bump PR by head owner so a fork PR
with a branch named bump/plugin-shas can't be selected.
- revert-failed-bumps: continue-on-error on the artifact download so a
scan that died before uploading (infra error) doesn't fail the revert
job — the missing-file guard downstream handles it.
- scan-plugins: add a per-ref concurrency group so concurrent scans
don't lose one another's cache writes; key the cache on run_attempt
so a re-run can save its own verdicts.
- scan-plugins: store the full source object in the cache and require
source equality on lookup, so a repo/path change at the same SHA
misses the cache instead of getting a stale verdict.
- scan-plugins / revert-failed-bumps: strip markdown control chars,
wrap model-generated text in code spans (neutralizes auto-linked
URLs), and redact key-shaped tokens before they reach the step
summary, artifact, cache, or PR comment.
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
