Commit Graph

6 Commits

Author SHA1 Message Date
7554b58ab7 feat: add block-gaming command (Stage 4) + guard-lib migration cleanup
Some checks are pending
pre-commit / pre-commit (push) Waiting to run
Tests / test (3.10) (push) Waiting to run
Tests / test (3.11) (push) Waiting to run
Tests / test (3.12) (push) Waiting to run
Adds `block-gaming <days>`: uninstalls Steam, kills/uninstalls known game
launchers, and blocks Steam + game-website domains (hosts + iptables) for a
fixed number of days with no in-app way to lift it early. Enforcement is
tamper-resistant via guard-lib's package-block (bind-mounted lock file) and
re-asserted every enforce tick.

Also migrates store_blocker.py's hosts-file locking from raw chattr/mount
calls to guard-lib's file-guard, using the new `sync` subcommand (not
`pacman-relock`) so our own legitimate edits aren't reverted as drift.

Fixes found during live verification:
- iptables never blocked real IPs because DNS was resolved after /etc/hosts
  already redirected every blocked domain to 0.0.0.0 locally - reordered so
  iptables resolves first.
- Game-website blocks only covered bare apex domains; sites that
  301-redirect to www (e.g. newgrounds.com) sailed right through - added
  automatic www. variant generation.
- Launchers (e.g. prismlauncher) were only killed, never uninstalled -
  added best-effort pacman-package removal keyed off /proc/<pid>/exe.

Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AFNiYQQgSLAkiBXswyimPq
2026-07-04 11:45:54 +02:00
551b8a4f95 chore: set up as standalone repo
Extracted from testsAndMisc monorepo. Changes:
- Rewrote imports from python_pkg.steam_backlog_enforcer.* → steam_backlog_enforcer.*
- Moved run.sh, install.sh, README.md, service file to repo root
- Added standalone pyproject.toml, requirements.txt, .pre-commit-config.yaml, .gitignore
- Added GitHub Actions CI workflows (tests + pre-commit)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-28 07:21:29 +02:00
d0d1037e1b feat(steam_backlog_enforcer): harden whitelist against circumvention
- Remove skip_app_ids from user-editable Config; callers updated
- Split PROTECTED_APP_IDS: only Steam infra/Proton IDs remain; game
  IDs moved to a new time-locked exception system
- Add _whitelist.py: 24-hour cooldown on new exceptions, entropy-
  checked justification (>= 5 words), append-only audit log,
  chattr +i immutability on enforcement-critical config files
- Add is_protected_app() in game_install.py; used everywhere
  instead of direct PROTECTED_APP_IDS membership checks
- Add 'add-exception' CLI command (cmd_add_exception in main.py)
- Call promote_pending_exceptions() and lock_enforcement_files()
  in each _enforce_loop_iteration
- 590 tests, 100% branch coverage on all steam_backlog_enforcer modules
- Add .worktrees to .gitignore
2026-05-17 20:44:05 +02:00
694b9409ab perf(pre-commit): batch+parallelize pytest on commit; kill 15s sleeps in steam_backlog_enforcer tests
- meta/.pre-commit-config.yaml: move pytest-coverage hook to pre-commit stage
- scripts/pytest_changed_packages.py: single batched pytest -n auto invocation
  with one --cov flag per affected python_pkg subpackage, wrapped in
  systemd-run --user --scope -p MemoryMax=4G -p MemorySwapMax=0 when available
- python_pkg/steam_backlog_enforcer/tests/conftest.py: new autouse
  _no_real_sleep fixture patches time.sleep across game_install /
  library_hider / steam_api / _enforce_loop. Removes 3x 15s real sleeps
  in TestFinalizeCompletion that fired through _ensure_steam_running

steam_backlog_enforcer test wall time: 33.97s -> 5.61s (xdist, no-cov)
5-package batched run: 732 tests in 1.37s @ 668% CPU
Coverage stays at 100% on all affected packages.

Evidence: docs/superpowers/evidence/pre-commit-pytest-batch-2026-05-14.json
2026-05-14 21:52:52 +02:00
c1cdd4535f chore: optimize pre-commit, remove tracked binaries, fix lint issues
- Move slow hooks (mypy, pylint, bandit, pytest, prettier) to pre-push stage
- Remove redundant autoflake (ruff covers F401/F841)
- Fix shellcheck OOM by batching files with xargs -n 40
- Remove tracked .o, .wav, .pyc binaries from git
- Move pomodoro wav files to ../testsAndMisc_binaries/ with symlinks
- Add *.o, *.so, *.a to .gitignore
- Refactor hltb._pick_best_hltb_entry to fix C901/PLR0911/SIM102
- Fix SC2034 warnings in gif_to_square.sh and upgrade.sh
- Add disk_cleanup_check.sh script
- Various test and code improvements across screen_locker,
  steam_backlog_enforcer, word_frequency, moviepy_showcase
2026-04-10 18:48:37 +02:00
093c5afd3b fix: prevent tests from touching real Steam files
Tests for pick_next_game were calling uninstall_other_games and
state.save against real filesystem paths, deleting installed games
and overwriting the user's state.json whenever tests or pre-commit
ran.

- Add conftest.py safety net that redirects STEAMAPPS_PATH,
  CONFIG_DIR, STATE_FILE, SNAPSHOT_FILE, CONFIG_FILE, and
  HOSTS_FILE to tmp_path in all steam_backlog_enforcer tests
- Add missing uninstall_other_games mock to 4 tests in
  test_scanning.py (test_picks_shortest, test_skips_finished,
  test_unknown_hours, test_picks_game_no_hours)
2026-03-25 21:15:40 +01:00