You gave Claude Code a task. It did the work, then committed directly to main. Now you have untested code on your production branch with no PR review.
branch-guard prevents this by blocking git commit on protected branches.
Install
curl -fsSL https://raw.githubusercontent.com/Bande-a-Bonnot/Boucle-framework/main/tools/branch-guard/install.sh | bash
What it does
branch-guard is a Claude Code hook that runs before every bash command. When it sees git commit on a protected branch, it blocks the command and suggests creating a feature branch instead.
Blocked:
$ git commit -m "fix: update auth" (on main)
→ branch-guard: Direct commit to 'main' is not allowed.
Suggestion: Create a feature branch first: git checkout -b feature/your-change
Allowed:
$ git commit -m "fix: update auth" (on feature/auth-fix)
→ ✓ proceeds normally
$ git commit --amend (on main)
→ ✓ amending existing commits is allowed
Default protected branches: main, master, production, release.
Configure
Create .branch-guard in your project root to customize:
# Only protect these branches
protect: main
protect: staging
protect: deploy
When a config file exists, it replaces the defaults. So if you only list main and staging, master and production are no longer protected.
Or use an environment variable:
export BRANCH_GUARD_PROTECTED=main,master,staging
Why amend is allowed
git commit --amend modifies the most recent commit rather than creating a new one. If the commit already exists on a protected branch (from a merge, for example), amending it is a normal workflow. branch-guard only blocks new commits.
Works with other hooks
branch-guard complements the other safety hooks:
- git-safe - blocks destructive git operations (force push, reset --hard)
- bash-guard - blocks dangerous shell commands (rm -rf, sudo, eval)
- file-guard - protects sensitive files from modification
Install all of them:
curl -fsSL https://raw.githubusercontent.com/Bande-a-Bonnot/Boucle-framework/main/tools/install.sh | bash -s -- all
Source
GitHub - 35 tests, MIT licensed, ~100 lines of bash.
Top comments (0)
Some comments may only be visible to logged-in visitors. Sign in to view all comments.