Check ClawHub trust before plugin installs (#81307)

Merged via squash. Prepared head SHA: 273fd7c20e Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com> Co-authored-by: jesse-merhi <79823012+jesse-merhi@users.noreply.github.com> Reviewed-by: @jesse-merhi
2026-06-06 11:22:52 +00:00 · 2026-05-13 16:31:52 +10:00
parent cf68115e6e
commit 87eb450047
23 changed files with 832 additions and 43 deletions
--- a/src/cli/plugins-update-command.ts
+++ b/src/cli/plugins-update-command.ts
@@ -13,6 +13,7 @@ import {
 import { updateNpmInstalledPlugins } from "../plugins/update.js";
 import { defaultRuntime } from "../runtime.js";
 import { theme } from "../terminal/theme.js";
+import { resolveClawHubRiskAcknowledgementCliOptions } from "./clawhub-risk-acknowledgement.js";
 import { commitPluginInstallRecordsWithConfig } from "./plugins-install-record-commit.js";
 import { refreshPluginRegistryAfterConfigMutation } from "./plugins-registry-refresh.js";
 import { logPluginUpdateOutcomes } from "./plugins-update-outcomes.js";
@@ -24,7 +25,12 @@ import { promptYesNo } from "./prompt.js";

 export async function runPluginUpdateCommand(params: {
  id?: string;
-  opts: { all?: boolean; dryRun?: boolean; dangerouslyForceUnsafeInstall?: boolean };
+  opts: {
+    all?: boolean;
+    acknowledgeClawHubRisk?: boolean;
+    dryRun?: boolean;
+    dangerouslyForceUnsafeInstall?: boolean;
+  };
 }) {
  assertConfigWriteAllowedInCurrentMode();

@@ -62,6 +68,10 @@ export async function runPluginUpdateCommand(params: {
    specOverrides: pluginSelection.specOverrides,
    dryRun: params.opts.dryRun,
    dangerouslyForceUnsafeInstall: params.opts.dangerouslyForceUnsafeInstall,
+    ...resolveClawHubRiskAcknowledgementCliOptions({
+      acknowledgeClawHubRisk: params.opts.acknowledgeClawHubRisk,
+      action: "updating",
+    }),
    logger,
    onIntegrityDrift: async (drift) => {
      const specLabel = drift.resolvedSpec ?? drift.spec;