git-protection.1


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

.TH GIT-PROTECTION 1 GIT-PROTECTION
.SH NAME
git-protection \- Spawn a new program with .git mounted as read-only

.SH SYNOPSIS
.B git-protection
.I utility
.RI [ argument ]\ ...

.SH DESCRIPTION
The
.B git-protection
utility runs a specified utility, but makes the
.I .git
directory a read-only mountpoint the specified utility.

.SH OPTIONS
No options are supported.

.SH OPERANDS
The following operands are supported:
.TP
.I utility
The name of the utility to be invoked.
.TP
.I argument
A string to pass as an argument for the invoked utility.

.SH EXIT STATUS
If
.I utility
is invoked, the exit status of
.B git-protection
is the exit status of utility; otherwise, the
.I git-protection
utility exits with one of the following values:
.TP
125
An error occurred in the
.I git-protection
utility.
.TP
126
The utility specified by
.I utility
was found but could not be invoked.
.TP
127
The utility specified by
.I utility
could not be found.

.SH RATIONALE
The
.I git-protection
utility can be used as a wrapper around agentic
aritifical intelligence tools to stop them from making destructive
changes to your git repository, only allowing them to write to the
workspace without involving git but read git data. Blocking the
tool from unstaging changes or otherwise remove information that
has been stored in git, actions that these tools otherwise like
to perform.

.SH SEE ALSO
None.