Skip to content

commands: enforce worktree isolation in rockout, review-pr, release-patch#2032

Merged
brendancol merged 1 commit into
mainfrom
workflow-worktree-isolation
May 18, 2026
Merged

commands: enforce worktree isolation in rockout, review-pr, release-patch#2032
brendancol merged 1 commit into
mainfrom
workflow-worktree-isolation

Conversation

@brendancol
Copy link
Copy Markdown
Contributor

@brendancol brendancol commented May 18, 2026

Summary

Tighten three workflow commands so the user's main checkout stays on main and all work happens in a dedicated worktree on its own branch.

  • rockout: Step 2 now defines an explicit isolation contract (ROCKOUT_WT / ROCKOUT_MAIN), requires a pwd and current-branch re-check before every commit, and forbids absolute paths into the main checkout.
  • review-pr: New Step 1.5 materializes the PR head in a worktree before reading any files. Detects when invoked from inside an existing worktree (e.g. `/rockout` Step 9) and reuses that worktree instead of creating a second one. Cleans up only the worktree it created.
  • release-patch: Step 2 now creates `release/vX.Y.Z` in a worktree off `origin/main`. Step 7 (tag) explicitly runs from the main checkout and removes the worktree after.

`release-minor`, `release-major`, notebook commands, and `bench` are not changed in this PR (out of scope for this round).

Test plan

  • Run `/rockout` against a small issue and confirm the main checkout's branch never changes from `main`.
  • Run `/review-pr ` standalone and confirm a fresh `.claude/worktrees/pr--review` is created, used, then removed.
  • Run `/review-pr ` from inside a rockout worktree and confirm it reuses that worktree rather than failing on a duplicate `git worktree add`.
  • Dry-read `/release-patch` and confirm Step 2 creates the worktree and Step 7 tags from the main checkout.

@brendancol
commands: enforce worktree isolation in rockout, review-pr, release-p…
fea1c8a 
…atch

Tighten the workflow commands so the user's main checkout stays on main
and all work happens in a dedicated worktree on its own branch.

- rockout: replace Step 2 with an explicit isolation contract
  ($ROCKOUT_WT / $ROCKOUT_MAIN), require a pwd/branch re-check before
  every commit, and forbid absolute paths into the main checkout.
- review-pr: add Step 1.5 to materialize the PR head in a worktree
  before reading files. Detects when invoked from inside another
  worktree (rockout Step 9) and reuses it. Cleans up only the
  worktree it created.
- release-patch: Step 2 now creates release/vX.Y.Z in a worktree off
  origin/main; Step 7 tags from the main checkout and removes the
  worktree after.
@github-actions github-actions Bot added the performance PR touches performance-sensitive code label May 18, 2026
@brendancol brendancol merged commit b83fd33 into main May 18, 2026
6 of 7 checks passed
@brendancol brendancol deleted the workflow-worktree-isolation branch May 27, 2026 14:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

performance PR touches performance-sensitive code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@brendancol