NAME

build - pretend-build verb, gated on a clean tree

SYNOPSIS

build

DESCRIPTION

Pretend-build verb. Calls gittree.CheckClean on cwd; if the tree is clean, prints "ok: tree is clean, pretend-build runs". If not, returns the structured refusal so the operator can read which gate property failed.

Examples:

# inside a clean checkout
cd /path/to/clean/repo
gittree-demo build
# ok: tree is clean, pretend-build runs

# dirty checkout - uncommitted change
echo dirt > some-tracked-file
gittree-demo build
# refused: working tree is dirty
#   M some-tracked-file

# untracked file
touch new-file
gittree-demo build
# refused: untracked files present
#   ?? new-file

# detached HEAD
git checkout HEAD~5
gittree-demo build
# refused: HEAD is detached

What the audit row records on refusal: the verb name (build), the exit code (2 = PolicyDenied), and the gate property that failed. An auditor can read this and reproduce the host state at refusal time without needing the operator's terminal scrollback.

Usage:

build [GLOBAL OPTIONS] [command [COMMAND OPTIONS]] [ARGUMENTS...]

build - cli-guard examples/gittree

NAME

SYNOPSIS

DESCRIPTION