Add dependency malware checker hook for Claude Code (#1184)

* feat(hooks): add check-new-deps hook to block malware packages

Intercepts Edit/Write on dependency files across 17+ ecosystems
(npm, PyPI, Cargo, Go, Maven, etc.) and checks new deps against
Socket.dev's malware API before they're added. Uses SDK v4
checkMalware() with batch chunking, namespace-aware matching,
and in-memory caching.

* refactor(tests): use @socketsecurity/lib spawn and whichSync instead of child_process

* fix(hooks): use JSON parser for Pipfile.lock instead of regex extractor

Pipfile.lock is JSON (with "default" and "develop" sections keyed by
package name), not requirements.txt format. The regex-based extractPypi
silently matched zero dependencies. Add a dedicated extractPipfileLock
that parses the JSON structure correctly.

* fix(hooks): use nullish coalescing for new_string/old_string/content

Empty string is a valid value for new_string (Edit that deletes content)
and old_string. Using || instead of ?? caused falsy empty strings to
fall through to the wrong field.

* fix(hooks): add regex fallback for partial Pipfile.lock content

* fix(hooks): strip .git suffix from Swift names, remove spurious brew key

- Swift package URLs commonly end with .git (e.g. vapor.git); strip the
  suffix so the PURL lookup finds the correct package
- Remove 'brew' extractor key that matched any path ending in 'brew';
  only 'Brewfile' is the correct Homebrew manifest filename

* fix: fix Cargo.toml and npm extractor false positives

- Cargo.toml: Only extract deps from [dependencies] sections, not
  metadata like name, version, edition
- npm: Exclude known package.json metadata field names that match
  the dep pattern but aren't dependencies

Author: jdalton

.claude/hooks/check-new-deps/README.md

@@ -0,0 +1,102 @@
+# check-new-deps Hook
+
+A Claude Code pre-tool hook that checks new dependencies against [Socket.dev](https://socket.dev) before they're added to the project. It runs automatically every time Claude tries to edit or create a dependency manifest file.
+
+## What it does
+
+When Claude edits a file like `package.json`, `requirements.txt`, `Cargo.toml`, or any of 17+ supported ecosystems, this hook:
+
+1. **Detects the file type** and extracts dependency names from the content
+2. **Diffs against the old content** (for edits) so only *newly added* deps are checked
+3. **Queries the Socket.dev API** to check for malware and critical security alerts
+4. **Blocks the edit** (exit code 2) if malware or critical alerts are found
+5. **Warns** (but allows) if a package has a low quality score
+6. **Allows** (exit code 0) if everything is clean or the file isn't a manifest
+
+## How it works
+
+```
+Claude wants to edit package.json
+        │
+        ▼
+Hook receives the edit via stdin (JSON)
+        │
+        ▼
+Extract new deps from new_string
+Diff against old_string (if Edit)
+        │
+        ▼
+Build Package URLs (PURLs) for each dep
+        │
+        ▼
+Call sdk.checkMalware(components)
+  - ≤5 deps: parallel firewall API (fast, full data)
+  - >5 deps: batch PURL API (efficient)
+        │
+        ├── Malware/critical alert → EXIT 2 (blocked)
+        ├── Low score → warn, EXIT 0 (allowed)
+        └── Clean → EXIT 0 (allowed)
+```
+
+## Supported ecosystems
+
+| File | Ecosystem | Example dep format |
+|------|-----------|-------------------|
+| `package.json` | npm | `"express": "^4.19"` |
+| `package-lock.json`, `pnpm-lock.yaml`, `yarn.lock` | npm | lockfile entries |
+| `requirements.txt`, `pyproject.toml`, `setup.py` | PyPI | `flask>=3.0` |
+| `Cargo.toml`, `Cargo.lock` | Cargo (Rust) | `serde = "1.0"` |
+| `go.mod`, `go.sum` | Go | `github.com/gin-gonic/gin v1.9` |
+| `Gemfile`, `Gemfile.lock` | RubyGems | `gem 'rails'` |
+| `composer.json`, `composer.lock` | Composer (PHP) | `"vendor/package": "^3.0"` |
+| `pom.xml`, `build.gradle` | Maven (Java) | `<artifactId>commons</artifactId>` |
+| `pubspec.yaml`, `pubspec.lock` | Pub (Dart) | `flutter_bloc: ^8.1` |
+| `.csproj` | NuGet (.NET) | `<PackageReference Include="..."/>` |
+| `mix.exs` | Hex (Elixir) | `{:phoenix, "~> 1.7"}` |
+| `Package.swift` | Swift PM | `.package(url: "...", from: "4.0")` |
+| `*.tf` | Terraform | `source = "hashicorp/aws"` |
+| `Brewfile` | Homebrew | `brew "git"` |
+| `conanfile.*` | Conan (C/C++) | `boost/1.83.0` |
+| `flake.nix` | Nix | `github:owner/repo` |
+| `.github/workflows/*.yml` | GitHub Actions | `uses: owner/repo@ref` |
+
+## Configuration
+
+The hook is registered in `.claude/settings.json`:
+
+```json
+{
+  "hooks": {
+    "PreToolUse": [
+      {
+        "matcher": "Edit|Write",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "node .claude/hooks/check-new-deps/index.mts"
+          }
+        ]
+      }
+    ]
+  }
+}
+```
+
+## Dependencies
+
+All dependencies use `catalog:` references from the workspace root (`pnpm-workspace.yaml`):
+
+- `@socketsecurity/sdk` — Socket.dev SDK v4 with `checkMalware()` API
+- `@socketsecurity/lib` — shared constants and path utilities
+- `@socketregistry/packageurl-js` — Package URL (PURL) parsing and stringification
+
+## Caching
+
+API responses are cached in-memory for 5 minutes (max 500 entries) to avoid redundant network calls when Claude checks the same dependency multiple times in a session.
+
+## Exit codes
+
+| Code | Meaning | Claude behavior |
+|------|---------|----------------|
+| 0 | Allow | Edit/Write proceeds normally |
+| 2 | Block | Edit/Write is rejected, Claude sees the error message |