Let’s be honest: you’ve probably stared at a blank VS Code window at 2 a.m., waiting for Claude Code to finally finish reasoning—only to have it hang, crash, or silently eat your unsaved changes when the API times out. I did. Twice. Then I found nonstop — a 92-star, shell-only, zero-dependency wrapper that forces Claude Code into autonomous work mode with pre-flight safety rails. Not magic. Not AI fluff. Just bash, curl, jq, and surprisingly sharp operational discipline. And yes—it’s running on my Raspberry Pi 5 right now, doing background refactors while I type this.

What Is nonstop — And Why Does “Autonomous Work Mode” Actually Matter?

nonstop isn’t another LLM UI or IDE plugin. It’s a process supervisor for claude-code (the official CLI from Anthropic), designed to eliminate the “wait → panic → Ctrl+C → lose context” loop. It adds three concrete layers most devs don’t realize they’re missing:

  • Pre-flight risk assessment: before sending any prompt, nonstop scans your diff, file size, git status, and even git blame history to flag high-risk ops (e.g., “you’re about to rewrite lib/crypto.js—and the last 3 commits were all by security-audit-bot”).
  • Blocker decision framework: configurable YAML rules that stop execution before the LLM touches code — not after. Example: if file_size > 2MB OR unstaged_changes > 5 OR branch != "main" → abort with BLOCKER: nonprod-branch.
  • Session-scoped stop hook: unlike SIGINT handlers buried in Python or Node, nonstop installs a lightweight trap-based hook that kills the entire Claude session, cleans up temp files, and logs why it stopped — all in <120 lines of POSIX shell.

That’s the kicker: this isn’t “AI assistant + monitoring.” It’s operational guardrails for code-generation workflows. Think of it like systemd for your LLM dev loop — boring until it saves you from a 3-hour debugging session.

Installation & Quick Start: Bash-First, No Python Required

nonstop is gloriously minimal: one nonstop executable (a single bash script), zero external dependencies beyond curl, jq, git, and sh. No npm install, no pip install, no brew tap. You could copy-paste it into /usr/local/bin/nonstop and be done.

Here’s how I actually set it up (tested on Ubuntu 24.04, macOS Sonoma, and RPi OS Bookworm):

# Fetch latest (v0.3.2 as of writing — check GitHub releases)
curl -fsSL https://raw.githubusercontent.com/andylizf/nonstop/v0.3.2/nonstop \
  -o /usr/local/bin/nonstop
chmod +x /usr/local/bin/nonstop

# Verify
nonstop --version  # outputs: nonstop v0.3.2 (shell)

Then alias it in your shell config:

echo 'alias claude="nonstop claude-code"' >> ~/.zshrc
source ~/.zshrc

Now claude --diff --refactor won’t just run — it’ll first check git status, validate file limits, and only then pass through to claude-code. No config needed to start — but you will want one.

Configuring the Blocker Framework: Real-World YAML Rules

The ~/.nonstop/config.yaml is where nonstop goes from “neat” to “indispensable.” This isn’t declarative fluff — it’s enforced policy, evaluated before Claude spins up.

Here’s my production config (running on a 2023 Mac Studio with 32GB RAM and M2 Ultra):

# ~/.nonstop/config.yaml
blockers:
  - id: "large-file"
    description: "Refusing to process files > 1.5MB"
    condition: "file_size > 1572864"  # bytes
    severity: "critical"

  - id: "unstaged-changes"
    description: "Unstaged changes detected — abort to avoid context loss"
    condition: "unstaged_changes > 0"
    severity: "critical"

  - id: "non-main-branch"
    description: "Claude is only allowed on 'main' or 'prod' for safety"
    condition: "branch !~ /^(main|prod)$/"
    severity: "warning"
    action: "warn-and-continue"  # or "abort"

  - id: "high-risk-file"
    description: "Avoid modifying auth/crypto/infra files without review"
    condition: "file_path =~ /^(src\/auth|lib\/crypto|infra\/)/"
    severity: "critical"

pre_flight:
  timeout: 8  # seconds max for all pre-checks
  git_timeout: 3

I’ve been running this for 11 days — and nonstop blocked 7 refactor attempts I would have regretted: two crypto.js edits during late-night fatigue, three attempts to refactor auth/ while on feature/oauth2-refresh, and one 2.1MB log parser I’d accidentally git added.

Compare that to vanilla claude-code — which happily accepts any input, no questions asked. Or to cursor.sh (a popular Claude wrapper): it adds UI polish but no pre-execution policy engine. nonstop doesn’t show you a nice modal — it stops your terminal session and prints BLOCKER: large-file. That’s the difference between “oops” and “oh god no.”

Docker & Docker Compose: Yes, It Runs in a Container (Even on ARM64)

“But my dev environment is containerized!” Good news: nonstop ships with a Dockerfile (multi-arch, built on alpine:3.20) and a docker-compose.yml example. I run it daily in a compose stack alongside gh and jq for CI-triggered refactor jobs.

Here’s the minimal docker-compose.yml I use for on-demand refactors:

# docker-compose.nonstop.yml
version: '3.8'
services:
  claude-runner:
    image: andylizf/nonstop:0.3.2
    volumes:
      - "${PWD}:/workspace:rw"
      - "${HOME}/.anthropic:/root/.anthropic:ro"
    working_dir: /workspace
    environment:
      - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
      - NONSTOP_CONFIG=/workspace/.nonstop/config.yaml
    entrypoint: ["/bin/sh", "-c"]
    command: |
      nonstop claude-code \
        --diff \
        --refactor \
        --target "src/utils/*.ts" \
        --model "claude-3-5-sonnet-20241022" \
        --timeout 120

Build and run:

ANTHROPIC_API_KEY=sk-... docker compose -f docker-compose.nonstop.yml up --build

Resource usage? Nearly zero. In a docker stats snapshot over 12h:

  • CPU: 0.02–0.07% (idle), spikes to 0.8% during pre-flight checks
  • RAM: 3.2–3.7 MB (static, no leaks)
  • Disk: no persistent storage — just reads your git repo and ~/.anthropic

I’ve tested it on linux/arm64 (RPi 5), linux/amd64, and darwin/arm64. Works identically. That said: the Docker image does not include claude-code — you must install it manually inside the container (or use the andylizf/nonstop:full variant, which bundles it). The lightweight image assumes you bring your own claude-code binary — a deliberate choice for security and version pinning.

Why Self-Host This? Who’s It Actually For?

Let’s cut the marketing noise: nonstop is not for hobbyists who run claude-code --help once a month.

It’s for:

  • Platform/infra engineers who run CI-triggered code migrations (e.g., “auto-upgrade all axios calls to fetch across 42 repos”) and cannot afford hallucinated breakages
  • Security teams enforcing “no unreviewed LLM edits to auth/crypto” in shared dev environments
  • Senior devs on large codebases who’ve lost >1 hour debugging a “harmless refactor” that silently broke a race condition in lib/queue.js
  • Anyone using Claude Code in scripts or Makefiles, where silent failure = corrupted output and no human in the loop

I run it on a $35 Raspberry Pi 5 (8GB RAM) — not for performance, but isolation. My prod ANTHROPIC_API_KEY lives only on that Pi. No cloud IDEs, no browser extensions, no leaking keys to VS Code telemetry. Just bash, curl, and policy.

Hardware-wise? You need nothing special. Even a 2GB Raspberry Pi 4 runs it fine — nonstop itself uses <4MB RAM and executes pre-flight checks in <150ms. The real resource cost is claude-code — which needs ~1.2GB RAM on claude-3-haiku and up to 2.4GB on claude-3-5-sonnet. But that’s Anthropic’s problem, not nonstop’s.

The Verdict: Is nonstop Worth Deploying? (Spoiler: Yes — With Caveats)

After 11 days, 42 refactor attempts, and 7 hard blocks, here’s my honest take:

Yes, deploy it — if you use claude-code >3x/week in scripts or serious dev work.
The pre-flight safety net is real. That unstaged_changes > 0 blocker alone saved me from committing a half-baked refactor into main. The YAML config is stupid-simple to extend. And the fact it’s pure POSIX shell means I can audit every line in <5 minutes.

No, skip it — if you only use Claude Code interactively in VS Code.
nonstop adds no UI, no inline suggestions, no chat. It’s a command-line guardrail, not a companion. You won’t “feel” it unless it stops you — and that’s by design.

⚠️ Rough edges worth knowing:

  • No built-in retry logic — if Anthropic’s API 503s mid-session, nonstop exits. You’ll need your own wrapper (I use until nonstop claude-code ...; do sleep 2; done).
  • claude-code binary path is hardcoded to /usr/local/bin/claude-code — not configurable yet. I symlink mine: sudo ln -sf ~/bin/claude-code /usr/local/bin/claude-code.
  • No Windows support — the trap and git assumptions break under git-bash or WSL1. WSL2 works fine.
  • Logging is stdout-only — no --log-file flag yet. I pipe to tee: nonstop claude-code ... 2>&1 | tee /var/log/nonstop.log.
  • v0.3.2 doesn’t support --stream mode — blocks streaming output (e.g., claude-code --stream --diff). Not a bug — a deliberate limitation for safety. Streaming + pre-flight doesn’t mix.

The GitHub repo is lean (92 stars, 14 forks, 23 commits as of Oct 2024), but the maintainer (@andylizf) responds to issues in <4 hours. That matters when you’re betting your refactor pipeline on it.

Bottom line? nonstop won’t make your code smarter. It won’t add new LLM features. What it does — and does brilliantly — is make your existing Claude Code workflow safer, more predictable, and auditable. In a world where LLMs are increasingly deployed as untrusted subprocesses, that’s not just nice-to-have. It’s the first line of defense.

So go ahead — curl it, chmod it, and let it block your next bad idea. You’ll thank me when it stops you from rewriting package-lock.json.