code_quality_check 0.1.5 → 0.1.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 760142f6566ac72dae11e48b2d31e8afcfbbefd6131fd42e4954c3c62c2a456e
-  data.tar.gz: e0e99d4f262b970dec7db0a171c3e0fa830b0ee622289101bd1541ff9525bc47
+  metadata.gz: 0db4bd2bc7348adfe3bbd706fba3b0d079d8ac50d889ce58bb616506145b43f5
+  data.tar.gz: 162015c6573caf0aed76c5c54c514db53454ecbb55013642c2c9c35fad541955
 SHA512:
-  metadata.gz: 3ad8f27f923c1671efd6a1c8ae099291b4797e37096d2d03842c5547961d5c89931b5ab40f7cf64a9ec7bbef0b07ab2260afa1886a7c1da14033e1b83be81e53
-  data.tar.gz: 1cb4563cc7ff5f441bc4d43c1f0ec5d40a9b425006744bd22ae84f9d403ce1dec7ed611e1a70ce040963765eef2af0271a80888f57821b4d8dfea96bde3a2354
+  metadata.gz: 2a5b7282e7702df72d7846d30a7c20836012158362a37d15f106410a8e522447752cec77cc82dac18f105ca2413ac6978135d54b3ec880f0ea66d786e7484a7b
+  data.tar.gz: 69c14673a15f335936e3c98e83271ad72ed972a44a0b50b0e479f090fbd367654e7a9709e731af547a5c92f408dd52d5fe3916af3813034ccc42b22cdc1ea595

data/lib/code_quality_check/version.rb

@@ -2,5 +2,5 @@
 
 # Version Module.
 module CodeQualityCheck
-  VERSION = '0.1.5'
+  VERSION = '0.1.8'
 end

data/lib/code_quality_check.rb

@@ -1,6 +1,12 @@
 # frozen_string_literal: true
 
 require_relative 'code_quality_check/version'
+
+# CodeQualityCheck integrates RuboCop, Brakeman, and Rails Best Practices
+# with Overcommit to enforce automated code quality checks on every Git commit.
+#
+# @see https://github.com/aniruddhami/code_quality_check
 module CodeQualityCheck
+  # Base error class for CodeQualityCheck gem.
   class Error < StandardError; end
 end

data/lib/generators/code_quality_check/install_generator.rb

@@ -4,21 +4,40 @@ require 'rails/generators/base'
 
 module CodeQualityCheck
   module Generators
-    # Define a generator class that inherits from Rails::Generators::Base
+    # Rails generator that installs Overcommit, RuboCop, Brakeman, and Rails Best
+    # Practices configuration files into a Rails project.
+    #
+    # Run with: +rails generate code_quality_check:install+
+    #
+    # Creates:
+    # - config/initializers/code_quality_check.rb
+    # - .overcommit.yml
+    # - .rubocop.yml
+    # - .git/hooks/pre-commit
+    # - .git/hooks/post-checkout
     class InstallGenerator < Rails::Generators::Base
       source_root File.expand_path('templates', __dir__)
       desc 'This generator creates an initializer file for Overcommit'
 
+      def install_overcommit
+        # Install Overcommit
+        run 'bundle exec overcommit --install'
+      end
+
       # Define a method that copies the initializer file to the config/initializers directory
       def copy_required_files
         # Copy the initializer file to the config/initializers directory
-        template 'overcommit.rb', 'config/initializers/overcommit.rb'
+        template 'code_quality_check.rb', 'config/initializers/code_quality_check.rb'
 
         # Copy the Overcommit configuration file to the root directory
         template 'overcommit.yml', '.overcommit.yml'
 
         # Copy the RuboCop configuration file to the root directory
         template 'rubocop.yml', '.rubocop.yml'
+        
+        # Copy the pre-commit hook to the .git/hooks directory
+        template 'pre-commit', '.git/hooks/pre-commit', force: true
+        template 'post-checkout', '.git/hooks/post-checkout', force: true
       end
     end
   end

data/lib/generators/code_quality_check/templates/{overcommit.rb → code_quality_check.rb}

@@ -1,4 +1,20 @@
-# config/initializers/overcommit.rb
+# config/initializers/code_quality_check.rb
+
+# Ensure code_quality_check gem is installed before setting up hooks
+begin
+  Gem::Specification.find_by_name('code_quality_check')
+rescue Gem::MissingSpecError
+  raise <<~MSG
+    The code_quality_check gem is not installed.
+
+    Add to your Gemfile:
+      gem 'code_quality_check'
+
+    Then run:
+      bundle install
+      rails generate code_quality_check:install
+  MSG
+end
 
 if Rails.env.development? || Rails.env.test?
   begin

data/lib/generators/code_quality_check/templates/overcommit.yml

@@ -2,18 +2,21 @@
 # extend the default configuration defined in:
 # https://github.com/sds/overcommit/blob/master/config/default.yml
 #
-# At the topmost level of this YAML file is a key representing type of hook
-# being run (e.g. pre-commit, commit-msg, etc.). Within each type you can
-# customize each hook, such as whether to only run it on certain files (via
-# `include`), whether to only display output if it fails (via `quiet`), etc.
+# Required gems (add to your Gemfile; code_quality_check provides most):
+#   - overcommit
+#   - rubocop, rubocop-performance, rubocop-rails
+#   - brakeman
+#   - rails_best_practices
+#   - bundler-audit (for BundleAudit security check)
+#
+# Optional code quality gems (enable hooks below to use):
+#   - reek (code smells)
+#   - flay (code duplication)
+#   - fasterer (performance)
 #
 # For a complete list of hooks, see:
 # https://github.com/sds/overcommit/tree/master/lib/overcommit/hook
-#
-# For a complete list of options that you can use to customize hooks, see:
-# https://github.com/sds/overcommit#configuration
-#
-# Uncomment the following lines to make the configuration take effect.
+#-------------------------------------------------------------------------------
 
 PreCommit:
   RuboCop:
@@ -38,10 +41,43 @@ PreCommit:
   # Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications.
   Brakeman:
     enabled: true
-    command: ['brakeman', '--skip-libs', '-w3']
+    required_executable: 'brakeman'
+    command: ['bundle', 'exec', 'brakeman', '--skip-libs', '-w3']
+    description: 'Scanning for security vulnerabilities with Brakeman'
 
-  TrailingWhitespace:
+  # BundleAudit checks Gemfile.lock for known vulnerable gem versions (CVE database).
+  BundleAudit:
+    enabled: true
+    required_executable: 'bundle-audit'
+    description: 'Checking for vulnerable gem versions'
+    include:
+      - 'Gemfile.lock'
+
+  # Reek analyzes Ruby code for code smells (add gem 'reek' to enable).
+  Reek:
     enabled: false
+    required_executable: 'reek'
+    description: 'Detecting code smells with Reek'
+    flags: ['--single-line', '--no-color', '--force-exclusion']
+    include: '**/*.rb'
+
+  # Flay finds structural code duplication (add gem 'flay' to enable).
+  Flay:
+    enabled: false
+    required_executable: 'flay'
+    description: 'Finding code duplication with Flay'
+    mass_threshold: 16
+    include: '**/*.rb'
+
+  # Fasterer suggests Ruby performance improvements (add gem 'fasterer' to enable).
+  Fasterer:
+    enabled: false
+    required_executable: 'fasterer'
+    description: 'Analyzing for potential speed improvements'
+    include: '**/*.rb'
+
+  TrailingWhitespace:
+    enabled: true
     exclude:
       - '**/lib/**/*' # Ignore trailing whitespace in generated files
 

data/lib/generators/code_quality_check/templates/post-checkout

@@ -0,0 +1,125 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+# Entrypoint for Overcommit hook integration. Installing Overcommit will result
+# in all of your git hooks being copied from this file, allowing the framework
+# to manage your hooks for you.
+
+# Prevent a Ruby stack trace from appearing when we interrupt the hook.
+# Note that this will be overridden when Overcommit is loaded, since the
+# InterruptHandler will redefine the trap at that time.
+Signal.trap('INT') do
+  puts 'Hook run interrupted'
+  exit 130
+end
+
+# Allow hooks to be disabled via environment variable so git commands can be run
+# in scripts without Overcommit running hooks
+if ENV['OVERCOMMIT_DISABLE'].to_i != 0 || ENV['OVERCOMMIT_DISABLED'].to_i != 0
+  exit
+end
+
+hook_type = File.basename($0)
+if hook_type == 'overcommit-hook'
+  puts "Don't run `overcommit-hook` directly; it is intended to be symlinked " \
+       "by each hook in a repository's .git/hooks directory."
+  exit 64 # EX_USAGE
+end
+
+# Check if Overcommit should invoke a Bundler context for loading gems
+require 'yaml'
+# rubocop:disable Style/RescueModifier
+gemfile =
+  begin
+    YAML.load_file('.overcommit.yml', aliases: true)['gemfile']
+  rescue ArgumentError
+    YAML.load_file('.overcommit.yml')['gemfile']
+  end rescue nil
+
+if gemfile
+  ENV['BUNDLE_GEMFILE'] = gemfile
+  require 'bundler'
+
+  begin
+    Bundler.setup
+  rescue Bundler::BundlerError => e
+    puts "Problem loading '#{gemfile}': #{e.message}"
+    puts "Try running:\nbundle install --gemfile=#{gemfile}" if e.is_a?(Bundler::GemNotFound)
+    exit 78 # EX_CONFIG
+  end
+end
+# rubocop:enable Style/RescueModifier
+
+begin
+  require 'overcommit'
+  puts 'Signing Overcommit hooks...'
+  exec('overcommit --sign')
+rescue LoadError
+  if gemfile
+    puts 'You have specified the `gemfile` option in your Overcommit ' \
+         'configuration but have not added the `overcommit` gem to ' \
+         "#{gemfile}."
+  else
+    puts 'This repository contains hooks installed by Overcommit, but the ' \
+         "`overcommit` gem is not installed.\n" \
+         'Install it with `gem install overcommit`.'
+  end
+
+  exit 64 # EX_USAGE
+end
+
+begin
+  logger = Overcommit::Logger.new(STDOUT)
+  Overcommit::Utils.log = logger
+
+  # Ensure master hook is up-to-date
+  installer = Overcommit::Installer.new(logger)
+  if installer.run(Overcommit::Utils.repo_root, action: :update)
+    exec($0, *ARGV) # Execute the updated hook with all original arguments
+  end
+
+  config = Overcommit::ConfigurationLoader.new(logger).load_repo_config
+
+  context = Overcommit::HookContext.create(hook_type, config, ARGV, STDIN)
+  config.apply_environment!(context, ENV)
+
+  printer = Overcommit::Printer.new(config, logger, context)
+  runner = Overcommit::HookRunner.new(config, logger, context, printer)
+
+  status = runner.run
+
+  exit(status ? 0 : 65) # 65 = EX_DATAERR
+rescue Overcommit::Exceptions::ConfigurationError => e
+  puts e
+  exit 78 # EX_CONFIG
+rescue Overcommit::Exceptions::HookContextLoadError => e
+  puts e
+  puts 'Are you running an old version of Overcommit?'
+  exit 69 # EX_UNAVAILABLE
+rescue Overcommit::Exceptions::HookLoadError,
+       Overcommit::Exceptions::InvalidHookDefinition => e
+  puts e.message
+  puts e.backtrace
+  exit 78 # EX_CONFIG
+rescue Overcommit::Exceptions::HookSetupFailed,
+       Overcommit::Exceptions::HookCleanupFailed => e
+  puts e.message
+  exit 74 # EX_IOERR
+rescue Overcommit::Exceptions::HookCancelled
+  puts 'You cancelled the hook run'
+  exit 130 # Ctrl-C cancel
+rescue Overcommit::Exceptions::InvalidGitRepo => e
+  puts e
+  exit 64 # EX_USAGE
+rescue Overcommit::Exceptions::ConfigurationSignatureChanged => e
+  puts e
+  puts "For more information, see #{Overcommit::REPO_URL}#security"
+  exit 1
+rescue Overcommit::Exceptions::InvalidHookSignature
+  exit 1
+rescue StandardError => e
+  puts e.message
+  puts e.backtrace
+  puts "Report this bug at #{Overcommit::BUG_REPORT_URL}"
+  exit 70 # EX_SOFTWARE
+end

data/lib/generators/code_quality_check/templates/pre-commit

@@ -0,0 +1,125 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+# Entrypoint for Overcommit hook integration. Installing Overcommit will result
+# in all of your git hooks being copied from this file, allowing the framework
+# to manage your hooks for you.
+
+# Prevent a Ruby stack trace from appearing when we interrupt the hook.
+# Note that this will be overridden when Overcommit is loaded, since the
+# InterruptHandler will redefine the trap at that time.
+Signal.trap('INT') do
+  puts 'Hook run interrupted'
+  exit 130
+end
+
+# Allow hooks to be disabled via environment variable so git commands can be run
+# in scripts without Overcommit running hooks
+if ENV['OVERCOMMIT_DISABLE'].to_i != 0 || ENV['OVERCOMMIT_DISABLED'].to_i != 0
+  exit
+end
+
+hook_type = File.basename($0)
+if hook_type == 'overcommit-hook'
+  puts "Don't run `overcommit-hook` directly; it is intended to be symlinked " \
+       "by each hook in a repository's .git/hooks directory."
+  exit 64 # EX_USAGE
+end
+
+# Check if Overcommit should invoke a Bundler context for loading gems
+require 'yaml'
+# rubocop:disable Style/RescueModifier
+gemfile =
+  begin
+    YAML.load_file('.overcommit.yml', aliases: true)['gemfile']
+  rescue ArgumentError
+    YAML.load_file('.overcommit.yml')['gemfile']
+  end rescue nil
+
+if gemfile
+  ENV['BUNDLE_GEMFILE'] = gemfile
+  require 'bundler'
+
+  begin
+    Bundler.setup
+  rescue Bundler::BundlerError => e
+    puts "Problem loading '#{gemfile}': #{e.message}"
+    puts "Try running:\nbundle install --gemfile=#{gemfile}" if e.is_a?(Bundler::GemNotFound)
+    exit 78 # EX_CONFIG
+  end
+end
+# rubocop:enable Style/RescueModifier
+
+begin
+  require 'overcommit'
+  puts 'Signing Overcommit hooks...'
+  exec('overcommit --sign')
+rescue LoadError
+  if gemfile
+    puts 'You have specified the `gemfile` option in your Overcommit ' \
+         'configuration but have not added the `overcommit` gem to ' \
+         "#{gemfile}."
+  else
+    puts 'This repository contains hooks installed by Overcommit, but the ' \
+         "`overcommit` gem is not installed.\n" \
+         'Install it with `gem install overcommit`.'
+  end
+
+  exit 64 # EX_USAGE
+end
+
+begin
+  logger = Overcommit::Logger.new(STDOUT)
+  Overcommit::Utils.log = logger
+
+  # Ensure master hook is up-to-date
+  installer = Overcommit::Installer.new(logger)
+  if installer.run(Overcommit::Utils.repo_root, action: :update)
+    exec($0, *ARGV) # Execute the updated hook with all original arguments
+  end
+
+  config = Overcommit::ConfigurationLoader.new(logger).load_repo_config
+
+  context = Overcommit::HookContext.create(hook_type, config, ARGV, STDIN)
+  config.apply_environment!(context, ENV)
+
+  printer = Overcommit::Printer.new(config, logger, context)
+  runner = Overcommit::HookRunner.new(config, logger, context, printer)
+
+  status = runner.run
+
+  exit(status ? 0 : 65) # 65 = EX_DATAERR
+rescue Overcommit::Exceptions::ConfigurationError => e
+  puts e
+  exit 78 # EX_CONFIG
+rescue Overcommit::Exceptions::HookContextLoadError => e
+  puts e
+  puts 'Are you running an old version of Overcommit?'
+  exit 69 # EX_UNAVAILABLE
+rescue Overcommit::Exceptions::HookLoadError,
+       Overcommit::Exceptions::InvalidHookDefinition => e
+  puts e.message
+  puts e.backtrace
+  exit 78 # EX_CONFIG
+rescue Overcommit::Exceptions::HookSetupFailed,
+       Overcommit::Exceptions::HookCleanupFailed => e
+  puts e.message
+  exit 74 # EX_IOERR
+rescue Overcommit::Exceptions::HookCancelled
+  puts 'You cancelled the hook run'
+  exit 130 # Ctrl-C cancel
+rescue Overcommit::Exceptions::InvalidGitRepo => e
+  puts e
+  exit 64 # EX_USAGE
+rescue Overcommit::Exceptions::ConfigurationSignatureChanged => e
+  puts e
+  puts "For more information, see #{Overcommit::REPO_URL}#security"
+  exit 1
+rescue Overcommit::Exceptions::InvalidHookSignature
+  exit 1
+rescue StandardError => e
+  puts e.message
+  puts e.backtrace
+  puts "Report this bug at #{Overcommit::BUG_REPORT_URL}"
+  exit 70 # EX_SOFTWARE
+end

data/lib/generators/code_quality_check/uninstall_generator.rb

@@ -4,14 +4,20 @@ require 'rails/generators/base'
 
 module CodeQualityCheck
   module Generators
-    # Uninstall generator to remove Overcommit and RuboCop configuration files
+    # Rails generator that removes CodeQualityCheck configuration and uninstalls
+    # Overcommit hooks.
+    #
+    # Run with: +rails generate code_quality_check:uninstall+
+    #
+    # Removes: config/initializers/code_quality_check.rb, .overcommit.yml, .rubocop.yml
+    # Runs: bundle exec overcommit --uninstall
     class UninstallGenerator < Rails::Generators::Base
       desc 'This generator removes Overcommit and RuboCop configuration files'
 
       # Remove Overcommit and RuboCop configuration files
       def remove_files
         # List of files to be removed
-        files_to_remove = ['config/initializers/overcommit.rb', '.overcommit.yml', '.rubocop.yml']
+        files_to_remove = ['config/initializers/code_quality_check.rb', '.overcommit.yml', '.rubocop.yml']
 
         files_to_remove.each do |file|
           if File.exist?(file)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: code_quality_check
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.1.8
 platform: ruby
 authors:
 - Aniruddha Mirajkar
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2025-02-20 00:00:00.000000000 Z
+date: 2026-03-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: brakeman
@@ -24,6 +24,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 5.4.0
+- !ruby/object:Gem::Dependency
+  name: bundler-audit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
 - !ruby/object:Gem::Dependency
   name: rails_best_practices
   requirement: !ruby/object:Gem::Requirement
@@ -72,8 +86,35 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.23.1
-description: Integrates Overcommit with RuboCop, Rails Best Practices, and Brakeman
-  for automated code quality checks.
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '6.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '6.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '9'
+description: |
+  Code Quality Check is a Ruby on Rails gem that runs automated quality and security
+  checks on every commit using Overcommit and Git hooks. It bundles and configures
+  RuboCop (style and lint), Brakeman (security), Rails Best Practices, and
+  BundleAudit (CVE checks). The installer sets up a Rails initializer that verifies
+  the gem is installed and ensures Overcommit hooks are present, so teams don't
+  silently skip checks. Optional support for Reek, Flay, and Fasterer via
+  .overcommit.yml. Requires Overcommit in your Gemfile; add the gem and run
+  `rails generate code_quality_check:install` to get started.
 email:
 - mirajkaraniruddha@gmail.com
 executables: []
@@ -83,8 +124,10 @@ files:
 - lib/code_quality_check.rb
 - lib/code_quality_check/version.rb
 - lib/generators/code_quality_check/install_generator.rb
-- lib/generators/code_quality_check/templates/overcommit.rb
+- lib/generators/code_quality_check/templates/code_quality_check.rb
 - lib/generators/code_quality_check/templates/overcommit.yml
+- lib/generators/code_quality_check/templates/post-checkout
+- lib/generators/code_quality_check/templates/pre-commit
 - lib/generators/code_quality_check/templates/rubocop.yml
 - lib/generators/code_quality_check/uninstall_generator.rb
 homepage: https://github.com/aniruddhami/code_quality_check
@@ -94,6 +137,7 @@ metadata:
   homepage_uri: https://github.com/aniruddhami/code_quality_check
   source_code_uri: https://github.com/aniruddhami/code_quality_check
   changelog_uri: https://github.com/aniruddhami/code_quality_check/blob/main/CHANGELOG.md
+  documentation_uri: https://github.com/aniruddhami/code_quality_check#readme
   github_repo: https://github.com/aniruddhami/code_quality_check
   rubygems_mfa_required: 'true'
 post_install_message: 
@@ -111,8 +155,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.5
+rubygems_version: 3.4.19
 signing_key: 
 specification_version: 4
-summary: A gem to enforce code quality checks using Git hooks
+summary: Enforce code quality on every commit via Overcommit and Git hooks
 test_files: []