@cleartrip/frontguard 0.1.7 → 0.1.9

package/dist/cli.js

@@ -2458,7 +2458,7 @@ export default defineConfig({
   // },
 
   // checks: {
-  //   bundle: { enabled: true, maxDeltaBytes: 50_000, maxTotalBytes: null },
+  //   bundle: { baselineRef: 'main', maxDeltaBytes: 50_000 }, // ref for git baseline file
   //   cycles: { enabled: true },
   //   deadCode: { enabled: true, gate: 'info' },
   //   // LLM: cloud keys in CI, or local Ollama (no API key) on dev/self-hosted runners:
@@ -2544,22 +2544,14 @@ function bitbucketDownloadsPageUrl() {
 }
 function formatBitbucketPrSnippet(report) {
   const publicReport = process.env.FRONTGUARD_PUBLIC_REPORT_URL?.trim();
+  const linkOnly = process.env.FRONTGUARD_BITBUCKET_COMMENT_LINK_ONLY === "1";
+  if (linkOnly && publicReport) {
+    return publicReport.endsWith("\n") ? publicReport : `${publicReport}
+`;
+  }
   const downloadsName = process.env.FRONTGUARD_REPORT_DOWNLOAD_NAME?.trim();
   const downloadsPage = bitbucketDownloadsPageUrl();
   const pipeline = bitbucketPipelineResultsUrl();
-  let linkLine;
-  if (publicReport) {
-    linkLine = `**[Open full FrontGuard report (HTML)](${publicReport})** \u2014 interactive report in the browser (all findings).`;
-  } else if (downloadsName && downloadsPage) {
-    linkLine = `**[Repo Downloads](${downloadsPage})** \u2014 open \`${downloadsName}\` (uploaded by this pipeline). Download the file, then open it in a browser.`;
-  } else if (pipeline) {
-    linkLine = [
-      `**[Open this pipeline run](${pipeline})** (Bitbucket login required).`,
-      "On that page: open the **Artifacts** section \u2192 download **`frontguard-report.html`** \u2192 open the file in your browser to see the full interactive report."
-    ].join(" ");
-  } else {
-    linkLine = "_Run FrontGuard inside Bitbucket Pipelines so `BITBUCKET_REPO_FULL_NAME` and `BITBUCKET_BUILD_NUMBER` are set, or set `FRONTGUARD_PUBLIC_REPORT_URL` after uploading the HTML._";
-  }
   const { riskScore, results } = report;
   const blocks = results.reduce(
     (n3, r4) => n3 + r4.findings.filter((f4) => f4.severity === "block").length,
@@ -2569,25 +2561,48 @@ function formatBitbucketPrSnippet(report) {
     (n3, r4) => n3 + r4.findings.filter((f4) => f4.severity === "warn").length,
     0
   );
-  const lines = [
-    "## FrontGuard",
-    "",
-    `**Risk:** ${riskScore} \xB7 **Blocking:** ${blocks} \xB7 **Warnings:** ${warns}`,
+  const out = [
+    "FrontGuard report (short summary)",
     "",
-    linkLine,
-    "",
-    "| Check | Status |",
-    "|:--|:--|"
+    `Risk: ${riskScore}  |  Blocking: ${blocks}  |  Warnings: ${warns}`,
+    ""
   ];
+  if (publicReport) {
+    out.push("Full interactive report (open in browser):");
+    out.push(publicReport);
+    out.push("");
+  } else if (downloadsName && downloadsPage) {
+    out.push("HTML report is in Repository \u2192 Downloads. Open this page while logged in:");
+    out.push(downloadsPage);
+    out.push(`File name: ${downloadsName}`);
+    out.push("Download the file, then open it in a browser.");
+    out.push("");
+  } else if (pipeline) {
+    out.push(
+      "There is no direct \u201CHTML URL\u201D for pipeline artifacts in Bitbucket. Use this pipeline run (log in), then Artifacts \u2192 frontguard-report.html:"
+    );
+    out.push(pipeline);
+    out.push("");
+    out.push(
+      "Steps: open the link \u2192 scroll to Artifacts \u2192 download frontguard-report.html \u2192 open the file on your machine."
+    );
+    out.push("");
+  } else {
+    out.push(
+      "Add a link: run FrontGuard inside Bitbucket Pipelines, or set FRONTGUARD_PUBLIC_REPORT_URL after uploading the HTML somewhere HTTPS."
+    );
+    out.push("");
+  }
+  out.push("Checks:");
   for (const r4 of results) {
-    const status = r4.skipped ? `Skipped (${r4.skipped.slice(0, 80)}${r4.skipped.length > 80 ? "\u2026" : ""})` : r4.findings.length === 0 ? "Clean" : `${r4.findings.length} finding(s)`;
-    lines.push(`| \`${r4.checkId}\` | ${status} |`);
+    const status = r4.skipped ? `skipped (${r4.skipped.slice(0, 100)}${r4.skipped.length > 100 ? "\u2026" : ""})` : r4.findings.length === 0 ? "clean" : `${r4.findings.length} finding(s)`;
+    out.push(`- ${r4.checkId}: ${status}`);
   }
-  lines.push("");
-  lines.push(
-    publicReport ? "_All findings and suggested fixes are in the linked HTML report._" : "_Summary only \u2014 use the link above for the full interactive report._"
+  out.push("");
+  out.push(
+    "Do not paste the long frontguard-report.md into PR comments. Full text output is in that file / pipeline artifacts only."
   );
-  return lines.join("\n");
+  return out.join("\n");
 }
 
 // src/ci/parse-ai-disclosure.ts
@@ -2687,10 +2702,10 @@ async function resolvePrNumber() {
   const raw = process.env.FRONTGUARD_PR_NUMBER ?? process.env.PR_NUMBER;
   const n3 = Number(raw);
   if (Number.isFinite(n3) && n3 > 0) return n3;
-  const path16 = process.env.GITHUB_EVENT_PATH;
-  if (!path16) return null;
+  const path17 = process.env.GITHUB_EVENT_PATH;
+  if (!path17) return null;
   try {
-    const payload = JSON.parse(await fs.readFile(path16, "utf8"));
+    const payload = JSON.parse(await fs.readFile(path17, "utf8"));
     const num = payload.pull_request?.number;
     return typeof num === "number" && num > 0 ? num : null;
   } catch {
@@ -2829,7 +2844,7 @@ var defaultConfig = {
         tsAnyDeltaToBlock: true
       }
     },
-    prSize: { warnLines: 400, softBlockLines: 800 },
+    prSize: { enabled: true, warnLines: 400, softBlockLines: 800 },
     tsAnyDelta: {
       enabled: true,
       gate: "warn",
@@ -2837,24 +2852,25 @@ var defaultConfig = {
       maxAdded: 0
     },
     cycles: {
-      enabled: false,
+      enabled: true,
       gate: "warn",
       entries: ["src"],
       extraArgs: []
     },
     deadCode: {
-      enabled: false,
+      enabled: true,
       gate: "info",
       extraArgs: [],
       maxReportLines: 80
     },
     bundle: {
-      enabled: false,
+      enabled: true,
       gate: "warn",
       runBuild: true,
       buildCommand: "npm run build",
       measureGlobs: ["dist/**/*", "build/static/**/*", ".next/static/**/*"],
       baselinePath: ".frontguard/bundle-baseline.json",
+      baselineRef: "main",
       maxDeltaBytes: null,
       maxTotalBytes: null
     },
@@ -4149,6 +4165,14 @@ function sectionMentioned(body, hint) {
 // src/checks/pr-size.ts
 function runPrSize(config, pr) {
   const t0 = performance.now();
+  if (!config.checks.prSize.enabled) {
+    return {
+      checkId: "pr-size",
+      findings: [],
+      durationMs: 0,
+      skipped: "disabled in config"
+    };
+  }
   if (!pr) {
     return {
       checkId: "pr-size",
@@ -4574,7 +4598,7 @@ async function runBundle(cwd, config, stack) {
       durationMs: Math.round(performance.now() - t0)
     };
   }
-  const baseRef = await gitOkQuick(cwd) ? await resolveDiffBaseRef(cwd, config.checks.tsAnyDelta.baseRef) : null;
+  const baseRef = await gitOkQuick(cwd) ? await resolveDiffBaseRef(cwd, cfg.baselineRef) : null;
   const baseline = await readBaseline(cwd, cfg.baselinePath, baseRef);
   const findings = [];
   const infoLines = [
@@ -5097,7 +5121,6 @@ function buildHtmlReport(p2) {
     .badges { margin-bottom: 1.25rem; display: flex; flex-wrap: wrap; gap: 0.35rem; align-items: center; }
     .badge { height: 28px; width: auto; max-width: 100%; image-rendering: crisp-edges; }
     details { background: var(--panel); border: 1px solid var(--border); border-radius: 8px; margin-bottom: 0.75rem; }
-    details.open-default { border-color: #3d4f6a; }
     summary {
       cursor: pointer; padding: 0.65rem 1rem; font-weight: 600;
       list-style: none; display: flex; align-items: center; gap: 0.5rem;
@@ -5162,12 +5185,12 @@ function buildHtmlReport(p2) {
     <tbody>${checkRows}</tbody>
   </table>
 
-  <details class="open-default" open>
+  <details>
     <summary>Blocking (${blocks})</summary>
     <div class="details-body">${blockingHtml}</div>
   </details>
 
-  <details class="open-default" open>
+  <details>
     <summary>Warnings (${warns})</summary>
     <div class="details-body">${warningsHtml}</div>
   </details>
@@ -5991,7 +6014,16 @@ async function runFrontGuard(opts) {
   }
   if (opts.prCommentOut) {
     const snippet = formatBitbucketPrSnippet(report);
-    await fs.writeFile(opts.prCommentOut, snippet, "utf8");
+    const abs = path4.isAbsolute(opts.prCommentOut) ? opts.prCommentOut : path4.join(opts.cwd, opts.prCommentOut);
+    await fs.writeFile(abs, snippet, "utf8");
+    g.stderr.write(
+      `
+FrontGuard: wrote Bitbucket PR comment text to ${abs} (${snippet.length} bytes).
+  Use ONLY this file in your POST \u2026/pullrequests/{id}/comments payload (content.raw).
+  Do not post frontguard-report.md or captured stdout \u2014 that is the long markdown log.
+
+`
+    );
   }
   if (opts.markdown) {
     g.stdout.write(report.markdown + "\n");