@cleartrip/frontguard 0.3.3 → 0.3.4

package/README.md

@@ -61,8 +61,8 @@ The PR comment includes:
 
 | Check | What it does | Default |
 |-------|-------------|---------|
-| **eslint** | Runs ESLint with your project config | Enabled |
-| **prettier** | Verifies Prettier formatting | Enabled |
+| **eslint** | Runs ESLint with your project config (skips `frontguard.config.*` by default) | Enabled |
+| **prettier** | Verifies Prettier formatting (skips `frontguard.config.*` by default) | Enabled |
 | **typescript** | Runs `tsc --noEmit` for type errors | Enabled |
 | **secrets** | Scans for leaked tokens, keys, passwords | Enabled |
 | **pr-hygiene** | Validates PR description, sections, AI disclosure | Enabled |
@@ -168,6 +168,14 @@ export default defineConfig({
 
 Run `frontguard init` to generate a config file with every option documented as comments.
 
+### ESLint / Prettier vs `frontguard.config.*`
+
+Defaults exclude `frontguard.config.mjs`, `frontguard.config.js`, and `frontguard.config.cjs` via `checks.eslint.ignorePatterns` and `checks.prettier.ignorePatterns` (picomatch globs, repo-relative). That keeps tool config from being judged by product rules. Set `ignorePatterns: []` on either check if you want those files linted/formatted. To extend the list in shared config, spread `DEFAULT_FRONTGUARD_CONFIG_IGNORE_PATTERNS` from `@cleartrip/frontguard`.
+
+### Bitbucket PR comment table
+
+The short PR comment lists **only checks that reported findings**. Skipped checks stay out of that table; the full HTML report still shows every check, including skips.
+
 ### Shared Org Config
 
 Publish a shared config package and extend it:

package/dist/cli.js

@@ -8,8 +8,9 @@ import path6, { sep, normalize, delimiter, resolve, dirname } from 'path';
 import fs from 'fs/promises';
 import { execFileSync, spawn } from 'child_process';
 import { createRequire } from 'module';
-import fs2 from 'fs';
+import fs3 from 'fs';
 import { pathToFileURL } from 'url';
+import picomatch from 'picomatch';
 import fg from 'fast-glob';
 import { pipeline } from 'stream/promises';
 import { PassThrough } from 'stream';
@@ -2430,16 +2431,28 @@ export default defineConfig({
   checks: {
     // \u2500\u2500\u2500 ESLint \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
     // Runs ESLint using your project config on PR-scoped files.
+    // Default ignores frontguard.config.{mjs,js,cjs} (tool config, not app code).
     // eslint: {
     //   enabled: true,
-    //   glob: '**/*.{js,cjs,mjs,jsx,ts,tsx}',   // files to lint
+    //   glob: '**/*.{js,cjs,mjs,jsx,ts,tsx}',
+    //   ignorePatterns: [
+    //     '**/frontguard.config.mjs',
+    //     '**/frontguard.config.js',
+    //     '**/frontguard.config.cjs',
+    //   ],
     // },
 
     // \u2500\u2500\u2500 Prettier \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
     // Checks that files match Prettier formatting.
+    // Default ignores the same FrontGuard config filenames as ESLint.
     // prettier: {
     //   enabled: true,
     //   glob: '**/*.{js,cjs,mjs,jsx,ts,tsx,json,md,css,scss,yml,yaml}',
+    //   ignorePatterns: [
+    //     '**/frontguard.config.mjs',
+    //     '**/frontguard.config.js',
+    //     '**/frontguard.config.cjs',
+    //   ],
     // },
 
     // \u2500\u2500\u2500 TypeScript \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
@@ -2837,18 +2850,13 @@ function mdTableCell(s3) {
   return s3.replace(/\|/g, "\\|").replace(/\r?\n/g, " ").trim();
 }
 function statusForPrTable(r4) {
-  if (r4.skipped) {
-    const t3 = r4.skipped.replace(/\s+/g, " ").trim();
-    const short = t3.length > 120 ? `${t3.slice(0, 117)}\u2026` : t3;
-    return `Skipped \u2014 ${short}`;
-  }
   const n3 = r4.findings.length;
   const blocks = r4.findings.filter((f4) => f4.severity === "block").length;
   if (blocks > 0) return `${n3} issue(s), ${blocks} blocking`;
   return `${n3} issue(s)`;
 }
 function checkNeedsRow(r4) {
-  return Boolean(r4.skipped) || r4.findings.length > 0;
+  return !r4.skipped && r4.findings.length > 0;
 }
 function formatBitbucketPrSnippet(report) {
   const publicReport = process.env.FRONTGUARD_PUBLIC_REPORT_URL?.trim();
@@ -3067,16 +3075,99 @@ function createDefu2(merger) {
   );
 }
 var defu2 = createDefu2();
+function normalizePrPath(p2) {
+  return p2.replace(/\\/g, "/").replace(/^\.\//, "");
+}
+function hasPrFileList(pr) {
+  return Boolean(pr?.files?.length);
+}
+function prPathSet(pr) {
+  if (!hasPrFileList(pr)) return null;
+  return new Set(pr.files.map(normalizePrPath));
+}
+function isPathInPrScope(relOrAbs, cwd, prSet) {
+  const raw = relOrAbs.replace(/^file:\/\//, "");
+  let rel = normalizePrPath(raw);
+  if (path6.isAbsolute(raw)) {
+    rel = normalizePrPath(path6.relative(cwd, raw));
+  }
+  if (prSet.has(rel)) return true;
+  const trimmed = rel.replace(/^\.\//, "");
+  if (prSet.has(trimmed)) return true;
+  return false;
+}
+var ESLINT_EXT = /\.(js|cjs|mjs|jsx|ts|tsx)$/i;
+var PRETTIER_EXT = /\.(js|cjs|mjs|jsx|ts|tsx|json|md|css|scss|sass|less|yml|yaml|vue|svelte)$/i;
+var CYCLES_EXT = /\.(tsx?|jsx?|mjs|cjs|js)$/i;
+function filterPrFilesForEslint(pr) {
+  if (!hasPrFileList(pr)) return null;
+  return pr.files.map(normalizePrPath).filter((f4) => ESLINT_EXT.test(f4));
+}
+function filterPrFilesForPrettier(pr) {
+  if (!hasPrFileList(pr)) return null;
+  return pr.files.map(normalizePrPath).filter((f4) => PRETTIER_EXT.test(f4));
+}
+function filterPrFilesForMadge(pr) {
+  if (!hasPrFileList(pr)) return null;
+  return pr.files.map(normalizePrPath).filter((f4) => CYCLES_EXT.test(f4));
+}
+async function existingRepoPaths(cwd, rels) {
+  const out = [];
+  for (const rel of rels) {
+    try {
+      await fs.access(path6.join(cwd, rel));
+      out.push(rel);
+    } catch {
+    }
+  }
+  return out;
+}
+function filterTscOutputToPrFiles(output, cwd, prSet) {
+  const lines = output.split("\n");
+  const kept = [];
+  for (const line of lines) {
+    const m3 = /^(.+?)\(\d+,\d+\):\s/.exec(line);
+    if (m3?.[1]) {
+      if (isPathInPrScope(m3[1], cwd, prSet)) kept.push(line);
+      continue;
+    }
+  }
+  return kept.join("\n").trim();
+}
+
+// src/lib/glob-ignore.ts
+var DEFAULT_FRONTGUARD_CONFIG_IGNORE_PATTERNS = [
+  "**/frontguard.config.mjs",
+  "**/frontguard.config.js",
+  "**/frontguard.config.cjs"
+];
+function pathMatchesIgnorePatterns(relPath, patterns) {
+  if (patterns.length === 0) return false;
+  const posixRel = normalizePrPath(relPath);
+  for (const pattern of patterns) {
+    const pm = picomatch(pattern, { dot: true });
+    if (pm(posixRel) || pm(`./${posixRel}`)) return true;
+  }
+  return false;
+}
+function negatedPrettierGlobs(patterns) {
+  return patterns.map((p2) => p2.startsWith("!") ? p2 : `!${p2}`);
+}
 
 // src/config/defaults.ts
 var defaultConfig = {
   mode: "warn",
   rules: {},
   checks: {
-    eslint: { enabled: true, glob: "**/*.{js,cjs,mjs,jsx,ts,tsx}" },
+    eslint: {
+      enabled: true,
+      glob: "**/*.{js,cjs,mjs,jsx,ts,tsx}",
+      ignorePatterns: [...DEFAULT_FRONTGUARD_CONFIG_IGNORE_PATTERNS]
+    },
     prettier: {
       enabled: true,
-      glob: "**/*.{js,cjs,mjs,jsx,ts,tsx,json,md,css,scss,yml,yaml}"
+      glob: "**/*.{js,cjs,mjs,jsx,ts,tsx,json,md,css,scss,yml,yaml}",
+      ignorePatterns: [...DEFAULT_FRONTGUARD_CONFIG_IGNORE_PATTERNS]
     },
     typescript: { enabled: true },
     secrets: { enabled: true },
@@ -3203,7 +3294,7 @@ async function loadConfig(cwd) {
   const loadErrors = [];
   for (const name of CONFIG_NAMES) {
     const full = path6.join(cwd, name);
-    if (!fs2.existsSync(full)) continue;
+    if (!fs3.existsSync(full)) continue;
     try {
       const mod = await importConfig(full);
       userFile = normalizeExport(mod);
@@ -3374,65 +3465,6 @@ function stripFrontmatter(content) {
   if (endIdx === -1) return content;
   return content.slice(endIdx + 3).trim();
 }
-function normalizePrPath(p2) {
-  return p2.replace(/\\/g, "/").replace(/^\.\//, "");
-}
-function hasPrFileList(pr) {
-  return Boolean(pr?.files?.length);
-}
-function prPathSet(pr) {
-  if (!hasPrFileList(pr)) return null;
-  return new Set(pr.files.map(normalizePrPath));
-}
-function isPathInPrScope(relOrAbs, cwd, prSet) {
-  const raw = relOrAbs.replace(/^file:\/\//, "");
-  let rel = normalizePrPath(raw);
-  if (path6.isAbsolute(raw)) {
-    rel = normalizePrPath(path6.relative(cwd, raw));
-  }
-  if (prSet.has(rel)) return true;
-  const trimmed = rel.replace(/^\.\//, "");
-  if (prSet.has(trimmed)) return true;
-  return false;
-}
-var ESLINT_EXT = /\.(js|cjs|mjs|jsx|ts|tsx)$/i;
-var PRETTIER_EXT = /\.(js|cjs|mjs|jsx|ts|tsx|json|md|css|scss|sass|less|yml|yaml|vue|svelte)$/i;
-var CYCLES_EXT = /\.(tsx?|jsx?|mjs|cjs|js)$/i;
-function filterPrFilesForEslint(pr) {
-  if (!hasPrFileList(pr)) return null;
-  return pr.files.map(normalizePrPath).filter((f4) => ESLINT_EXT.test(f4));
-}
-function filterPrFilesForPrettier(pr) {
-  if (!hasPrFileList(pr)) return null;
-  return pr.files.map(normalizePrPath).filter((f4) => PRETTIER_EXT.test(f4));
-}
-function filterPrFilesForMadge(pr) {
-  if (!hasPrFileList(pr)) return null;
-  return pr.files.map(normalizePrPath).filter((f4) => CYCLES_EXT.test(f4));
-}
-async function existingRepoPaths(cwd, rels) {
-  const out = [];
-  for (const rel of rels) {
-    try {
-      await fs.access(path6.join(cwd, rel));
-      out.push(rel);
-    } catch {
-    }
-  }
-  return out;
-}
-function filterTscOutputToPrFiles(output, cwd, prSet) {
-  const lines = output.split("\n");
-  const kept = [];
-  for (const line of lines) {
-    const m3 = /^(.+?)\(\d+,\d+\):\s/.exec(line);
-    if (m3?.[1]) {
-      if (isPathInPrScope(m3[1], cwd, prSet)) kept.push(line);
-      continue;
-    }
-  }
-  return kept.join("\n").trim();
-}
 function stripFileUrl(p2) {
   let s3 = p2.trim();
   if (!/^file:/i.test(s3)) return s3;
@@ -4230,6 +4262,8 @@ async function runEslint(cwd, config, _stack, pr) {
     };
   }
   const glob = config.checks.eslint.glob ?? "**/*.{js,cjs,mjs,jsx,ts,tsx}";
+  const ignorePatterns = config.checks.eslint.ignorePatterns ?? DEFAULT_FRONTGUARD_CONFIG_IGNORE_PATTERNS;
+  const ignoreArgs = ignorePatterns.flatMap((p2) => ["--ignore-pattern", p2]);
   const prPaths = filterPrFilesForEslint(pr);
   let exitCode;
   let stdout2;
@@ -4244,7 +4278,8 @@ async function runEslint(cwd, config, _stack, pr) {
       };
     }
     const existing = await existingRepoPaths(cwd, prPaths);
-    if (existing.length === 0) {
+    const lintable = existing.filter((p2) => !pathMatchesIgnorePatterns(p2, ignorePatterns));
+    if (lintable.length === 0) {
       return {
         checkId: "eslint",
         findings: [],
@@ -4252,10 +4287,11 @@ async function runEslint(cwd, config, _stack, pr) {
         skipped: hasPrFileList(pr) ? "no lintable files in PR diff (added/modified only)" : "no files"
       };
     }
-    ({ exitCode, stdout: stdout2, stderr } = await runEslintOnPaths(cwd, existing));
+    ({ exitCode, stdout: stdout2, stderr } = await runEslintOnPaths(cwd, lintable));
   } else {
     ({ exitCode, stdout: stdout2, stderr } = await runNpmBinary(cwd, "eslint", [
       glob,
+      ...ignoreArgs,
       "--max-warnings",
       "0",
       "--no-error-on-unmatched-pattern",
@@ -4357,6 +4393,8 @@ async function runPrettier(cwd, config, pr) {
     };
   }
   const glob = config.checks.prettier.glob ?? "**/*.{js,cjs,mjs,jsx,ts,tsx,json,md,css,scss,yml,yaml}";
+  const ignorePatterns = config.checks.prettier.ignorePatterns ?? DEFAULT_FRONTGUARD_CONFIG_IGNORE_PATTERNS;
+  const prettierNegations = negatedPrettierGlobs(ignorePatterns);
   let exitCode;
   let stdout2;
   let stderr;
@@ -4371,7 +4409,8 @@ async function runPrettier(cwd, config, pr) {
       };
     }
     const existing = await existingRepoPaths(cwd, prPaths);
-    if (existing.length === 0) {
+    const formattable = existing.filter((p2) => !pathMatchesIgnorePatterns(p2, ignorePatterns));
+    if (formattable.length === 0) {
       return {
         checkId: "prettier",
         findings: [],
@@ -4379,12 +4418,13 @@ async function runPrettier(cwd, config, pr) {
         skipped: hasPrFileList(pr) ? "no formattable files in PR diff" : "no files"
       };
     }
-    ({ exitCode, stdout: stdout2, stderr } = await runPrettierOnPaths(cwd, existing));
+    ({ exitCode, stdout: stdout2, stderr } = await runPrettierOnPaths(cwd, formattable));
   } else {
     ({ exitCode, stdout: stdout2, stderr } = await runNpmBinary(cwd, "prettier", [
       "--check",
+      "--ignore-unknown",
       glob,
-      "--ignore-unknown"
+      ...prettierNegations
     ]));
   }
   const findings = [];