@codacy/verity-cli 0.23.0 → 0.23.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/bin/verity.js CHANGED
@@ -10902,7 +10902,9 @@ function isLegacyHook(entry) {
10902
10902
  return LEGACY_STOP_RE.test(c) || LEGACY_INTENT_RE.test(c) || c.includes(".gate/hooks/analyze.sh") || c.includes(".gate/hooks/capture-intent.sh");
10903
10903
  }
10904
10904
  var SETTINGS_LOCAL_FILE = ".claude/settings.local.json";
10905
- var GLOBAL_SETTINGS_FILE = `${process.env.HOME || process.env.USERPROFILE || ""}/.claude/settings.json`;
10905
+ function globalSettingsFile() {
10906
+ return `${process.env.HOME || process.env.USERPROFILE || ""}/.claude/settings.json`;
10907
+ }
10906
10908
  async function readSettings() {
10907
10909
  try {
10908
10910
  const content = await (0, import_promises4.readFile)(CLAUDE_SETTINGS_FILE, "utf-8");
@@ -10912,7 +10914,7 @@ async function readSettings() {
10912
10914
  }
10913
10915
  }
10914
10916
  async function readAllSettings() {
10915
- const files = [CLAUDE_SETTINGS_FILE, SETTINGS_LOCAL_FILE, GLOBAL_SETTINGS_FILE];
10917
+ const files = [CLAUDE_SETTINGS_FILE, SETTINGS_LOCAL_FILE, globalSettingsFile()];
10916
10918
  const out = [];
10917
10919
  for (const f of files) {
10918
10920
  try {
@@ -10936,6 +10938,24 @@ async function checkAllVerityHooks() {
10936
10938
  }
10937
10939
  return { stop, intent, guard, guardOn };
10938
10940
  }
10941
+ async function checkExternalVerityHooks() {
10942
+ let stop = false;
10943
+ let intent = false;
10944
+ let guardOn = [];
10945
+ for (const f of [SETTINGS_LOCAL_FILE, globalSettingsFile()]) {
10946
+ let settings;
10947
+ try {
10948
+ settings = JSON.parse(await (0, import_promises4.readFile)(f, "utf-8"));
10949
+ } catch {
10950
+ continue;
10951
+ }
10952
+ const r = checkVerityHooks(settings);
10953
+ stop = stop || r.stop;
10954
+ intent = intent || r.intent;
10955
+ if (r.guardOn.length > guardOn.length) guardOn = r.guardOn;
10956
+ }
10957
+ return { stop, intent, guardOn };
10958
+ }
10939
10959
  async function checkAllVerityHooksDetailed() {
10940
10960
  let stop = false;
10941
10961
  let intent = false;
@@ -11102,6 +11122,12 @@ function reconcileMomentHooks(settings, moments, externalPresent = {
11102
11122
  if (Object.keys(s.hooks).length === 0) delete s.hooks;
11103
11123
  return s;
11104
11124
  }
11125
+ async function applyMomentSelection(moments) {
11126
+ const external = await checkExternalVerityHooks();
11127
+ const settings = reconcileMomentHooks(await readSettings(), moments, external);
11128
+ await writeSettings(settings);
11129
+ return settings;
11130
+ }
11105
11131
 
11106
11132
  // src/commands/hooks.ts
11107
11133
  var ALL_MOMENTS = ["stop", "pre-commit", "pre-push"];
@@ -11118,15 +11144,13 @@ function registerHooksCommands(program2) {
11118
11144
  const force = opts.force ?? false;
11119
11145
  if (opts.moments != null) {
11120
11146
  const moments = parseMoments(opts.moments);
11121
- const external = await checkAllVerityHooks();
11122
- const settings2 = reconcileMomentHooks(await readSettings(), moments, external);
11123
- await writeSettings(settings2);
11147
+ await applyMomentSelection(moments);
11124
11148
  const status = await checkAllVerityHooks();
11125
11149
  printInfo("Verity hooks reconciled in .claude/settings.json:");
11126
- printInfo(` Stop (verity analyze): ${moments.includes("stop") ? "on" : "off"}`);
11150
+ printInfo(` Stop (verity analyze): ${status.stop ? "on" : "off"}`);
11127
11151
  printInfo(` Pre-commit gate: ${status.guardOn.includes("commit") ? "on" : "off"}`);
11128
11152
  printInfo(` Pre-push/PR gate: ${status.guardOn.includes("push") ? "on" : "off"}`);
11129
- printInfo(" UserPromptSubmit (verity intent capture): on");
11153
+ printInfo(` UserPromptSubmit (verity intent capture): ${status.intent ? "on" : "off"}`);
11130
11154
  return;
11131
11155
  }
11132
11156
  const detail = await checkAllVerityHooksDetailed();
@@ -16317,7 +16341,7 @@ function registerTelemetryCommands(program2) {
16317
16341
  }
16318
16342
 
16319
16343
  // src/cli.ts
16320
- program.name("verity").description("CLI for Verity quality gate service").version("0.23.0").option("--token <token>", "Override authentication token").option("--service-url <url>", "Override service URL").option("--verbose", "Log HTTP requests/responses to stderr");
16344
+ program.name("verity").description("CLI for Verity quality gate service").version("0.23.2").option("--token <token>", "Override authentication token").option("--service-url <url>", "Override service URL").option("--verbose", "Log HTTP requests/responses to stderr");
16321
16345
  registerAuthCommands(program);
16322
16346
  registerHooksCommands(program);
16323
16347
  registerIntentCommands(program);
@@ -75,6 +75,32 @@ Default to `balanced` if the user says "default" or doesn't specify a preference
75
75
 
76
76
  ---
77
77
 
78
+ ## Step 3a: Choose analysis moments
79
+
80
+ This decides **when** Verity reviews code. Use the **AskUserQuestion** tool with
81
+ `multiSelect: true`:
82
+
83
+ > **When should Verity review your code? (select all that apply)**
84
+ > - **On stop** (recommended) — after every agent turn. Fast feedback while you work.
85
+ > - **Before commit** — gates `git commit`; reviews the **staged** diff and blocks the commit on FAIL.
86
+ > - **Before push / PR** — gates `git push` and `gh pr create`; reviews the **to-be-pushed** commits and blocks on FAIL.
87
+ >
88
+ > Default: **On stop**
89
+
90
+ Notes to convey if asked:
91
+ - The git-moment gates run an independent reviewer at the boundary the customer cares
92
+ about; a FAIL blocks the commit/push so the agent fixes issues before they land
93
+ (capped at 2 review cycles so you're never stuck).
94
+ - These are **Claude Code** hooks (they fire when the agent runs `git commit`/`git push`),
95
+ not native git hooks — no `.git/hooks` files, no GitHub App.
96
+ - "On stop" alone matches today's behavior. Many teams pick **Before commit + Before push**
97
+ and turn **On stop** off to review only at real boundaries.
98
+
99
+ Map the selection to moment ids: On stop → `stop`, Before commit → `pre-commit`,
100
+ Before push/PR → `pre-push`. Remember this list; you apply it in **Step 9**.
101
+
102
+ ---
103
+
78
104
  ## Step 3b: Ask about cost & usage telemetry (opt-in)
79
105
 
80
106
  Cost & usage observability is **opt-in** and **required** for the `/usage` dashboard — all
@@ -414,27 +440,37 @@ These blocks enable two capabilities:
414
440
 
415
441
  ---
416
442
 
417
- ## Step 9: Verify hooks
443
+ ## Step 9: Wire the selected moments
418
444
 
419
- The installer already wired the Claude Code hooks via `verity hooks install`. Verify they're in place:
445
+ Apply the moments the user chose in **Step 3a**. Pass the comma-separated moment ids
446
+ (always include the always-on intent hook automatically):
447
+
448
+ ```bash
449
+ # Example: user chose On stop + Before commit + Before push
450
+ verity hooks install --moments stop,pre-commit,pre-push
451
+ ```
452
+
453
+ `--moments` reconciles Verity's own hooks in `.claude/settings.json` to **exactly**
454
+ the selection (adding the git-moment gate, removing the Stop hook if unselected),
455
+ while preserving every non-Verity hook. The `verity intent capture` hook is always
456
+ installed. If the user picked only `stop` (the default), pass `--moments stop`.
457
+
458
+ Then verify:
420
459
 
421
460
  ```bash
422
461
  verity hooks check
423
462
  ```
424
463
 
425
- Expected output:
464
+ Expected output (for `stop,pre-commit,pre-push`):
426
465
  ```
427
466
  [verity] Stop hook (verity analyze): installed
428
467
  [verity] Intent hook (verity intent capture): installed
468
+ [verity] Git-moment gate (verity guard): installed [commit, push]
429
469
  ```
430
470
 
431
- If hooks are missing (e.g., user installed manually without the installer), install them:
432
-
433
- ```bash
434
- verity hooks install
435
- ```
436
-
437
- This wires both the Stop hook (`verity analyze`) and UserPromptSubmit hook (`verity intent capture`) into `.claude/settings.json`, preserving any existing hooks.
471
+ The git-moment gate is a single `PreToolUse(Bash)` hook (`verity guard`) that
472
+ intercepts `git commit` / `git push` / `gh pr create` and reviews the staged or
473
+ to-be-pushed diff before it lands.
438
474
 
439
475
  ---
440
476
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@codacy/verity-cli",
3
- "version": "0.23.0",
3
+ "version": "0.23.2",
4
4
  "description": "CLI for Verity quality gate service",
5
5
  "homepage": "https://verity.md",
6
6
  "repository": {