@commitguard/cli 0.0.1

package/dist/index.d.mts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+import "dotenv/config";

package/dist/index.mjs

@@ -0,0 +1,1055 @@
+#!/usr/bin/env node
+import { createRequire } from "node:module";
+import process from "node:process";
+import { consola } from "consola";
+import updateNotifier from "update-notifier";
+import { execFileSync, execSync } from "node:child_process";
+import { createHash } from "node:crypto";
+import { cancel, confirm, intro, isCancel, log, multiselect, note, outro, text } from "@clack/prompts";
+import { Entry } from "@napi-rs/keyring";
+import { existsSync, mkdirSync, readFileSync, readdirSync, statSync, unlinkSync, writeFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { dirname, join } from "node:path";
+import { readFile } from "node:fs/promises";
+import { pathToFileURL } from "node:url";
+import { findUp } from "find-up";
+import { FlatCache } from "flat-cache";
+import stringWidth from "string-width";
+import "dotenv/config";
+
+//#region rolldown:runtime
+var __require = /* @__PURE__ */ createRequire(import.meta.url);
+
+//#endregion
+//#region package.json
+var version = "0.0.1";
+var package_default = {
+	name: "@commitguard/cli",
+	type: "module",
+	version,
+	description: "AI-powered git commit checker that blocks bad code before it ships",
+	license: "MIT",
+	repository: {
+		"type": "git",
+		"url": "git+https://github.com/moshetanzer/commitguard.git"
+	},
+	exports: {
+		".": "./dist/index.mjs",
+		"./package.json": "./package.json"
+	},
+	main: "./dist/index.mjs",
+	module: "./dist/index.mjs",
+	types: "./dist/index.d.mts",
+	bin: { "commitguard": "./dist/index.mjs" },
+	files: ["dist"],
+	scripts: {
+		"build": "tsdown",
+		"dev": "tsdown --watch",
+		"test": "vitest",
+		"typecheck": "tsc --noEmit",
+		"prepublishOnly": "pnpm run build",
+		"lint": "eslint .",
+		"lint:fix": "eslint . --fix"
+	},
+	dependencies: {
+		"@clack/prompts": "^0.11.0",
+		"@napi-rs/keyring": "^1.2.0",
+		"consola": "^3.4.2",
+		"dotenv": "^17.2.3",
+		"find-up": "^8.0.0",
+		"flat-cache": "^6.1.19",
+		"micromatch": "^4.0.8",
+		"string-width": "^8.1.0",
+		"update-notifier": "^7.3.1"
+	},
+	devDependencies: {
+		"@antfu/eslint-config": "^6.7.3",
+		"@types/micromatch": "^4.0.10",
+		"@types/node": "^24.10.4",
+		"@types/update-notifier": "^6.0.8",
+		"bumpp": "^10.3.2",
+		"eslint": "^9.39.2",
+		"tsdown": "^0.18.3",
+		"typescript": "^5.9.3",
+		"vitest": "^4.0.16"
+	}
+};
+
+//#endregion
+//#region src/data/ignore.json
+var ignore = [
+	".git/**",
+	".svn/**",
+	".hg/**",
+	"node_modules/**",
+	"vendor/**",
+	".pnp/**",
+	"Pods/**",
+	"Packages/**",
+	"package.json",
+	"package-lock.json",
+	"pnpm-lock.yaml",
+	"yarn.lock",
+	"bun.lockb",
+	"composer.lock",
+	"poetry.lock",
+	"Pipfile.lock",
+	"Cargo.lock",
+	"go.sum",
+	"mix.lock",
+	"dist/**",
+	"build/**",
+	"out/**",
+	".output/**",
+	".nuxt/**",
+	".next/**",
+	".svelte-kit/**",
+	"public/build/**",
+	"target/**",
+	"bin/**",
+	"obj/**",
+	"Generated/**",
+	".angular/**",
+	".expo/**",
+	".vite/**",
+	".vercel/**",
+	".netlify/**",
+	"DerivedData/**",
+	"*.xcworkspace/xcuserdata/**",
+	"android/app/build/**",
+	"ios/build/**",
+	"*.class",
+	"*.jar",
+	"*.war",
+	"*.ear",
+	"*.kotlin_module",
+	"__pycache__/**",
+	"*.pyc",
+	"*.pyo",
+	"*.pyd",
+	"*.egg-info/**",
+	".pytest_cache/**",
+	".mypy_cache/**",
+	"target/**",
+	"*.o",
+	"*.obj",
+	"*.so",
+	"*.a",
+	"*.dll",
+	"*.exe",
+	"*.out",
+	"*.pdb",
+	"*.zip",
+	"*.tar",
+	"*.gz",
+	"*.bz2",
+	"*.7z",
+	"*.rar",
+	"*.iso",
+	"*.img",
+	"*.dmg",
+	"*.map",
+	"*.min.js",
+	"*.min.css",
+	"*.bundle.js",
+	"*.wasm",
+	"*.log",
+	"logs/**",
+	".cache/**",
+	".parcel-cache/**",
+	".eslintcache",
+	".tsbuildinfo",
+	"*.png",
+	"*.jpg",
+	"*.jpeg",
+	"*.gif",
+	"*.bmp",
+	"*.svg",
+	"*.webp",
+	"*.avif",
+	"*.ico",
+	"*.mp4",
+	"*.webm",
+	"*.mov",
+	"*.mp3",
+	"*.wav",
+	"*.ogg",
+	"*.flac",
+	"*.snap",
+	"__snapshots__/**",
+	"playwright-report/**",
+	"test-results/**",
+	".nyc_output/**",
+	"docs/.vitepress/dist/**",
+	"storybook-static/**",
+	".DS_Store",
+	"Thumbs.db",
+	".idea/**",
+	".vscode/**",
+	"*.swp",
+	"*.dump",
+	"*.dmp",
+	"coverage/**",
+	"tmp/**",
+	"temp/**",
+	"*.lock",
+	"*.sqlite",
+	"*.db",
+	"*.rdb"
+];
+
+//#endregion
+//#region src/utils/global.ts
+function createDiffHash(diff) {
+	return createHash("md5").update(diff).digest("base64url");
+}
+function addGitLineNumbers(diff) {
+	if (!diff.trim()) return diff;
+	const lines = diff.split("\n");
+	const result = [];
+	let oldLine = 0;
+	let newLine = 0;
+	for (const line of lines) if (line.startsWith("@@")) {
+		const match = line.match(/@@ -(\d+)(?:,\d+)? \+(\d+)(?:,\d+)? @@/);
+		if (match) {
+			oldLine = Number.parseInt(match[1], 10);
+			newLine = Number.parseInt(match[2], 10);
+		}
+		result.push(line);
+	} else if (line.startsWith("---") || line.startsWith("+++") || line.startsWith("diff ") || line.startsWith("index ")) result.push(line);
+	else if (line.startsWith("-")) {
+		result.push(`${oldLine}:${line}`);
+		oldLine++;
+	} else if (line.startsWith("+")) {
+		result.push(`${newLine}:${line}`);
+		newLine++;
+	} else {
+		result.push(`${newLine}:${line}`);
+		oldLine++;
+		newLine++;
+	}
+	return result.join("\n");
+}
+
+//#endregion
+//#region src/utils/git.ts
+function getStagedDiff() {
+	try {
+		return addGitLineNumbers(execFileSync("git", [
+			"diff",
+			"--cached",
+			"--no-color",
+			"--function-context",
+			"--diff-algorithm=histogram",
+			"--diff-filter=AMC",
+			"--",
+			".",
+			...ignore.map((p) => `:(exclude)${p}`)
+		], {
+			encoding: "utf8",
+			maxBuffer: 10 * 1024 * 1024,
+			stdio: [
+				"pipe",
+				"pipe",
+				"ignore"
+			]
+		}));
+	} catch {
+		return "";
+	}
+}
+function getLastDiff() {
+	try {
+		return execFileSync("git", [
+			"diff",
+			"HEAD~1",
+			"HEAD",
+			"--no-color",
+			"--function-context",
+			"--diff-algorithm=histogram",
+			"--diff-filter=AMC",
+			"--",
+			".",
+			...ignore.map((p) => `:(exclude)${p}`)
+		], {
+			encoding: "utf8",
+			maxBuffer: 10 * 1024 * 1024,
+			stdio: [
+				"pipe",
+				"pipe",
+				"ignore"
+			]
+		});
+	} catch {
+		return "";
+	}
+}
+
+//#endregion
+//#region src/utils/key.ts
+const store = new Entry("commit_guard", "global_key");
+function setGlobalKey(apiKey) {
+	store.setPassword(apiKey);
+}
+function getGlobalKey() {
+	return store.getPassword();
+}
+function deleteGlobalKey() {
+	store.deletePassword();
+}
+function validateApiKey(value) {
+	if (!value || value.trim() === "") return "API key cannot be empty.";
+	if (value.startsWith("sk_") === false) return "Invalid API key format. It should start with \"sk_\".";
+}
+async function manageGlobalKey() {
+	try {
+		if (getGlobalKey()) {
+			intro("An existing API key was found.");
+			if (await confirm({
+				message: "Do you want to delete the existing global API key?",
+				initialValue: false
+			})) {
+				deleteGlobalKey();
+				log.success("Global API key deleted.");
+				if (await confirm({
+					message: "Do you want to add a new global API key?",
+					initialValue: true
+				})) {
+					const apiKey = await text({
+						message: "Enter your CommitGuard API key:",
+						placeholder: "sk_XXXXXXXXXXXXXXXXXXXXXX",
+						validate: validateApiKey
+					});
+					if (typeof apiKey === "string") {
+						setGlobalKey(apiKey);
+						outro("New global API key set successfully.");
+					}
+				} else outro("API key removed. You can set a new one later using `commitguard init` or `commitguard keys`.");
+			}
+		} else {
+			note("To get your free API key, visit https://commitguard.dev", "Get your free API key");
+			const apiKey = await text({
+				message: "Enter your CommitGuard API key:",
+				placeholder: "sk_XXXXXXXXXXXXXXXXXXXXXX",
+				validate: validateApiKey
+			});
+			if (typeof apiKey === "string") {
+				setGlobalKey(apiKey);
+				log.success("Global API key set successfully.");
+			}
+		}
+	} catch (error) {
+		const err = error;
+		if (err.name === "ExitPromptError") {
+			log.message("\n👋 Until next time!");
+			return;
+		}
+		log.error(`Error managing global API key: ${err.message}`);
+	}
+}
+
+//#endregion
+//#region src/utils/api.ts
+async function sendToCommitGuard(diff, eslint, config) {
+	const apiKey = process.env.COMMITGUARD_API_KEY || getGlobalKey() || null;
+	if (!apiKey) throw new Error("No API key found. Set one globally with \"commitguard keys\" or add COMMITGUARD_API_KEY to your .env file. Get your free API key at https://commitguard.dev");
+	const apiUrl = process.env.COMMITGUARD_API_URL || "https://api.commitguard.ai/v1/analyze";
+	const response = await fetch(apiUrl, {
+		method: "POST",
+		headers: {
+			"Content-Type": "application/json",
+			"Authorization": `Bearer ${apiKey}`,
+			"User-Agent": "commitguard-cli"
+		},
+		body: JSON.stringify({
+			diff,
+			eslint,
+			config
+		})
+	});
+	if (!response.ok) {
+		const errorText = await response.text();
+		throw new Error(`API request failed (${response.status}): ${errorText}`);
+	}
+	return await response.json();
+}
+async function bypassCommitGuard() {
+	const apiKey = process.env.COMMITGUARD_API_KEY || getGlobalKey() || null;
+	if (!apiKey) throw new Error("No API key found. Set one globally with \"commitguard keys\" or add COMMITGUARD_API_KEY to your .env file. Get your free API key at https://commitguard.dev");
+	const apiUrl = process.env.COMMITGUARD_API_BYPASS_URL || "https://api.commitguard.ai/v1/bypass";
+	const diff = getLastDiff();
+	const response = await fetch(apiUrl, {
+		method: "POST",
+		headers: {
+			"Content-Type": "application/json",
+			"Authorization": `Bearer ${apiKey}`,
+			"User-Agent": "commitguard-cli"
+		},
+		body: JSON.stringify({ diff })
+	});
+	if (!response.ok) {
+		const errorText = await response.text();
+		throw new Error(`API request failed (${response.status}): ${errorText}`);
+	}
+	return await response.json();
+}
+
+//#endregion
+//#region src/utils/config.ts
+const MAX_CUSTOM_PROMPT_LENGTH = 500;
+const CONFIG_DIR = join(homedir(), ".commitguard");
+const PROJECTS_CONFIG_PATH = join(CONFIG_DIR, "projects.json");
+let projectsConfigCache = null;
+function ensureConfigDir() {
+	if (!existsSync(CONFIG_DIR)) try {
+		mkdirSync(CONFIG_DIR, { recursive: true });
+	} catch (e) {
+		consola.error(`Failed to create config directory at ${CONFIG_DIR}: ${e.message}`);
+	}
+}
+function getDefaultConfig() {
+	return {
+		checks: {
+			security: true,
+			performance: true,
+			codeQuality: true,
+			architecture: true
+		},
+		severityLevels: {
+			critical: true,
+			warning: true,
+			suggestion: true
+		},
+		customRule: ""
+	};
+}
+let projectIdCache = null;
+function getProjectId() {
+	if (projectIdCache) return projectIdCache;
+	try {
+		projectIdCache = execFileSync("git", [
+			"rev-list",
+			"--max-parents=0",
+			"HEAD"
+		], {
+			encoding: "utf8",
+			stdio: [
+				"pipe",
+				"pipe",
+				"ignore"
+			]
+		}).trim().split("\n")[0];
+		return projectIdCache;
+	} catch {
+		consola.error("Warning: Unable to determine project ID. Using current working directory as fallback project ID.");
+		projectIdCache = process.cwd();
+		return projectIdCache;
+	}
+}
+function loadProjectsConfig() {
+	if (projectsConfigCache) return projectsConfigCache;
+	if (existsSync(PROJECTS_CONFIG_PATH)) try {
+		const content = readFileSync(PROJECTS_CONFIG_PATH, "utf8");
+		projectsConfigCache = JSON.parse(content);
+		return projectsConfigCache;
+	} catch {
+		consola.warn("Failed to parse projects config");
+	}
+	projectsConfigCache = {};
+	return projectsConfigCache;
+}
+function saveProjectsConfig(projects) {
+	try {
+		ensureConfigDir();
+		writeFileSync(PROJECTS_CONFIG_PATH, JSON.stringify(projects, null, 2));
+		projectsConfigCache = projects;
+	} catch (e) {
+		consola.error(`Failed to save projects config: ${e.message}`);
+	}
+}
+function loadConfig() {
+	const projectId = getProjectId();
+	return loadProjectsConfig()[projectId] || getDefaultConfig();
+}
+async function manageConfig() {
+	const projectId = getProjectId();
+	const currentConfig = loadConfig();
+	intro(`CommitGuard Configuration`);
+	const enabledChecks = await multiselect({
+		message: "Select enabled checks for this project:",
+		options: [
+			{
+				value: "security",
+				label: "Security"
+			},
+			{
+				value: "performance",
+				label: "Performance"
+			},
+			{
+				value: "codeQuality",
+				label: "Code Quality"
+			},
+			{
+				value: "architecture",
+				label: "Architecture"
+			}
+		],
+		initialValues: Object.entries(currentConfig.checks).filter(([_, enabled]) => enabled).map(([key]) => key)
+	});
+	if (isCancel(enabledChecks)) {
+		cancel("Configuration cancelled");
+		return;
+	}
+	const enabledSeverity = await multiselect({
+		message: "Select severity levels for enabled checks:",
+		options: [
+			{
+				value: "suggestion",
+				label: "Suggestion"
+			},
+			{
+				value: "warning",
+				label: "Warning"
+			},
+			{
+				value: "critical",
+				label: "Critical"
+			}
+		],
+		initialValues: Object.entries(currentConfig.severityLevels).filter(([_, enabled]) => enabled).map(([key]) => key)
+	});
+	if (isCancel(enabledSeverity)) {
+		cancel("Configuration cancelled");
+		return;
+	}
+	let customRule = currentConfig.customRule;
+	if (currentConfig.customRule) {
+		consola.info(`Current custom rule: ${currentConfig.customRule}`);
+		const editCustomRule = await confirm({
+			message: "Would you like to edit the custom rule? (Currently only available to pro users)",
+			initialValue: false
+		});
+		if (isCancel(editCustomRule)) {
+			cancel("Configuration cancelled");
+			return;
+		}
+		if (editCustomRule) {
+			const newCustomRule = await text({
+				message: "Enter new custom rule (leave empty to remove):",
+				initialValue: currentConfig.customRule,
+				validate: (value) => {
+					const val = String(value).trim();
+					if (!val) return void 0;
+					if (val.length > MAX_CUSTOM_PROMPT_LENGTH) return `Custom rule must be ${MAX_CUSTOM_PROMPT_LENGTH} characters or less (current: ${val.length})`;
+				}
+			});
+			if (isCancel(newCustomRule)) {
+				cancel("Configuration cancelled");
+				return;
+			}
+			customRule = String(newCustomRule).trim();
+		}
+	} else {
+		const addCustomRule = await confirm({
+			message: "Would you like to add a custom rule for this project? (Currently only available to pro users)",
+			initialValue: false
+		});
+		if (isCancel(addCustomRule)) {
+			cancel("Configuration cancelled");
+			return;
+		}
+		if (addCustomRule) {
+			const newCustomRule = await text({
+				message: "Enter custom rule (leave empty to skip):",
+				placeholder: "e.g., Check for proper error handling in async functions",
+				validate: (value) => {
+					const val = String(value).trim();
+					if (!val) return void 0;
+					if (val.length > MAX_CUSTOM_PROMPT_LENGTH) return `Custom rule must be ${MAX_CUSTOM_PROMPT_LENGTH} characters or less (current: ${val.length})`;
+				}
+			});
+			if (isCancel(newCustomRule)) {
+				cancel("Configuration cancelled");
+				return;
+			}
+			customRule = String(newCustomRule).trim();
+		}
+	}
+	const newConfig = {
+		checks: {
+			security: enabledChecks.includes("security"),
+			performance: enabledChecks.includes("performance"),
+			codeQuality: enabledChecks.includes("codeQuality"),
+			architecture: enabledChecks.includes("architecture")
+		},
+		severityLevels: {
+			suggestion: enabledSeverity.includes("suggestion"),
+			warning: enabledSeverity.includes("warning"),
+			critical: enabledSeverity.includes("critical")
+		},
+		customRule
+	};
+	if (JSON.stringify(newConfig) === JSON.stringify(currentConfig)) {
+		outro("No changes made to the configuration.");
+		return;
+	}
+	const confirmUpdate = await confirm({ message: "Save this configuration?" });
+	if (isCancel(confirmUpdate)) {
+		cancel("Configuration cancelled");
+		return;
+	}
+	if (!confirmUpdate) {
+		outro("Configuration not saved.");
+		return;
+	}
+	const projects = loadProjectsConfig();
+	projects[projectId] = newConfig;
+	saveProjectsConfig(projects);
+	outro("✓ Configuration updated for this project!");
+}
+
+//#endregion
+//#region src/utils/eslint.ts
+const cacheDir = join(homedir(), ".cache", "commitguard");
+const cache = new FlatCache({
+	cacheDir,
+	cacheId: "eslint-config"
+});
+cache.load("eslint-config", cacheDir);
+async function findProjectRoot(startDir) {
+	const packageJsonPath = await findUp("package.json");
+	return packageJsonPath ? dirname(packageJsonPath) : startDir;
+}
+async function getEslintRules({ startDir = process.cwd(), overrideCache = false } = {}) {
+	const cacheKey = `eslint-${startDir}`;
+	const cached = cache.getKey(cacheKey);
+	if (cached && !overrideCache) return cached;
+	const projectRoot = await findProjectRoot(startDir);
+	const loaders = [
+		".eslintrc",
+		".eslintrc.json",
+		".eslintrc.js",
+		".eslintrc.mjs",
+		"eslint.config.js",
+		"eslint.config.mjs",
+		"package.json"
+	].map((file) => join(projectRoot, file)).map(async (full) => {
+		if (!existsSync(full)) return null;
+		if (full.endsWith(".json") || full.endsWith(".eslintrc")) try {
+			const raw = JSON.parse(await readFile(full, "utf8"));
+			if (raw.rules) return {
+				rules: raw.rules,
+				source: full
+			};
+		} catch {}
+		if (full.endsWith(".js") || full.endsWith(".mjs")) try {
+			const mod = await import(pathToFileURL(full).href);
+			let cfg = mod.default || mod;
+			if (cfg instanceof Promise) cfg = await cfg;
+			if (Array.isArray(cfg)) {
+				const lastConfigWithRules = [...cfg].reverse().find((c) => c.rules && Object.keys(c.rules).length > 0);
+				if (lastConfigWithRules?.rules) return {
+					rules: lastConfigWithRules.rules,
+					source: full
+				};
+			}
+			if (cfg.rules) return {
+				rules: cfg.rules,
+				source: full
+			};
+		} catch {}
+		if (full.endsWith("package.json")) try {
+			const pkg = JSON.parse(await readFile(full, "utf8"));
+			if (pkg.eslintConfig && pkg.eslintConfig.rules) return {
+				rules: pkg.eslintConfig.rules,
+				source: full
+			};
+		} catch {}
+		return null;
+	});
+	const config = (await Promise.all(loaders)).find((r) => r !== null) ?? {
+		rules: {},
+		source: null
+	};
+	cache.setKey(cacheKey, config);
+	cache.save(true);
+	return config;
+}
+
+//#endregion
+//#region src/utils/install.ts
+const COMMITGUARD_MARKER = "# CommitGuard commit-msg hook";
+const POST_INDEX_MARKER = "# CommitGuard post-index-change hook";
+const GIT_DIR = ".git";
+const HOOKS_DIR = join(GIT_DIR, "hooks");
+const COMMIT_MSG_HOOK_PATH = join(HOOKS_DIR, "commit-msg");
+const POST_INDEX_HOOK_PATH = join(HOOKS_DIR, "post-index-change");
+const MESSAGES = { noGit: "No .git folder found. Run this inside a git repository." };
+async function installHooks() {
+	if (!existsSync(GIT_DIR)) {
+		cancel(MESSAGES.noGit);
+		process.exit(1);
+	}
+	if (!existsSync(HOOKS_DIR)) mkdirSync(HOOKS_DIR, { recursive: true });
+	try {
+		const versionMatch = execSync("git --version", { encoding: "utf8" }).match(/(\d+\.\d+\.\d+)/);
+		if ((versionMatch ? versionMatch[1] : "0.0.0") < "2.34.0") {
+			log.warn("Your Git version is below 2.34.0. CommitGuard requires Git 2.34.0 or higher to function properly.");
+			note("You can download the latest version of Git from https://git-scm.com/downloads", "How to update Git");
+			return;
+		}
+	} catch {
+		log.warn("Unable to determine Git version. Please ensure you have Git 2.34.0 or higher installed for CommitGuard to function properly.");
+		note("You can download the latest version of Git from https://git-scm.com/downloads", "How to update Git");
+		return;
+	}
+	if (existsSync(COMMIT_MSG_HOOK_PATH)) {
+		if (readFileSync(COMMIT_MSG_HOOK_PATH, "utf8").includes(COMMITGUARD_MARKER)) {
+			outro("CommitGuard is already installed.");
+			return;
+		}
+		if (!await confirm({
+			message: "CommitGuard uses the git `commit-msg` hook to function properly. A commit-msg hook already exists. Do you want to overwrite it?",
+			initialValue: true
+		})) {
+			outro("Installation cancelled. CommitGuard was not installed.");
+			return;
+		}
+	}
+	if (existsSync(POST_INDEX_HOOK_PATH)) {
+		if (!readFileSync(POST_INDEX_HOOK_PATH, "utf8").includes(POST_INDEX_MARKER)) {
+			if (!await confirm({
+				message: "A post-index-change hook already exists. Do you want to overwrite it?",
+				initialValue: true
+			})) {
+				log.error("Installation cancelled. CommitGuard was not installed.");
+				return;
+			}
+		}
+	}
+	log.info("Installing CommitGuard...");
+	const node = process.execPath.replace(/\\/g, "/");
+	const cliPath = __require.resolve("commitguard").replace(/\\/g, "/");
+	writeFileSync(COMMIT_MSG_HOOK_PATH, `#!/bin/sh
+${COMMITGUARD_MARKER}
+# Auto-generated - do not edit manually
+
+commit_msg_file="$1"
+
+if grep -q -- "--skip" "$commit_msg_file"; then
+  echo "⚠️  CommitGuard bypassed with --skip"
+
+  sed 's/--skip//g' "$commit_msg_file" > "$commit_msg_file.tmp"
+  mv "$commit_msg_file.tmp" "$commit_msg_file"
+  
+  trap '(sleep 1 && "${node}" "${cliPath}" bypass > /dev/null 2>&1 &)' EXIT
+  
+  exit 0
+fi
+
+if [ ! -s "$commit_msg_file" ] || ! grep -qv '^#' "$commit_msg_file"; then
+  exit 0
+fi
+
+if [ -t 1 ]; then
+  "${node}" "${cliPath}" pre-commit < /dev/tty
+  RESULT=$?
+else
+  "${node}" "${cliPath}" pre-commit
+  RESULT=$?
+fi
+
+if [ $RESULT -ne 0 ]; then
+  exit 1
+fi
+
+exit 0
+`, { mode: 493 });
+	writeFileSync(POST_INDEX_HOOK_PATH, `#!/bin/sh
+${POST_INDEX_MARKER}
+# Auto-generated - do not edit manually
+
+# Skip if only flags changed (not actual content)
+if [ "$1" = "1" ]; then
+  exit 0
+fi
+
+"${node}" "${cliPath}" staged > /dev/null 2>&1 &
+
+exit 0
+`, { mode: 493 });
+	log.info("Analyzing ESLint configuration for better checks...");
+	await getEslintRules({ overrideCache: true });
+	log.success("ESLint configuration loaded.");
+	if (!getGlobalKey() && process.env.COMMITGUARD_API_KEY === void 0) {
+		if (await confirm({
+			message: "No global API key found. Do you want to set it now?",
+			initialValue: true
+		})) await manageGlobalKey();
+	}
+	outro("You are all set! CommitGuard has been installed successfully.");
+}
+async function listHooks() {
+	if (!existsSync(GIT_DIR) || !existsSync(HOOKS_DIR)) {
+		outro(MESSAGES.noGit);
+		return;
+	}
+	const hooks = readdirSync(HOOKS_DIR).filter((file) => {
+		const filePath = join(HOOKS_DIR, file);
+		return statSync(filePath).isFile() && !file.endsWith(".sample") && !file.startsWith(".") && (readFileSync(filePath, "utf8").includes(COMMITGUARD_MARKER) || readFileSync(filePath, "utf8").includes(POST_INDEX_MARKER));
+	});
+	if (hooks.length === 0) {
+		outro();
+		return;
+	}
+	for (const hook of hooks) log.success(hook);
+	outro("Run \"commitguard remove\" to uninstall CommitGuard.");
+}
+async function removeHooks() {
+	if (!existsSync(GIT_DIR)) {
+		cancel(MESSAGES.noGit);
+		process.exit(1);
+	}
+	const commitMsgExists = existsSync(COMMIT_MSG_HOOK_PATH);
+	const postIndexExists = existsSync(POST_INDEX_HOOK_PATH);
+	if (!commitMsgExists && !postIndexExists) {
+		log.info("CommitGuard is not installed in this repository.");
+		return;
+	}
+	if (!await confirm({
+		message: "Are you sure you want to remove CommitGuard from this repository?",
+		initialValue: false
+	})) {
+		outro("CommitGuard uninstallation cancelled.");
+		return;
+	}
+	if (commitMsgExists) unlinkSync(COMMIT_MSG_HOOK_PATH);
+	if (postIndexExists) unlinkSync(POST_INDEX_HOOK_PATH);
+	log.success("CommitGuard uninstalled successfully!");
+	outro("Your commits are no longer be secured by CommitGuard.");
+}
+
+//#endregion
+//#region src/utils/staged.ts
+const CACHE_PATH = join(".git", "commitguard-cache.json");
+const CATEGORY_LABELS = {
+	security: "🚨 [SECURITY]",
+	performance: "🚀 [PERFORMANCE]",
+	code_quality: "✨ [CODE QUALITY]",
+	architecture: "🏗️ [ARCHITECTURE]"
+};
+const SEVERITY = {
+	critical: "CRITICAL",
+	warning: "WARNING",
+	suggestion: "SUGGESTION"
+};
+const LABEL_WIDTH = Math.max(...Object.values(CATEGORY_LABELS).map((label) => stringWidth(label)));
+function padLabel(label) {
+	const pad = LABEL_WIDTH - stringWidth(label);
+	return label + " ".repeat(pad);
+}
+const SEVERITY_WIDTH = Math.max(...Object.values(SEVERITY).map((sev) => stringWidth(sev) + 2));
+function padSeverity(severity) {
+	const pad = SEVERITY_WIDTH - stringWidth(severity);
+	return severity + " ".repeat(pad);
+}
+let memoryCache = null;
+function readCache() {
+	if (memoryCache) return memoryCache;
+	if (!existsSync(CACHE_PATH)) return null;
+	try {
+		const content = readFileSync(CACHE_PATH, "utf8");
+		memoryCache = JSON.parse(content);
+		return memoryCache;
+	} catch {
+		return null;
+	}
+}
+function writeCache(data) {
+	memoryCache = data;
+	writeFileSync(CACHE_PATH, JSON.stringify(data));
+}
+function clearCache() {
+	memoryCache = null;
+	if (existsSync(CACHE_PATH)) unlinkSync(CACHE_PATH);
+}
+function groupIssuesByFile(issues = []) {
+	const grouped = {};
+	const noFile = [];
+	for (const issue of issues) {
+		if (!issue.file) {
+			noFile.push(issue);
+			continue;
+		}
+		if (!grouped[issue.file]) grouped[issue.file] = [];
+		grouped[issue.file].push(issue);
+	}
+	return {
+		grouped,
+		noFile
+	};
+}
+async function onStaged() {
+	const diff = getStagedDiff();
+	if (!diff.trim()) {
+		clearCache();
+		return;
+	}
+	const diffHash = createDiffHash(diff);
+	const existingCache = readCache();
+	if (existingCache && existingCache.hash === diffHash) return;
+	try {
+		const config = loadConfig();
+		const response = await sendToCommitGuard(diff, (await getEslintRules()).rules, config);
+		writeCache({
+			hash: diffHash,
+			timestamp: Date.now(),
+			diff,
+			analysis: response
+		});
+	} catch (error) {
+		consola.error("Analysis failed:", error);
+	}
+}
+function getCachedAnalysis(diff, diffHash) {
+	const effectiveDiff = diff ?? getStagedDiff();
+	if (!effectiveDiff.trim()) return {
+		analysis: {
+			status: "pass",
+			issues: []
+		},
+		age: 0
+	};
+	const effectiveDiffHash = diffHash ?? createDiffHash(effectiveDiff);
+	const cache$1 = readCache();
+	if (!cache$1) return null;
+	if (cache$1.hash !== effectiveDiffHash) return null;
+	const age = Math.round((Date.now() - cache$1.timestamp) / 1e3);
+	return {
+		analysis: cache$1.analysis,
+		age
+	};
+}
+async function validateCommit() {
+	const diff = getStagedDiff();
+	const diffHash = diff.trim() ? createDiffHash(diff) : "";
+	const cached = getCachedAnalysis(diff, diffHash);
+	if (!cached) {
+		await onStaged();
+		const newCached = getCachedAnalysis(diff, diffHash);
+		if (!newCached) {
+			consola.error("Analysis failed");
+			process.exit(1);
+		}
+		await displayResults(newCached.analysis);
+		return;
+	}
+	await displayResults(cached.analysis);
+}
+async function displayResults(analysis) {
+	const isTTY = process.stdout.isTTY;
+	if (analysis.status === "pass" || analysis.approved || !analysis.issues || analysis.issues.length === 0) {
+		consola.success("All checks passed");
+		return;
+	}
+	const count = analysis.issues?.length ?? 0;
+	if (!isTTY) consola.log(`CommitGuard Detected ${count} issue${count === 1 ? "" : "s"}.`);
+	const { grouped, noFile } = groupIssuesByFile(analysis.issues);
+	const fileCount = Object.keys(grouped).length;
+	if (isTTY) consola.log(`\nCommitGuard Detected ${count} issue${count === 1 ? "" : "s"} in ${fileCount} file${fileCount === 1 ? "" : "s"}:`);
+	else consola.log(`\nIssues in ${fileCount} file${fileCount === 1 ? "" : "s"}:`);
+	for (const [file, issues] of Object.entries(grouped)) {
+		let output = `\n📄 ${file}\n`;
+		const lastIdx = issues.length - 1;
+		for (let i = 0; i < issues.length; i++) {
+			const issue = issues[i];
+			const prefix = i === lastIdx ? "   └─" : "   ├─";
+			const label = padLabel(CATEGORY_LABELS[issue.category] ?? "•");
+			const severity = padSeverity(issue.severity ? `[${issue.severity.toUpperCase()}]` : "[INFO]");
+			const location = issue.file ? ` (${issue.file}${issue.line ? `:${issue.line}` : ""})` : "";
+			output += `${prefix} ${label} ${severity} ${issue.message}${location}\n`;
+		}
+		process.stdout.write(output);
+	}
+	if (noFile.length > 0) {
+		consola.log("\n📋 General Issues");
+		noFile.forEach((issue, idx) => {
+			const prefix = idx === noFile.length - 1 ? "   └─" : "   ├─";
+			const emoji = CATEGORY_LABELS[issue.category] || "•";
+			consola.log(`${prefix} ${emoji} ${issue.message}`);
+		});
+	}
+	consola.log("\nFix these issues and try again.\n");
+	if (!isTTY) {
+		consola.log("--------------------");
+		consola.log("Unfortunately, CommitGuard cannot prompt for easy confirmation in non-interactive mode. To see how this works, please use git in a supported terminal.");
+		consola.log("To bypass this check, add --skip anywhere in your commit message");
+		process.exit(1);
+	}
+	if (await consola.prompt("Do you want to ignore these issues and commit anyway?", {
+		type: "confirm",
+		initial: false
+	})) {
+		consola.log("⚠️  Commit forced by user despite detected issues.\n");
+		return;
+	}
+	consola.log("\n💡 To bypass this check, add --skip anywhere in your commit message\n");
+	process.exit(1);
+}
+
+//#endregion
+//#region src/index.ts
+updateNotifier({ pkg: package_default }).notify();
+const command = process.argv[2];
+(async () => {
+	try {
+		switch (command) {
+			case "init":
+				await installHooks();
+				break;
+			case "config":
+				await manageConfig();
+				break;
+			case "pre-commit":
+				await validateCommit();
+				break;
+			case "list":
+			case "ls":
+				await listHooks();
+				break;
+			case "remove":
+			case "uninstall":
+				await removeHooks();
+				break;
+			case "keys":
+				await manageGlobalKey();
+				break;
+			case "bypass":
+				await bypassCommitGuard();
+				break;
+			case "staged":
+				await onStaged();
+				break;
+			default: consola.box(`
+CommitGuard - AI-powered git commit checker v${version}
+
+Usage:
+  commitguard init          Initialize CommitGuard in the current git repository
+  commitguard remove        Remove CommitGuard from the current git repository
+  commitguard config        Configure CommitGuard settings for the current repository
+  commitguard keys          Manage your CommitGuard API key
+
+Links:
+  Documentation: https://commitguard.ai/docs
+  Dashboard:     https://commitguard.ai/dashboard
+  Support:       https://commitguard.ai/support`);
+		}
+	} catch (error) {
+		consola.error("CommitGuard error:", error);
+		process.exit(1);
+	}
+})();
+
+//#endregion
+export {  };

package/package.json

@@ -0,0 +1,54 @@
+{
+  "name": "@commitguard/cli",
+  "type": "module",
+  "version": "0.0.1",
+  "description": "AI-powered git commit checker that blocks bad code before it ships",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/moshetanzer/commitguard.git"
+  },
+  "exports": {
+    ".": "./dist/index.mjs",
+    "./package.json": "./package.json"
+  },
+  "main": "./dist/index.mjs",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.mts",
+  "bin": {
+    "commitguard": "./dist/index.mjs"
+  },
+  "files": [
+    "dist"
+  ],
+  "dependencies": {
+    "@clack/prompts": "^0.11.0",
+    "@napi-rs/keyring": "^1.2.0",
+    "consola": "^3.4.2",
+    "dotenv": "^17.2.3",
+    "find-up": "^8.0.0",
+    "flat-cache": "^6.1.19",
+    "micromatch": "^4.0.8",
+    "string-width": "^8.1.0",
+    "update-notifier": "^7.3.1"
+  },
+  "devDependencies": {
+    "@antfu/eslint-config": "^6.7.3",
+    "@types/micromatch": "^4.0.10",
+    "@types/node": "^24.10.4",
+    "@types/update-notifier": "^6.0.8",
+    "bumpp": "^10.3.2",
+    "eslint": "^9.39.2",
+    "tsdown": "^0.18.3",
+    "typescript": "^5.9.3",
+    "vitest": "^4.0.16"
+  },
+  "scripts": {
+    "build": "tsdown",
+    "dev": "tsdown --watch",
+    "test": "vitest",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint .",
+    "lint:fix": "eslint . --fix"
+  }
+}