@eldrforge/git-tools 0.1.3 → 0.1.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@eldrforge/git-tools",
-  "version": "0.1.3",
+  "version": "0.1.4",
   "description": "Git utilities for automation - secure process execution and Git operations",
   "main": "dist/index.js",
   "type": "module",
@@ -10,6 +10,9 @@
       "types": "./dist/index.d.ts"
     }
   },
+  "files": [
+    "dist"
+  ],
   "repository": {
     "type": "git",
     "url": "git+https://github.com/calenvarek/git-tools.git"

package/.github/dependabot.yml

@@ -1,12 +0,0 @@
-# To get started with Dependabot version updates, you'll need to specify which
-# package ecosystems to update and where the package manifests are located.
-# Please see the documentation for all configuration options:
-# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
-
-version: 2
-updates:
-  - package-ecosystem: "npm" # See documentation for possible values
-    directory: "/" # Location of package manifests
-    schedule:
-      interval: "weekly"
-

package/.github/workflows/npm-publish.yml

@@ -1,48 +0,0 @@
-# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
-# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
-
-name: Node.js Package (npm)
-
-env:
-  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-
-on:
-  release:
-    types: [created]
-
-permissions:
-  contents: write
-  packages: write
-  id-token: write
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 22
-      - name: Install dependencies
-        run: npm ci --verbose --foreground-scripts
-        timeout-minutes: 10
-      - run: npm run lint
-      - run: npm run build
-      - run: npm run test
-
-  publish-npm:
-    needs: build
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 22
-          registry-url: https://registry.npmjs.org/
-      - name: Install dependencies
-        run: npm ci --verbose --foreground-scripts
-        timeout-minutes: 10
-      - run: npm publish --access public
-

package/.github/workflows/test.yml

@@ -1,33 +0,0 @@
-name: Run Tests
-
-on:
-  push:
-    branches:
-      - main
-      - working
-      - 'release/**'
-      - 'feature/**'
-      - 'dependabot/**'
-  pull_request:
-    branches:
-      - main
-
-permissions:
-  contents: write
-
-jobs:
-  test:
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 22
-      - name: Install dependencies
-        run: npm ci --verbose --foreground-scripts
-        timeout-minutes: 10
-      - run: npm run lint
-      - run: npm run build
-      - run: npm run test
-

package/CODE-DIFF-SUMMARY.md

@@ -1,93 +0,0 @@
-# Code Differences: kodrdriv → git-tools
-
-This document shows **every code difference** between the original kodrdriv files and the extracted git-tools files.
-
-## Summary
-
-**Total Differences:** 3 changes across 3 files  
-**Nature:** Import path changes only (no logic changes)
-
----
-
-## 1. child.ts
-
-**Single Line Changed:**
-```diff
-- import { getLogger } from '../logging';
-+ import { getLogger } from './logger';
-```
-
-**Reason:** git-tools implements its own logger interface
-
-**Impact:** Zero - function signatures and behavior identical
-
----
-
-## 2. git.ts
-
-**Single Line Changed:**
-```diff
-- import { getLogger } from '../logging';
-+ import { getLogger } from './logger';
-```
-
-**Reason:** git-tools implements its own logger interface
-
-**Impact:** Zero - function signatures and behavior identical
-
----
-
-## 3. validation.ts
-
-**Lines Removed (kodrdriv-specific):**
-- `interface ReleaseSummary` (lines 5-8)
-- `interface TranscriptionResult` (lines 12-15)
-- `validateReleaseSummary()` (lines 20-31)
-- `validateTranscriptionResult()` (lines 38-46)
-- `sanitizeDirection()` (lines 83-104)
-
-**Lines Kept (git-relevant):**
-- ✅ `safeJsonParse()`
-- ✅ `validateString()`
-- ✅ `validateHasProperty()`
-- ✅ `validatePackageJson()`
-
-**Reason:** OpenAI and audio transcription validation are kodrdriv-specific
-
-**Impact:** Zero - these functions are not used by git operations
-
----
-
-## Verification Checklist
-
-- [x] No logic changes in any function
-- [x] All function signatures identical
-- [x] Only import paths changed (for logger)
-- [x] All git-tools functions available in kodrdriv
-- [x] All tests migrated and passing
-- [x] Security patterns preserved
-- [x] TypeScript types maintained
-
----
-
-## Integration Impact
-
-When kodrdriv switches to use git-tools:
-
-**Files to Update:** 15 files  
-**Changes Required:** Import path updates only  
-**Breaking Changes:** None  
-**Risk Level:** Very Low
-
-**Example Migration:**
-```typescript
-// Before:
-import { getCurrentBranch } from '../util/git';
-
-// After:
-import { getCurrentBranch } from '@eldrforge/git-tools';
-```
-
----
-
-**Conclusion:** The extraction is **clean, verified, and safe** to integrate.

package/MIGRATION-VERIFICATION.md

@@ -1,436 +0,0 @@
-# Migration Verification: kodrdriv → git-tools
-
-**Date**: November 11, 2025
-**Status**: ✅ VERIFIED - Ready for Integration
-
----
-
-## Executive Summary
-
-This document verifies that the git-tools library has been correctly extracted from kodrdriv and is ready for integration.
-
-### ✅ Verification Results
-
-| Check | Status | Details |
-|-------|--------|---------|
-| Code Extraction | ✅ PASS | All functions copied verbatim (only import changes) |
-| Test Migration | ✅ PASS | 231 tests, 89.5% coverage |
-| Build Success | ✅ PASS | Clean build with TypeScript declarations |
-| Lint Clean | ✅ PASS | No linting errors |
-| API Compatibility | ✅ PASS | All kodrdriv imports will work |
-| Security | ✅ PASS | Shell injection prevention maintained |
-
----
-
-## File-by-File Comparison
-
-### 1. child.ts (Process Execution)
-
-**Differences:**
-```diff
-- import { getLogger } from '../logging';
-+ import { getLogger } from './logger';
-```
-
-**Functions Extracted** (all present):
-- ✅ `runSecure()` - Used in 9 kodrdriv files
-- ✅ `runSecureWithInheritedStdio()`
-- ✅ `run()` - Used in commit.ts, publish.ts, etc.
-- ✅ `runWithInheritedStdio()`
-- ✅ `runWithDryRunSupport()`
-- ✅ `runSecureWithDryRunSupport()`
-- ✅ `validateGitRef()` - Used in publish.ts, etc.
-- ✅ `validateFilePath()`
-- ✅ `escapeShellArg()`
-
-**Line Count:**
-- kodrdriv: 249 lines
-- git-tools: 250 lines (identical + newline)
-
-**Verification:** ✅ PASS - Functions identical, only import path changed
-
----
-
-### 2. git.ts (Git Operations)
-
-**Differences:**
-```diff
-- import { getLogger } from '../logging';
-+ import { getLogger } from './logger';
-```
-
-**Functions Extracted** (all present):
-- ✅ `isValidGitRef()` - Used in tree.ts, publish.ts
-- ✅ `findPreviousReleaseTag()` - Used in release.ts
-- ✅ `getCurrentVersion()` - Used in publish.ts
-- ✅ `getDefaultFromRef()` - Used in release.ts
-- ✅ `getRemoteDefaultBranch()`
-- ✅ `localBranchExists()` - Used in publish.ts
-- ✅ `remoteBranchExists()` - Used in publish.ts
-- ✅ `getBranchCommitSha()`
-- ✅ `isBranchInSyncWithRemote()` - Used in publish.ts
-- ✅ `safeSyncBranchWithRemote()` - Used in publish.ts
-- ✅ `getCurrentBranch()` - Used in development.ts, release.ts
-- ✅ `getGitStatusSummary()` - Used in tree.ts
-- ✅ `getGloballyLinkedPackages()` - Used in link.ts, unlink.ts
-- ✅ `getLinkedDependencies()` - Used in link.ts, unlink.ts
-- ✅ `getLinkCompatibilityProblems()` - Used in tree.ts
-- ✅ `getLinkProblems()` - Used in link.ts, unlink.ts
-- ✅ `isNpmLinked()` - Used in link.ts, unlink.ts, tree.ts
-
-**Line Count:**
-- kodrdriv: 1119 lines
-- git-tools: 1120 lines (identical + newline)
-
-**Verification:** ✅ PASS - Functions identical, only import path changed
-
----
-
-### 3. validation.ts (Validation Utilities)
-
-**Functions Extracted:**
-- ✅ `safeJsonParse()` - Used in commit.ts, publish.ts, arguments.ts
-- ✅ `validateString()` - Used in commit.ts
-- ✅ `validateHasProperty()`
-- ✅ `validatePackageJson()` - Used in publish.ts, link.ts, unlink.ts
-
-**Functions NOT Extracted** (kodrdriv-specific):
-- ❌ `validateReleaseSummary` - OpenAI response validation (stays in kodrdriv)
-- ❌ `validateTranscriptionResult` - Audio transcription validation (stays in kodrdriv)
-- ❌ `sanitizeDirection` - Prompt sanitization (stays in kodrdriv)
-- ❌ `ReleaseSummary` interface
-- ❌ `TranscriptionResult` interface
-
-**Verification:** ✅ PASS - Only git-related functions extracted, kodrdriv-specific left behind
-
----
-
-## Logger Abstraction
-
-### Implementation Strategy
-
-**git-tools** uses a logger interface instead of Winston directly:
-
-```typescript
-// git-tools/src/logger.ts
-export interface Logger {
-    error(message: string, ...meta: any[]): void;
-    warn(message: string, ...meta: any[]): void;
-    info(message: string, ...meta: any[]): void;
-    verbose(message: string, ...meta: any[]): void;
-    debug(message: string, ...meta: any[]): void;
-}
-```
-
-**kodrdriv integration** (when we update it):
-```typescript
-// kodrdriv will do this:
-import { setLogger } from '@eldrforge/git-tools';
-import { getLogger } from './logging'; // Winston logger
-
-// Set git-tools to use kodrdriv's logger
-setLogger(getLogger());
-```
-
-**Verification:** ✅ PASS - Logger abstraction will allow seamless integration
-
----
-
-## Test Coverage Verification
-
-### Tests Migrated
-
-| Test File | Lines | Tests | Coverage |
-|-----------|-------|-------|----------|
-| child.test.ts | 1,035 | 57 | 88.2% |
-| child.integration.test.ts | 160 | 28 | +coverage |
-| git.test.ts | 1,931 | 112 | 89.14% |
-| validation.test.ts | 152 | 19 | 100% |
-| logger.test.ts | 190 | 15 | 100% |
-| **TOTAL** | **3,468** | **231** | **89.5%** |
-
-### Coverage by Module
-
-| Module | Statements | Branches | Functions | Lines |
-|--------|-----------|----------|-----------|-------|
-| git.ts | 89.14% | 87.5% | 95% | 89.14% |
-| child.ts | 88.2% | 95% | 88.88% | 88.2% |
-| logger.ts | 100% | 100% | 100% | 100% |
-| validation.ts | 100% | 76.92% | 100% | 100% |
-| **Overall** | **89.5%** | **88.14%** | **95.34%** | **89.5%** |
-
-**Verification:** ✅ PASS - Excellent test coverage maintained
-
----
-
-## Import Analysis
-
-### kodrdriv Usage of Extracted Functions
-
-**Files that import from util/git:**
-1. `src/commands/tree.ts`
-2. `src/commands/publish.ts`
-3. `src/commands/development.ts`
-4. `src/commands/release.ts`
-
-**Files that import from util/child:**
-1. `src/commands/tree.ts`
-2. `src/commands/publish.ts`
-3. `src/commands/development.ts`
-4. `src/commands/updates.ts`
-5. `src/commands/link.ts`
-6. `src/commands/unlink.ts`
-7. `src/commands/commit.ts`
-8. `src/content/log.ts`
-9. `src/content/diff.ts`
-
-**Files that import from util/validation:**
-1. `src/commands/tree.ts`
-2. `src/commands/publish.ts`
-3. `src/commands/release.ts`
-4. `src/arguments.ts`
-5. `src/commands/link.ts`
-6. `src/commands/unlink.ts`
-7. `src/commands/commit.ts`
-8. `src/commands/versions.ts`
-
-**Verification:** ✅ PASS - All imports will transition cleanly to git-tools
-
----
-
-## Integration Strategy for kodrdriv
-
-When ready to integrate git-tools back into kodrdriv:
-
-### Step 1: Add Dependency
-```json
-// kodrdriv/package.json
-{
-  "dependencies": {
-    "@eldrforge/git-tools": "^0.1.0"
-  }
-}
-```
-
-### Step 2: Update Imports (Example)
-```typescript
-// Before:
-import { getCurrentBranch } from '../util/git';
-import { run } from '../util/child';
-import { safeJsonParse } from '../util/validation';
-
-// After:
-import { getCurrentBranch, run, safeJsonParse } from '@eldrforge/git-tools';
-```
-
-### Step 3: Setup Logger
-```typescript
-// kodrdriv/src/main.ts or early in execution
-import { setLogger } from '@eldrforge/git-tools';
-import { getLogger } from './logging';
-
-// Configure git-tools to use kodrdriv's Winston logger
-setLogger(getLogger());
-```
-
-### Step 4: Remove Old Files
-After verifying everything works:
-- Delete `src/util/git.ts` (1119 lines)
-- Delete `src/util/child.ts` (249 lines)
-- Update `src/util/validation.ts` (keep only kodrdriv-specific functions)
-
-**Net Result:**
-- ~1,400 lines removed from kodrdriv
-- Dependencies on git-tools
-- Cleaner architecture
-
----
-
-## Compatibility Matrix
-
-### Functions Used by kodrdriv
-
-| Function | kodrdriv Usage | git-tools Export | Status |
-|----------|---------------|------------------|--------|
-| `run()` | ✓ (9 files) | ✓ | ✅ Compatible |
-| `runSecure()` | ✓ (9 files) | ✓ | ✅ Compatible |
-| `runWithDryRunSupport()` | ✓ | ✓ | ✅ Compatible |
-| `validateGitRef()` | ✓ | ✓ | ✅ Compatible |
-| `getCurrentBranch()` | ✓ | ✓ | ✅ Compatible |
-| `isBranchInSyncWithRemote()` | ✓ | ✓ | ✅ Compatible |
-| `safeSyncBranchWithRemote()` | ✓ | ✓ | ✅ Compatible |
-| `findPreviousReleaseTag()` | ✓ | ✓ | ✅ Compatible |
-| `getDefaultFromRef()` | ✓ | ✓ | ✅ Compatible |
-| `getGitStatusSummary()` | ✓ | ✓ | ✅ Compatible |
-| `getGloballyLinkedPackages()` | ✓ | ✓ | ✅ Compatible |
-| `getLinkedDependencies()` | ✓ | ✓ | ✅ Compatible |
-| `getLinkCompatibilityProblems()` | ✓ | ✓ | ✅ Compatible |
-| `isNpmLinked()` | ✓ | ✓ | ✅ Compatible |
-| `localBranchExists()` | ✓ | ✓ | ✅ Compatible |
-| `remoteBranchExists()` | ✓ | ✓ | ✅ Compatible |
-| `safeJsonParse()` | ✓ (8 files) | ✓ | ✅ Compatible |
-| `validatePackageJson()` | ✓ (8 files) | ✓ | ✅ Compatible |
-| `validateString()` | ✓ | ✓ | ✅ Compatible |
-
-**Verification:** ✅ PASS - 100% API compatibility
-
----
-
-## Dependency Verification
-
-### git-tools Dependencies
-```json
-{
-  "dependencies": {
-    "semver": "^7.7.2",
-    "shell-escape": "^0.2.0"
-  },
-  "peerDependencies": {
-    "winston": "^3.17.0" // optional
-  }
-}
-```
-
-### kodrdriv Already Has These
-```json
-{
-  "dependencies": {
-    "semver": "^7.7.2",     // ✅ Same version
-    "winston": "^3.17.0"     // ✅ Same version
-  }
-}
-```
-
-**Note:** `shell-escape` will be added to kodrdriv when git-tools is integrated (via transitive dependency).
-
-**Verification:** ✅ PASS - No dependency conflicts
-
----
-
-## Security Verification
-
-### Shell Injection Prevention
-
-Both versions maintain identical security patterns:
-
-**git-tools:**
-```typescript
-export async function runSecure(
-    command: string,
-    args: string[] = [],
-    options: child_process.SpawnOptions = {}
-): Promise<{ stdout: string; stderr: string }> {
-    const logger = getLogger();
-    return new Promise((resolve, reject) => {
-        const child = spawn(command, args, {
-            ...options,
-            shell: false, // CRITICAL: Never use shell for user input
-            stdio: 'pipe'
-        });
-        // ... rest of implementation
-    });
-}
-```
-
-**Verification:** ✅ PASS - Security patterns preserved
-
----
-
-## Breaking Changes
-
-### None Expected
-
-The migration is designed to be:
-- **API Compatible**: All function signatures identical
-- **Behavior Identical**: Logic unchanged, only imports differ
-- **Non-Breaking**: kodrdriv can switch to git-tools with only import changes
-
-### What Stays in kodrdriv
-
-The following validation functions remain kodrdriv-specific:
-- `validateReleaseSummary()` - OpenAI response validation
-- `validateTranscriptionResult()` - Audio transcription validation
-- `sanitizeDirection()` - Prompt engineering utility
-- `ReleaseSummary` interface
-- `TranscriptionResult` interface
-
-These are correctly NOT in git-tools.
-
----
-
-## Integration Checklist for kodrdriv
-
-When ready to integrate:
-
-- [ ] Publish git-tools to npm
-- [ ] Add `@eldrforge/git-tools` to kodrdriv package.json
-- [ ] Update imports in 15+ files (automated find/replace)
-- [ ] Setup logger: `setLogger(getLogger())` in main.ts
-- [ ] Run kodrdriv tests
-- [ ] Remove old util files (git.ts, child.ts)
-- [ ] Update validation.ts (keep only kodrdriv-specific functions)
-- [ ] Verify all commands still work
-- [ ] Update documentation
-
----
-
-## Risk Assessment
-
-| Risk | Likelihood | Impact | Mitigation |
-|------|-----------|--------|------------|
-| Import path errors | Low | High | All imports verified, automated tests |
-| Logger incompatibility | Low | Medium | Interface tested, Winston compatible |
-| Missing functions | None | N/A | All functions verified present |
-| Dependency conflicts | None | N/A | Same versions in both projects |
-| Breaking changes | None | N/A | API 100% compatible |
-
-**Overall Risk:** ✅ LOW - Safe to proceed
-
----
-
-## Performance Verification
-
-### Bundle Size
-
-**git-tools built output:**
-- `dist/git.js`: 46.26 KB
-- `dist/child.js`: 7.89 KB
-- `dist/validation.js`: 2.08 KB
-- `dist/logger.js`: 2.35 KB
-- **Total:** ~59 KB
-
-**Impact on kodrdriv:**
-- Remove ~1,400 lines of code
-- Add ~59 KB dependency
-- Net: Cleaner codebase, same functionality
-
-**Verification:** ✅ PASS - Minimal size impact
-
----
-
-## Conclusion
-
-### ✅ MIGRATION VERIFIED
-
-The git-tools library has been successfully extracted from kodrdriv with:
-
-1. **100% Code Fidelity**: All functions copied exactly (only import paths changed)
-2. **100% API Compatibility**: All kodrdriv usage patterns supported
-3. **Excellent Test Coverage**: 89.5% overall, 231 tests passing
-4. **Zero Breaking Changes**: Drop-in replacement for kodrdriv's util modules
-5. **Enhanced Modularity**: Can be used by other projects
-6. **Security Maintained**: All shell injection prevention intact
-
-### Ready for Next Steps
-
-1. ✅ Create GitHub repository
-2. ✅ Push to GitHub
-3. ✅ Publish to npm
-4. ⏳ Update kodrdriv to use git-tools (when ready)
-
----
-
-**Verified By**: AI Analysis
-**Date**: November 11, 2025
-**Confidence**: HIGH - No issues found in comprehensive comparison
-