@freshworks/shiftleft-tools 1.1.8 → 1.1.10

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@freshworks/shiftleft-tools",
-  "version": "1.1.8",
+  "version": "1.1.10",
   "description": "CLI for managing Cursor rules/skills and Postman test infrastructure across Java Spring Boot and Node.js/Express projects",
   "type": "module",
   "main": "src/index.js",

package/src/commands/link.js

@@ -2,6 +2,7 @@ import {
     existsSync,
     lstatSync,
     rmSync,
+    unlinkSync,
     symlinkSync,
     statSync,
     readdirSync,
@@ -43,11 +44,20 @@ function cursorRuleLinks(stack) {
 }
 
 function removeExisting(p) {
+    let st;
     try {
-        lstatSync(p); // throws if absent
-        rmSync(p, { recursive: true, force: true });
+        st = lstatSync(p); // throws if absent
     } catch {
-        /* nothing there */
+        return; // nothing there
+    }
+    // unlink symlinks (incl. dangling) and plain files; only recurse for real
+    // dirs. rmSync({recursive,force}) silently no-ops on a dangling symlink
+    // (force swallows the ENOENT from following the dead link), leaving it in
+    // place — so a later mkdir/write follows it and fails with ENOENT.
+    if (st.isSymbolicLink() || !st.isDirectory()) {
+        unlinkSync(p);
+    } else {
+        rmSync(p, { recursive: true, force: true });
     }
 }
 

package/templates/jenkins/Jenkinsfile-java.groovy

@@ -399,20 +399,15 @@ def updateShiftLeftStatus(String state, String targetUrlPath = '') {
 
 // Ensure the shiftleft CLI is installed. run-all.sh execs `shiftleft test`,
 // which stages the library scripts from the package — so CI agents need the CLI.
-// Idempotent (skips if already present). Requires a Jenkins "Secret text"
-// credential (id below) holding the Nexus npm basic-auth token, i.e. the value
-// for  //nexuscentral.runwayci.com/repository/npm-group/:_auth=  (base64 of user:pass).
+// Idempotent (skips if already present). Installs the public package from npmjs;
+// CI agents need outbound access to registry.npmjs.org.
 def ensureShiftleftCli() {
-    withCredentials([string(credentialsId: 'nexus-npm-auth', variable: 'NEXUS_NPM_AUTH')]) {
-        sh '''#!/bin/bash --login
-            set -e
-            if ! command -v shiftleft >/dev/null 2>&1; then
-                echo "//nexuscentral.runwayci.com/repository/npm-group/:_auth=${NEXUS_NPM_AUTH}" >> "$HOME/.npmrc"
-                npm install -g shiftleft-tools \
-                    --registry=https://nexuscentral.runwayci.com/repository/npm-group/ --prefer-online
-            fi
-        '''
-    }
+    sh '''#!/bin/bash --login
+        set -e
+        if ! command -v shiftleft >/dev/null 2>&1; then
+            npm install -g @freshworks/shiftleft-tools
+        fi
+    '''
 }
 
 def runMutationTests() {

package/templates/jenkins/Jenkinsfile-node.groovy

@@ -209,20 +209,15 @@ pipeline {
  */
 // Ensure the shiftleft CLI is installed. `shiftleft stage-scripts` / run-all.sh
 // (which execs `shiftleft test`) stage the library scripts from the package, so
-// CI agents need the CLI. Idempotent. Requires a Jenkins "Secret text" credential
-// (id below) holding the Nexus npm basic-auth token, i.e. the value for
-// //nexuscentral.runwayci.com/repository/npm-group/:_auth=  (base64 of user:pass).
+// CI agents need the CLI. Idempotent. Installs the public package from npmjs;
+// CI agents need outbound access to registry.npmjs.org.
 def ensureShiftleftCli() {
-    withCredentials([string(credentialsId: 'nexus-npm-auth', variable: 'NEXUS_NPM_AUTH')]) {
-        sh '''#!/bin/bash --login
-            set -e
-            if ! command -v shiftleft >/dev/null 2>&1; then
-                echo "//nexuscentral.runwayci.com/repository/npm-group/:_auth=${NEXUS_NPM_AUTH}" >> "$HOME/.npmrc"
-                npm install -g shiftleft-tools \
-                    --registry=https://nexuscentral.runwayci.com/repository/npm-group/ --prefer-online
-            fi
-        '''
-    }
+    sh '''#!/bin/bash --login
+        set -e
+        if ! command -v shiftleft >/dev/null 2>&1; then
+            npm install -g @freshworks/shiftleft-tools
+        fi
+    '''
 }
 
 def runShiftLeftStagingPostman() {

package/templates/postman/run-all-shim.sh

@@ -1,15 +1,16 @@
 #!/usr/bin/env bash
 # Generated by shiftleft-tools — do not edit.
 #
-# Test orchestration lives in the shiftleft-tools package, not in this repo. This
-# shim stages the latest scripts (gitignored, machine-local) and runs them, so
-# `npm install -g shiftleft-tools` updates behavior with no repo change.
+# Test orchestration lives in the @freshworks/shiftleft-tools package, not in this
+# repo. This shim stages the latest scripts (gitignored, machine-local) and runs
+# them, so `npm install -g @freshworks/shiftleft-tools` updates behavior with no
+# repo change.
 # All flags pass through unchanged: --env, --skip-unit, --skip-mutation,
 # --skip-postman, --skip-coverage, --skip-report, --no-delay, ...
 
 if ! command -v shiftleft >/dev/null 2>&1; then
     echo "error: shiftleft CLI not found." >&2
-    echo "Install it with: npm install -g shiftleft-tools --registry=https://nexuscentral.runwayci.com/repository/npm-group/" >&2
+    echo "Install it with: npm install -g @freshworks/shiftleft-tools" >&2
     exit 127
 fi
 

package/templates/skills/_shared/postman-standards.md

@@ -8,7 +8,7 @@ Language-agnostic standards for writing and organizing Postman integration tests
 
 The pipeline's library scripts (`postman/scripts/lib/`, `runners/`,
 `report-generators/`, `auth/`, `infra/`, `database/`) are **not** vendored into
-the repo. They live in the installed `shiftleft-tools` package and are pulled in
+the repo. They live in the installed `@freshworks/shiftleft-tools` package and are pulled in
 on demand:
 
 - `shiftleft test` (and the committed `postman/scripts/run-all.sh` shim) stage the

package/templates/skills/enhance-test-pipeline/SKILL-java.md

@@ -22,14 +22,14 @@ Before writing any code, check these canonical repos. They are the ground truth
 - `mp-installation` — PIT mutation, JaCoCo, multi-product Postman, API coverage matrix, quality report, Jenkins ShiftLeft
 - `dp-apps` — same stack, original reference
 
-**Script source (the `shiftleft-tools` package — pulled at runtime):**
+**Script source (the `@freshworks/shiftleft-tools` package — pulled at runtime):**
 ```bash
 # Stage the latest library scripts from the installed package into postman/scripts/.
 # Gitignored and refreshed on every run — never copy or commit them by hand.
 shiftleft stage-scripts
 ```
 
-The library scripts live only in the `shiftleft-tools` package. `shiftleft stage-scripts`
+The library scripts live only in the `@freshworks/shiftleft-tools` package. `shiftleft stage-scripts`
 (and `shiftleft test`, which stages then runs) pulls the current versions in — do
 not copy from a templates directory or write them from scratch.
 
@@ -171,7 +171,7 @@ I will make the following targeted changes:
   5. Add missing stage-report-artifacts.sh
   6. Add missing generate-quality-report.sh
   7. Add missing runners/run-tests-local.sh and runners/run-tests-staging.sh
-  8. Copy all lib/report_*.py modules and lib/api_coverage.py from shiftleft-tools templates
+  8. Copy all lib/report_*.py modules and lib/api_coverage.py from @freshworks/shiftleft-tools templates
   9. Update Jenkinsfile ShiftLeft stage to add quality report generation
 
 I will NOT change:
@@ -235,7 +235,7 @@ Update `targetClasses` and `targetTests` with the actual package paths found.
 
 **Issue: missing pitest-junit5-plugin** — add to PIT plugin dependencies.
 
-### 4.3 Refresh scripts from the shiftleft-tools package
+### 4.3 Refresh scripts from the @freshworks/@freshworks/shiftleft-tools package
 
 Run `shiftleft stage-scripts` — it re-stages every library script from the
 installed package, so stale or missing ones are replaced automatically. You do

package/templates/skills/enhance-test-pipeline/SKILL-node.md

@@ -282,7 +282,7 @@ withCredentials([string(credentialsId: 'github-token', variable: 'GH_TOKEN')]) {
 
 **Static AWS keys in Jenkins env** — remove `AWS_ACCESS_KEY_ID` / `AWS_SECRET_ACCESS_KEY` from `environment {}`. Use IRSA (pod IAM role annotation on the pod spec). The pod supplies credentials automatically via the metadata service — no env vars needed.
 
-### 4.3 Refresh scripts from the shiftleft-tools package
+### 4.3 Refresh scripts from the @freshworks/@freshworks/shiftleft-tools package
 
 Run `shiftleft stage-scripts` — it pulls every library script from the installed
 package into `postman/scripts/` (gitignored, made executable, refreshed on every

package/templates/skills/setup-mutation-tests/SKILL-node.md

@@ -332,7 +332,7 @@ module.exports = {
 }
 ```
 
-### 4.4 Stage run-mutation-tests.sh from the shiftleft-tools package
+### 4.4 Stage run-mutation-tests.sh from the @freshworks/@freshworks/shiftleft-tools package
 
 `runners/run-mutation-tests.sh` and `lib/cleanup-stryker.sh` are library scripts —
 they're staged from the installed package, not copied by hand. Run:

package/templates/skills/setup-test-pipeline/SKILL-java.md

@@ -22,7 +22,7 @@ Before writing any code, check these canonical repos. They are the ground truth
 - `mp-installation` — PIT mutation, JaCoCo, multi-product Postman, API coverage matrix, quality report, Jenkins ShiftLeft
 - `dp-apps` — same stack, original reference
 
-**Script source (the `shiftleft-tools` package — pulled at runtime):**
+**Script source (the `@freshworks/shiftleft-tools` package — pulled at runtime):**
 ```bash
 # Stage the latest library scripts from the installed package into postman/scripts/.
 # These are gitignored and refreshed on every run — never copy or commit them by hand.
@@ -31,7 +31,7 @@ shiftleft stage-scripts
 
 Do not copy scripts from a templates directory or write them from scratch. The
 library scripts (`runners/`, `report-generators/`, `lib/`, `auth/`, `infra/`,
-`database/`) live only in the `shiftleft-tools` package; `shiftleft stage-scripts`
+`database/`) live only in the `@freshworks/shiftleft-tools` package; `shiftleft stage-scripts`
 (and `shiftleft test`, which stages then runs) pulls the current versions in.
 
 ---
@@ -141,7 +141,7 @@ I will set up the following components in order:
   1. [if missing] Postman infrastructure (collections, scripts, config)
   2. [if missing] JaCoCo coverage plugin in pom.xml
   3. [if missing] PIT mutation testing (profile-gated, discover packages first)
-  4. Stage library scripts from the shiftleft-tools package (`shiftleft stage-scripts`):
+  4. Stage library scripts from the @freshworks/@freshworks/shiftleft-tools package (`shiftleft stage-scripts`):
        postman/scripts/run-all.sh
        postman/scripts/report-generators/mutation-report.sh
        postman/scripts/report-generators/java-api-coverage-matrix.sh
@@ -217,7 +217,7 @@ Key requirements:
 - XML + HTML output — XML required for quality report script
 - Mutation threshold: 60%, coverage threshold: 70%
 
-### Step D: Stage scripts from the shiftleft-tools package
+### Step D: Stage scripts from the @freshworks/@freshworks/shiftleft-tools package
 
 **Do not copy or write these by hand.** Run `shiftleft stage-scripts` to pull the
 current library scripts from the installed package into `postman/scripts/` (they

package/templates/skills/setup-test-pipeline/SKILL-node.md

@@ -122,7 +122,7 @@ I will set up the following components in order:
   1. [if missing] Postman infrastructure (collections, scripts, config)
   2. [if missing] nyc coverage in package.json
   3. [if missing] Stryker mutation testing (discover actual src structure first)
-  4. Stage library scripts from the shiftleft-tools package (`shiftleft stage-scripts`):
+  4. Stage library scripts from the @freshworks/@freshworks/shiftleft-tools package (`shiftleft stage-scripts`):
      run-all.sh, runners/run-mutation-tests.sh,
      report-generators/node-api-coverage-matrix.sh, generate-consolidated-report.sh,
      report-generators/stage-report-artifacts.sh,
@@ -196,7 +196,7 @@ Key requirements:
 - `htmlReporter: { fileName: 'coverage/mutation/index.html' }`
 - `run-mutation-tests.sh` for the two-mode approach (since vs full)
 
-### Step D: Stage scripts from the shiftleft-tools package
+### Step D: Stage scripts from the @freshworks/@freshworks/shiftleft-tools package
 
 Run `shiftleft stage-scripts` to pull the library scripts from the installed
 package into `postman/scripts/` — do not copy or write them by hand. They are