@getcodesentinel/codesentinel 1.9.0 → 1.9.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +37 -10
- package/dist/index.js +0 -4
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -61,18 +61,28 @@ Or in package scripts:
|
|
|
61
61
|
}
|
|
62
62
|
```
|
|
63
63
|
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
```
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
64
|
+
CI example:
|
|
65
|
+
|
|
66
|
+
```yaml
|
|
67
|
+
- uses: actions/checkout@v4
|
|
68
|
+
with:
|
|
69
|
+
fetch-depth: 0
|
|
70
|
+
filter: blob:none
|
|
71
|
+
ref: ${{ github.event.pull_request.head.sha || github.sha }}
|
|
72
|
+
- name: Ensure git history for CodeSentinel
|
|
73
|
+
run: |
|
|
74
|
+
set -euo pipefail
|
|
75
|
+
git fetch --prune --unshallow || true
|
|
76
|
+
BASE_REF="${GITHUB_BASE_REF:-main}"
|
|
77
|
+
git fetch origin "+refs/heads/${BASE_REF}:refs/remotes/origin/${BASE_REF}"
|
|
78
|
+
- name: Run CodeSentinel
|
|
79
|
+
run: npx codesentinel ci --baseline-ref auto --max-repo-score 55 --max-repo-delta 0.03 --no-new-cycles --no-new-high-risk-deps --max-new-hotspots 2 --fail-on error
|
|
74
80
|
```
|
|
75
81
|
|
|
82
|
+
`--baseline-ref auto` requires enough git history to resolve a baseline deterministically. In GitHub Actions, use `fetch-depth: 0` and ensure the CI base branch ref is fetched.
|
|
83
|
+
|
|
84
|
+
A full workflow template is available at `examples/github-actions/codesentinel-ci.yml`.
|
|
85
|
+
|
|
76
86
|
## Vision
|
|
77
87
|
|
|
78
88
|
CodeSentinel combines three signals into a single, explainable risk profile:
|
|
@@ -276,6 +286,23 @@ Baseline input modes:
|
|
|
276
286
|
- otherwise: `merge-base(HEAD, origin/main)` then `origin/master`, `main`, `master`
|
|
277
287
|
- `--main-branch <name>` (repeatable) or `--main-branches "main,master,trunk"` customize default branch candidates used by `--baseline-ref auto`.
|
|
278
288
|
|
|
289
|
+
GitHub Actions recommendation for deterministic CI with `--baseline-ref auto`:
|
|
290
|
+
|
|
291
|
+
```yaml
|
|
292
|
+
- uses: actions/checkout@v4
|
|
293
|
+
with:
|
|
294
|
+
fetch-depth: 0
|
|
295
|
+
filter: blob:none
|
|
296
|
+
ref: ${{ github.event.pull_request.head.sha || github.sha }}
|
|
297
|
+
|
|
298
|
+
- name: Ensure git history for CodeSentinel
|
|
299
|
+
run: |
|
|
300
|
+
set -euo pipefail
|
|
301
|
+
git fetch --prune --unshallow || true
|
|
302
|
+
BASE_REF="${GITHUB_BASE_REF:-main}"
|
|
303
|
+
git fetch origin "+refs/heads/${BASE_REF}:refs/remotes/origin/${BASE_REF}"
|
|
304
|
+
```
|
|
305
|
+
|
|
279
306
|
Exit codes:
|
|
280
307
|
|
|
281
308
|
- `0`: no failing violations
|
package/dist/index.js
CHANGED
|
@@ -5580,10 +5580,6 @@ program.command("ci").argument("[path]", "path to the project to analyze").addOp
|
|
|
5580
5580
|
);
|
|
5581
5581
|
if (options.report === void 0) {
|
|
5582
5582
|
process.stdout.write(`${result.markdownSummary}
|
|
5583
|
-
`);
|
|
5584
|
-
}
|
|
5585
|
-
if (options.jsonOutput === void 0) {
|
|
5586
|
-
process.stdout.write(`${JSON.stringify(result.machineReadable, null, 2)}
|
|
5587
5583
|
`);
|
|
5588
5584
|
}
|
|
5589
5585
|
process.exitCode = result.gateResult.exitCode;
|