@hatem427/code-guard-ci 1.0.4 ā 1.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +17 -8
- package/dist/scripts/cli.js +116 -7
- package/dist/scripts/cli.js.map +1 -1
- package/dist/scripts/postinstall.d.ts +10 -0
- package/dist/scripts/postinstall.d.ts.map +1 -0
- package/dist/scripts/postinstall.js +41 -0
- package/dist/scripts/postinstall.js.map +1 -0
- package/dist/scripts/precommit-check.d.ts.map +1 -1
- package/dist/scripts/precommit-check.js +32 -15
- package/dist/scripts/precommit-check.js.map +1 -1
- package/dist/scripts/utils/security-check.d.ts +12 -0
- package/dist/scripts/utils/security-check.d.ts.map +1 -0
- package/dist/scripts/utils/security-check.js +126 -0
- package/dist/scripts/utils/security-check.js.map +1 -0
- package/package.json +125 -1
- package/scripts/cli.ts +124 -8
- package/scripts/postinstall.ts +40 -0
- package/scripts/precommit-check.ts +38 -14
- package/scripts/utils/security-check.ts +108 -0
package/README.md
CHANGED
|
@@ -14,13 +14,16 @@ Automatically enforce your team's coding standards with pre-commit hooks, featur
|
|
|
14
14
|
# Install in your project
|
|
15
15
|
npm install --save-dev @hatem427/code-guard-ci
|
|
16
16
|
|
|
17
|
-
# Or with yarn
|
|
18
|
-
yarn add -D @hatem427/code-guard-ci
|
|
19
|
-
|
|
20
17
|
# Initialize in your project
|
|
21
18
|
npx code-guard init
|
|
19
|
+
|
|
20
|
+
# š SECURITY: Change default passwords immediately!
|
|
21
|
+
npm run set-bypass-password
|
|
22
|
+
npm run set-admin-password
|
|
22
23
|
```
|
|
23
24
|
|
|
25
|
+
ā ļø **CRITICAL SECURITY STEP**: Default passwords are publicly known. Change them immediately or commits will be blocked!
|
|
26
|
+
|
|
24
27
|
### Option 2: Copy Files Directly
|
|
25
28
|
|
|
26
29
|
```bash
|
|
@@ -416,6 +419,10 @@ const data: any = {}; // code-guardian-disable no-any-type
|
|
|
416
419
|
## šÆ NPM Scripts Reference
|
|
417
420
|
|
|
418
421
|
```bash
|
|
422
|
+
# š SECURITY SETUP (RUN FIRST!)
|
|
423
|
+
npm run set-bypass-password # REQUIRED: Set developer bypass password
|
|
424
|
+
npm run set-admin-password # REQUIRED: Set admin password (log deletion)
|
|
425
|
+
|
|
419
426
|
# Pre-commit check (runs automatically via Husky)
|
|
420
427
|
npm run precommit-check
|
|
421
428
|
|
|
@@ -423,9 +430,7 @@ npm run precommit-check
|
|
|
423
430
|
npm run auto-fix # Fix all violations
|
|
424
431
|
npm run auto-fix -- --dry-run # Preview fixes without changing files
|
|
425
432
|
|
|
426
|
-
#
|
|
427
|
-
npm run set-bypass-password # Set developer bypass password
|
|
428
|
-
npm run set-admin-password # Set admin password (log deletion)
|
|
433
|
+
# Bypass Log Management
|
|
429
434
|
npm run view-bypass-log # View all bypass attempts
|
|
430
435
|
npm run delete-bypass-logs # Delete bypass logs (requires admin password)
|
|
431
436
|
|
|
@@ -465,10 +470,13 @@ Every bypass attempt is automatically logged with:
|
|
|
465
470
|
|
|
466
471
|
### Two-Level Security
|
|
467
472
|
|
|
473
|
+
ā ļø **CRITICAL**: Default passwords are PUBLICLY KNOWN in the source code!
|
|
474
|
+
|
|
468
475
|
#### 1. Bypass Password (Developer Access)
|
|
469
476
|
- Allows bypassing pre-commit checks when necessary
|
|
470
477
|
- Share with authorized developers
|
|
471
|
-
- Default: `bypass123`
|
|
478
|
+
- Default: `bypass123` š“ **SECURITY RISK - CHANGE IMMEDIATELY**
|
|
479
|
+
- Anyone who can see your code can use this!
|
|
472
480
|
|
|
473
481
|
```bash
|
|
474
482
|
# Set bypass password
|
|
@@ -478,7 +486,8 @@ npm run set-bypass-password
|
|
|
478
486
|
#### 2. Admin Password (Restricted Access)
|
|
479
487
|
- Required to delete bypass log entries
|
|
480
488
|
- Share only with team leads and security officers
|
|
481
|
-
- Default: `admin123`
|
|
489
|
+
- Default: `admin123` š“ **SECURITY RISK - CHANGE IMMEDIATELY**
|
|
490
|
+
- Protects audit trail from unauthorized deletion
|
|
482
491
|
|
|
483
492
|
```bash
|
|
484
493
|
# Set admin password
|
package/dist/scripts/cli.js
CHANGED
|
@@ -171,24 +171,133 @@ function initProject() {
|
|
|
171
171
|
packageJson.scripts['precommit-check'] = 'code-guard check';
|
|
172
172
|
packageJson.scripts['generate-doc'] = 'code-guard doc';
|
|
173
173
|
packageJson.scripts['generate-pr-checklist'] = 'code-guard checklist';
|
|
174
|
+
packageJson.scripts['prepare'] = 'husky';
|
|
175
|
+
// Add optional scripts (they'll use ts-node if code-guard commands aren't available)
|
|
176
|
+
const packageName = '@hatem427/code-guard-ci'; // Your package name
|
|
177
|
+
packageJson.scripts['set-bypass-password'] = `npx ts-node node_modules/${packageName}/scripts/set-bypass-password.ts`;
|
|
178
|
+
packageJson.scripts['set-admin-password'] = `npx ts-node node_modules/${packageName}/scripts/set-admin-password.ts`;
|
|
179
|
+
packageJson.scripts['delete-bypass-logs'] = `npx ts-node node_modules/${packageName}/scripts/delete-bypass-logs.ts`;
|
|
180
|
+
packageJson.scripts['view-bypass-log'] = `npx ts-node node_modules/${packageName}/scripts/view-bypass-log.ts`;
|
|
181
|
+
packageJson.scripts['auto-fix'] = `npx ts-node node_modules/${packageName}/scripts/auto-fix.ts`;
|
|
174
182
|
fs.writeFileSync(packageJsonPath, JSON.stringify(packageJson, null, 2) + '\n');
|
|
175
183
|
console.log(' ā Added npm scripts');
|
|
176
184
|
// Setup Husky
|
|
177
185
|
console.log('\nš¶ Setting up Husky...');
|
|
178
186
|
try {
|
|
179
|
-
|
|
180
|
-
|
|
187
|
+
// First, try modern husky init
|
|
188
|
+
try {
|
|
189
|
+
(0, child_process_1.execSync)('npx husky init', { stdio: 'pipe', cwd });
|
|
190
|
+
}
|
|
191
|
+
catch {
|
|
192
|
+
// Fallback to manual setup
|
|
193
|
+
const huskyDir = path.join(cwd, '.husky');
|
|
194
|
+
const huskyUnderscoreDir = path.join(huskyDir, '_');
|
|
195
|
+
if (!fs.existsSync(huskyDir)) {
|
|
196
|
+
fs.mkdirSync(huskyDir, { recursive: true });
|
|
197
|
+
}
|
|
198
|
+
if (!fs.existsSync(huskyUnderscoreDir)) {
|
|
199
|
+
fs.mkdirSync(huskyUnderscoreDir, { recursive: true });
|
|
200
|
+
}
|
|
201
|
+
// Create husky.sh
|
|
202
|
+
const huskyShContent = `#!/usr/bin/env sh
|
|
203
|
+
if [ -z "$husky_skip_init" ]; then
|
|
204
|
+
debug () {
|
|
205
|
+
if [ "$HUSKY_DEBUG" = "1" ]; then
|
|
206
|
+
echo "husky (debug) - $1"
|
|
207
|
+
fi
|
|
208
|
+
}
|
|
209
|
+
|
|
210
|
+
readonly hook_name="$(basename -- "$0")"
|
|
211
|
+
debug "starting $hook_name..."
|
|
212
|
+
|
|
213
|
+
if [ "$HUSKY" = "0" ]; then
|
|
214
|
+
debug "HUSKY env variable is set to 0, skipping hook"
|
|
215
|
+
exit 0
|
|
216
|
+
fi
|
|
217
|
+
|
|
218
|
+
if [ -f ~/.huskyrc ]; then
|
|
219
|
+
debug "sourcing ~/.huskyrc"
|
|
220
|
+
. ~/.huskyrc
|
|
221
|
+
fi
|
|
222
|
+
|
|
223
|
+
readonly husky_skip_init=1
|
|
224
|
+
export husky_skip_init
|
|
225
|
+
sh -e "$0" "$@"
|
|
226
|
+
exitCode="$?"
|
|
227
|
+
|
|
228
|
+
if [ $exitCode != 0 ]; then
|
|
229
|
+
echo "husky - $hook_name hook exited with code $exitCode (error)"
|
|
230
|
+
fi
|
|
231
|
+
|
|
232
|
+
if [ $exitCode = 127 ]; then
|
|
233
|
+
echo "husky - command not found in PATH=$PATH"
|
|
234
|
+
fi
|
|
235
|
+
|
|
236
|
+
exit $exitCode
|
|
237
|
+
fi
|
|
238
|
+
`;
|
|
239
|
+
fs.writeFileSync(path.join(huskyUnderscoreDir, 'husky.sh'), huskyShContent);
|
|
240
|
+
fs.chmodSync(path.join(huskyUnderscoreDir, 'husky.sh'), '755');
|
|
241
|
+
}
|
|
242
|
+
// Create pre-commit hook
|
|
243
|
+
const preCommitHook = `#!/usr/bin/env sh
|
|
244
|
+
# ============================================================================
|
|
245
|
+
# Husky pre-commit hook
|
|
246
|
+
# ============================================================================
|
|
247
|
+
#
|
|
248
|
+
# This hook runs automatically before every commit. It:
|
|
249
|
+
# 1. Executes the Code Guardian pre-commit checks
|
|
250
|
+
# 2. Blocks the commit if errors are found
|
|
251
|
+
#
|
|
252
|
+
# Bypass methods:
|
|
253
|
+
# - Add #bypass-rules to your commit message
|
|
254
|
+
# - Run: BYPASS_RULES=true git commit -m "message"
|
|
255
|
+
#
|
|
256
|
+
# To skip this hook entirely (git native):
|
|
257
|
+
# git commit --no-verify
|
|
258
|
+
# ============================================================================
|
|
259
|
+
|
|
260
|
+
. "$(dirname -- "$0")/_/husky.sh"
|
|
261
|
+
|
|
262
|
+
echo "š”ļø Running Code Guardian pre-commit checks..."
|
|
263
|
+
|
|
264
|
+
# Run the TypeScript pre-commit check script via npm
|
|
265
|
+
npm run precommit-check
|
|
266
|
+
|
|
267
|
+
# Exit with the same code as the check script
|
|
268
|
+
# (0 = pass, 1 = blocked)
|
|
269
|
+
exit $?
|
|
270
|
+
`;
|
|
271
|
+
const huskyDir = path.join(cwd, '.husky');
|
|
272
|
+
const preCommitPath = path.join(huskyDir, 'pre-commit');
|
|
273
|
+
fs.writeFileSync(preCommitPath, preCommitHook);
|
|
274
|
+
fs.chmodSync(preCommitPath, '755');
|
|
275
|
+
console.log(' ā Created .husky/pre-commit hook');
|
|
181
276
|
console.log(' ā Husky configured');
|
|
182
277
|
}
|
|
183
278
|
catch (error) {
|
|
184
|
-
console.warn(' ā ļø Husky setup failed
|
|
279
|
+
console.warn(' ā ļø Husky setup failed:', error.message);
|
|
280
|
+
console.warn(' You may need to set it up manually:');
|
|
281
|
+
console.warn(' 1. Run: npx husky init');
|
|
282
|
+
console.warn(' 2. Create .husky/pre-commit with the hook content');
|
|
185
283
|
}
|
|
186
284
|
console.log('\nā
Code Guardian initialized successfully!\n');
|
|
285
|
+
// Security warning
|
|
286
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā');
|
|
287
|
+
console.log('ā š SECURITY SETUP REQUIRED š ā');
|
|
288
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā\n');
|
|
289
|
+
console.log('ā ļø CRITICAL: Change default passwords immediately!\n');
|
|
290
|
+
console.log('Default passwords are publicly known. Anyone can bypass checks!\n');
|
|
291
|
+
console.log('Required commands:');
|
|
292
|
+
console.log(' 1. npm run set-bypass-password');
|
|
293
|
+
console.log(' 2. npm run set-admin-password\n');
|
|
294
|
+
console.log('š For security details, see: SECURITY.md\n');
|
|
295
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā\n');
|
|
187
296
|
console.log('Next steps:');
|
|
188
|
-
console.log('
|
|
189
|
-
console.log('
|
|
190
|
-
console.log('
|
|
191
|
-
console.log('
|
|
297
|
+
console.log(' 3. Review config files in ./config/');
|
|
298
|
+
console.log(' 4. Customize rules for your team');
|
|
299
|
+
console.log(' 5. Make a commit to test the pre-commit hook');
|
|
300
|
+
console.log(' 6. Run "npm run generate-doc -- --name=test --type=ui"\n');
|
|
192
301
|
}
|
|
193
302
|
/**
|
|
194
303
|
* Run pre-commit checks manually.
|
package/dist/scripts/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../scripts/cli.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;;;GAaG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,iDAAyC;AAEzC,MAAM,OAAO,GAAG,OAAO,CAAC;AAExB,+EAA+E;AAE/E,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;AAExB,+EAA+E;AAE/E,SAAS,QAAQ;IACf,OAAO,CAAC,GAAG,CAAC;sBACQ,OAAO;;;;;;;;;;;;;;;;;;;;GAoB1B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,CAAC,GAAG,CAAC,kBAAkB,OAAO,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW;IAClB,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IAEpD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAC1B,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IAEvD,+BAA+B;IAC/B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;QACpC,OAAO,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;QACtE,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC7D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,4EAA4E;IAC5E,qEAAqE;IACrE,6DAA6D;IAC7D,yEAAyE;IACzE,mFAAmF;IACnF,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAQ,uBAAuB;IAC1E,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,kBAAkB;IAEvE,MAAM,gBAAgB,GAAG;QACvB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC;QAC5B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC;KAChC,CAAC;IAEF,MAAM,kBAAkB,GAAG;QACzB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC;QAC/B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC;KACnC,CAAC;IAEF,oBAAoB;IACpB,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAC3C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9B,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,WAAW,GAAG,CAAC,sBAAsB,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,kBAAkB,CAAC,CAAC;IACzG,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,mEAAmE;QACnE,IAAI,GAAG,GAAkB,IAAI,CAAC;QAC9B,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;YACnC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACvC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC7B,GAAG,GAAG,SAAS,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,IAAI,GAAG,EAAE,CAAC;YACR,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,iBAAiB;IACjB,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;IACvD,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IACjD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,aAAa,GAAG,CAAC,mBAAmB,EAAE,oBAAoB,EAAE,wBAAwB,CAAC,CAAC;IAC5F,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;QACjC,IAAI,GAAG,GAAkB,IAAI,CAAC;QAC9B,KAAK,MAAM,GAAG,IAAI,kBAAkB,EAAE,CAAC;YACrC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACvC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC7B,GAAG,GAAG,SAAS,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;QAC3C,IAAI,GAAG,EAAE,CAAC;YACR,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,iCAAiC;IACjC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;IACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC3C,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IACtD,CAAC;IAED,8BAA8B;IAC9B,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;IACrD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,CAAC;IAE1E,WAAW,CAAC,OAAO,GAAG,WAAW,CAAC,OAAO,IAAI,EAAE,CAAC;IAChD,WAAW,CAAC,OAAO,CAAC,iBAAiB,CAAC,GAAG,kBAAkB,CAAC;IAC5D,WAAW,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,gBAAgB,CAAC;IACvD,WAAW,CAAC,OAAO,CAAC,uBAAuB,CAAC,GAAG,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../scripts/cli.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;;;GAaG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,iDAAyC;AAEzC,MAAM,OAAO,GAAG,OAAO,CAAC;AAExB,+EAA+E;AAE/E,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;AAExB,+EAA+E;AAE/E,SAAS,QAAQ;IACf,OAAO,CAAC,GAAG,CAAC;sBACQ,OAAO;;;;;;;;;;;;;;;;;;;;GAoB1B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,CAAC,GAAG,CAAC,kBAAkB,OAAO,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW;IAClB,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IAEpD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAC1B,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IAEvD,+BAA+B;IAC/B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;QACpC,OAAO,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;QACtE,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC7D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,4EAA4E;IAC5E,qEAAqE;IACrE,6DAA6D;IAC7D,yEAAyE;IACzE,mFAAmF;IACnF,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAQ,uBAAuB;IAC1E,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,kBAAkB;IAEvE,MAAM,gBAAgB,GAAG;QACvB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC;QAC5B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC;KAChC,CAAC;IAEF,MAAM,kBAAkB,GAAG;QACzB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC;QAC/B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC;KACnC,CAAC;IAEF,oBAAoB;IACpB,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAC3C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9B,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,WAAW,GAAG,CAAC,sBAAsB,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,kBAAkB,CAAC,CAAC;IACzG,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,mEAAmE;QACnE,IAAI,GAAG,GAAkB,IAAI,CAAC;QAC9B,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;YACnC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACvC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC7B,GAAG,GAAG,SAAS,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,IAAI,GAAG,EAAE,CAAC;YACR,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,iBAAiB;IACjB,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;IACvD,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IACjD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,aAAa,GAAG,CAAC,mBAAmB,EAAE,oBAAoB,EAAE,wBAAwB,CAAC,CAAC;IAC5F,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;QACjC,IAAI,GAAG,GAAkB,IAAI,CAAC;QAC9B,KAAK,MAAM,GAAG,IAAI,kBAAkB,EAAE,CAAC;YACrC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACvC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC7B,GAAG,GAAG,SAAS,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;QAC3C,IAAI,GAAG,EAAE,CAAC;YACR,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,iCAAiC;IACjC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;IACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC3C,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IACtD,CAAC;IAED,8BAA8B;IAC9B,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;IACrD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,CAAC;IAE1E,WAAW,CAAC,OAAO,GAAG,WAAW,CAAC,OAAO,IAAI,EAAE,CAAC;IAChD,WAAW,CAAC,OAAO,CAAC,iBAAiB,CAAC,GAAG,kBAAkB,CAAC;IAC5D,WAAW,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,gBAAgB,CAAC;IACvD,WAAW,CAAC,OAAO,CAAC,uBAAuB,CAAC,GAAG,sBAAsB,CAAC;IACtE,WAAW,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC;IAEzC,qFAAqF;IACrF,MAAM,WAAW,GAAG,yBAAyB,CAAC,CAAC,oBAAoB;IACnE,WAAW,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,4BAA4B,WAAW,iCAAiC,CAAC;IACtH,WAAW,CAAC,OAAO,CAAC,oBAAoB,CAAC,GAAG,4BAA4B,WAAW,gCAAgC,CAAC;IACpH,WAAW,CAAC,OAAO,CAAC,oBAAoB,CAAC,GAAG,4BAA4B,WAAW,gCAAgC,CAAC;IACpH,WAAW,CAAC,OAAO,CAAC,iBAAiB,CAAC,GAAG,4BAA4B,WAAW,6BAA6B,CAAC;IAC9G,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,4BAA4B,WAAW,sBAAsB,CAAC;IAEhG,EAAE,CAAC,aAAa,CAAC,eAAe,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC/E,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IAErC,cAAc;IACd,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IACxC,IAAI,CAAC;QACH,+BAA+B;QAC/B,IAAI,CAAC;YACH,IAAA,wBAAQ,EAAC,gBAAgB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACrD,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;YAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC1C,MAAM,kBAAkB,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAEpD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7B,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC9C,CAAC;YAED,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACvC,EAAE,CAAC,SAAS,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACxD,CAAC;YAED,kBAAkB;YAClB,MAAM,cAAc,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAoC5B,CAAC;YACI,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,UAAU,CAAC,EAAE,cAAc,CAAC,CAAC;YAC5E,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,UAAU,CAAC,EAAE,KAAK,CAAC,CAAC;QACjE,CAAC;QAED,yBAAyB;QACzB,MAAM,aAAa,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2BzB,CAAC;QAEE,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC1C,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QACxD,EAAE,CAAC,aAAa,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;QAC/C,EAAE,CAAC,SAAS,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QAEnC,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACtC,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO,CAAC,IAAI,CAAC,2BAA2B,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC5C,OAAO,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;IACzE,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;IAE7D,mBAAmB;IACnB,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;IAC/E,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;IACrE,OAAO,CAAC,GAAG,CAAC,mEAAmE,CAAC,CAAC;IACjF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAClC,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;IACjD,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC3B,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;IAC9D,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;AAC5E,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ;IACf,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,oBAAoB,CAAC,CAAC;IAC9D,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,UAAU,CAAC,CAAC;IACtB,CAAC;SAAM,CAAC;QACN,mCAAmC;QACnC,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,oBAAoB,CAAC,CAAC;QACjF,IAAI,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YAChC,IAAA,wBAAQ,EAAC,eAAe,YAAY,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QAChE,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACjE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,WAAW;IAClB,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAC3D,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAE3C,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC9B,IAAA,wBAAQ,EAAC,QAAQ,UAAU,IAAI,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IACrE,CAAC;SAAM,CAAC;QACN,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,iBAAiB,CAAC,CAAC;QAC9E,IAAI,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YAChC,IAAA,wBAAQ,EAAC,eAAe,YAAY,IAAI,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QAC9E,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;YAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB;IACxB,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,0BAA0B,CAAC,CAAC;IACpE,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAE3C,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC9B,IAAA,wBAAQ,EAAC,QAAQ,UAAU,IAAI,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IACrE,CAAC;SAAM,CAAC;QACN,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,0BAA0B,CAAC,CAAC;QACvF,IAAI,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YAChC,IAAA,wBAAQ,EAAC,eAAe,YAAY,IAAI,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QAC9E,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,uDAAuD,CAAC,CAAC;YACvE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E,QAAQ,OAAO,EAAE,CAAC;IAChB,KAAK,MAAM;QACT,WAAW,EAAE,CAAC;QACd,MAAM;IAER,KAAK,OAAO;QACV,QAAQ,EAAE,CAAC;QACX,MAAM;IAER,KAAK,KAAK;QACR,WAAW,EAAE,CAAC;QACd,MAAM;IAER,KAAK,WAAW;QACd,iBAAiB,EAAE,CAAC;QACpB,MAAM;IAER,KAAK,SAAS,CAAC;IACf,KAAK,WAAW,CAAC;IACjB,KAAK,IAAI;QACP,WAAW,EAAE,CAAC;QACd,MAAM;IAER,KAAK,MAAM,CAAC;IACZ,KAAK,QAAQ,CAAC;IACd,KAAK,IAAI,CAAC;IACV,KAAK,SAAS;QACZ,QAAQ,EAAE,CAAC;QACX,MAAM;IAER;QACE,OAAO,CAAC,KAAK,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACjE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACpB,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* ============================================================================
|
|
4
|
+
* postinstall.ts ā Optional post-install setup
|
|
5
|
+
* ============================================================================
|
|
6
|
+
*
|
|
7
|
+
* This script runs after npm install to provide setup instructions.
|
|
8
|
+
* It does NOT automatically modify the user's project.
|
|
9
|
+
*/
|
|
10
|
+
//# sourceMappingURL=postinstall.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"postinstall.d.ts","sourceRoot":"","sources":["../../scripts/postinstall.ts"],"names":[],"mappings":";AACA;;;;;;;GAOG"}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
"use strict";
|
|
3
|
+
/**
|
|
4
|
+
* ============================================================================
|
|
5
|
+
* postinstall.ts ā Optional post-install setup
|
|
6
|
+
* ============================================================================
|
|
7
|
+
*
|
|
8
|
+
* This script runs after npm install to provide setup instructions.
|
|
9
|
+
* It does NOT automatically modify the user's project.
|
|
10
|
+
*/
|
|
11
|
+
console.log(`
|
|
12
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
13
|
+
ā ā
|
|
14
|
+
ā š”ļø Code Guardian installed successfully! ā
|
|
15
|
+
ā ā
|
|
16
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
17
|
+
|
|
18
|
+
š Quick Start:
|
|
19
|
+
|
|
20
|
+
1. Initialize in your project:
|
|
21
|
+
|
|
22
|
+
npx code-guard init
|
|
23
|
+
|
|
24
|
+
2. This will:
|
|
25
|
+
ā Create .husky/pre-commit hook
|
|
26
|
+
ā Add npm scripts to package.json
|
|
27
|
+
ā Copy config files and templates
|
|
28
|
+
ā Create docs directory
|
|
29
|
+
|
|
30
|
+
3. Test it:
|
|
31
|
+
|
|
32
|
+
git commit -m "test"
|
|
33
|
+
|
|
34
|
+
š Documentation:
|
|
35
|
+
https://github.com/hatem427/code-guard-ci
|
|
36
|
+
|
|
37
|
+
š Need help?
|
|
38
|
+
Run: code-guard help
|
|
39
|
+
|
|
40
|
+
`);
|
|
41
|
+
//# sourceMappingURL=postinstall.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"postinstall.js","sourceRoot":"","sources":["../../scripts/postinstall.ts"],"names":[],"mappings":";;AACA;;;;;;;GAOG;AAEH,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA6BX,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"precommit-check.d.ts","sourceRoot":"","sources":["../../scripts/precommit-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;
|
|
1
|
+
{"version":3,"file":"precommit-check.d.ts","sourceRoot":"","sources":["../../scripts/precommit-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAkBH,OAAO,0BAA0B,CAAC;AAClC,OAAO,wBAAwB,CAAC;AAChC,OAAO,yBAAyB,CAAC"}
|
|
@@ -172,14 +172,19 @@ function runEslint(stagedFiles) {
|
|
|
172
172
|
}
|
|
173
173
|
logger.info(`Running ESLint on ${lintableFiles.length} file(s)...`);
|
|
174
174
|
try {
|
|
175
|
-
|
|
176
|
-
|
|
175
|
+
// Security: Use array args to prevent command injection
|
|
176
|
+
const { spawnSync } = require('child_process');
|
|
177
|
+
const result = spawnSync('npx', ['eslint', ...lintableFiles, '--max-warnings', '0'], {
|
|
177
178
|
stdio: 'inherit',
|
|
178
179
|
encoding: 'utf-8',
|
|
179
|
-
cwd: process.cwd(),
|
|
180
|
+
cwd: process.cwd(),
|
|
180
181
|
});
|
|
181
|
-
|
|
182
|
-
|
|
182
|
+
if (result.status === 0) {
|
|
183
|
+
logger.success('ESLint passed.');
|
|
184
|
+
return true;
|
|
185
|
+
}
|
|
186
|
+
logger.error('ESLint found issues. Fix them before committing.');
|
|
187
|
+
return false;
|
|
183
188
|
}
|
|
184
189
|
catch (error) {
|
|
185
190
|
// Check if ESLint config is missing
|
|
@@ -208,35 +213,47 @@ function runPrettier(stagedFiles) {
|
|
|
208
213
|
}
|
|
209
214
|
logger.info(`Running Prettier on ${formattableFiles.length} file(s)...`);
|
|
210
215
|
try {
|
|
211
|
-
|
|
212
|
-
|
|
216
|
+
// Security: Use array args to prevent command injection
|
|
217
|
+
const { spawnSync } = require('child_process');
|
|
218
|
+
const checkResult = spawnSync('npx', ['prettier', '--check', ...formattableFiles], {
|
|
213
219
|
stdio: 'pipe',
|
|
214
220
|
encoding: 'utf-8',
|
|
215
221
|
});
|
|
216
|
-
|
|
217
|
-
|
|
218
|
-
|
|
219
|
-
|
|
222
|
+
if (checkResult.status === 0) {
|
|
223
|
+
logger.success('Prettier check passed.');
|
|
224
|
+
return true;
|
|
225
|
+
}
|
|
220
226
|
logger.warn('Prettier found formatting issues ā auto-fixing...');
|
|
221
227
|
try {
|
|
222
|
-
const
|
|
223
|
-
(0, child_process_1.execSync)(`npx prettier --write ${fileList}`, {
|
|
228
|
+
const writeResult = spawnSync('npx', ['prettier', '--write', ...formattableFiles], {
|
|
224
229
|
stdio: 'inherit',
|
|
225
230
|
encoding: 'utf-8',
|
|
226
231
|
});
|
|
232
|
+
if (writeResult.status !== 0) {
|
|
233
|
+
logger.error('Prettier auto-fix failed.');
|
|
234
|
+
return false;
|
|
235
|
+
}
|
|
227
236
|
// Re-stage the auto-formatted files
|
|
228
|
-
|
|
237
|
+
const gitResult = spawnSync('git', ['add', ...formattableFiles], {
|
|
229
238
|
stdio: 'inherit',
|
|
230
239
|
encoding: 'utf-8',
|
|
231
240
|
});
|
|
241
|
+
if (gitResult.status !== 0) {
|
|
242
|
+
logger.error('Failed to re-stage auto-formatted files.');
|
|
243
|
+
return false;
|
|
244
|
+
}
|
|
232
245
|
logger.success('Prettier auto-fixed and re-staged files.');
|
|
233
246
|
return true;
|
|
234
247
|
}
|
|
235
|
-
catch {
|
|
248
|
+
catch (error) {
|
|
236
249
|
logger.error('Prettier auto-fix failed.');
|
|
237
250
|
return false;
|
|
238
251
|
}
|
|
239
252
|
}
|
|
253
|
+
catch (error) {
|
|
254
|
+
logger.error('Prettier check failed.');
|
|
255
|
+
return false;
|
|
256
|
+
}
|
|
240
257
|
}
|
|
241
258
|
// āā Feature doc detection āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
242
259
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"precommit-check.js","sourceRoot":"","sources":["../../scripts/precommit-check.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;GAkBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,iDAAyC;AACzC,2CAA6B;AAE7B,+EAA+E;AAE/E,+DAAsE;AACtE,uDAAyF;AACzF,mEAAiE;AACjE,qDAAkF;AAClF,uDAAyC;AACzC,2DAA4E;
|
|
1
|
+
{"version":3,"file":"precommit-check.js","sourceRoot":"","sources":["../../scripts/precommit-check.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;GAkBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,iDAAyC;AACzC,2CAA6B;AAE7B,+EAA+E;AAE/E,+DAAsE;AACtE,uDAAyF;AACzF,mEAAiE;AACjE,qDAAkF;AAClF,uDAAyC;AACzC,2DAA4E;AAE5E,mDAAqC;AAErC,+EAA+E;AAE/E,oCAAkC;AAClC,kCAAgC;AAChC,mCAAiC;AAEjC,+EAA+E;AAE/E,0DAA0D;AAC1D,MAAM,kBAAkB,GAAG,eAAe,CAAC;AAE3C,gDAAgD;AAChD,MAAM,cAAc,GAAG,cAAc,CAAC;AAEtC,gDAAgD;AAChD,MAAM,mBAAmB,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;AAE9E,oDAAoD;AACpD,MAAM,oBAAoB,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;AAE/F,+EAA+E;AAE/E;;GAEG;AACH,SAAS,UAAU,CAAC,QAAgB,EAAE,SAAkB,KAAK;IAC3D,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,EAAE,GAAG,QAAQ,CAAC,eAAe,CAAC;YAClC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,MAAM,EAAE,OAAO,CAAC,MAAM;SACvB,CAAC,CAAC;QAEH,IAAI,MAAM,EAAE,CAAC;YACX,sBAAsB;YACtB,MAAM,KAAK,GAAG,OAAO,CAAC,KAAY,CAAC;YACnC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;YAEvB,IAAI,QAAQ,GAAG,EAAE,CAAC;YAClB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAE/B,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;gBAChC,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;gBAEnC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;oBACrD,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;oBACxB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBAC3B,EAAE,CAAC,KAAK,EAAE,CAAC;oBACX,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACpB,CAAC;qBAAM,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;oBAC5B,SAAS;oBACT,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAClB,CAAC;qBAAM,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;oBAC5C,YAAY;oBACZ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBACxB,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;wBACjC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;oBAChC,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,QAAQ,IAAI,GAAG,CAAC;oBAChB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC5B,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC/B,EAAE,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,MAAM,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,YAAY,CAAC,aAAqB;IAC/C,gEAAgE;IAChE,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,WAAW,EAAE,KAAK,MAAM,EAAE,CAAC;QAC1D,6DAA6D;QAC7D,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,YAAY,IAAI,2CAA2C,CAAC;QAC3E,IAAA,6BAAY,EAAC,MAAM,EAAE,aAAa,EAAE,cAAc,CAAC,CAAC;QACpD,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,wBAAwB,cAAc,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC;IAC3G,CAAC;IAED,gDAAgD;IAChD,IAAI,aAAa,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;QAC/C,MAAM,CAAC,IAAI,CAAC,4CAA4C,kBAAkB,GAAG,CAAC,CAAC;QAC/E,MAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;QAEnD,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,4BAA4B,EAAE,IAAI,CAAC,CAAC;QAEtE,IAAI,IAAA,qCAAoB,EAAC,QAAQ,CAAC,EAAE,CAAC;YACnC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YACjE,IAAA,6BAAY,EAAC,MAAM,IAAI,oBAAoB,EAAE,aAAa,EAAE,gBAAgB,CAAC,CAAC;YAC9E,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,4BAA4B,kBAAkB,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;QACjI,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;YACnD,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;QACnE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;AACnE,CAAC;AAED,+EAA+E;AAE/E;;GAEG;AACH,SAAS,SAAS,CAAC,WAAqB;IACtC,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAC/C,OAAO,mBAAmB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,MAAM,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,qBAAqB,aAAa,CAAC,MAAM,aAAa,CAAC,CAAC;IAEpE,IAAI,CAAC;QACH,wDAAwD;QACxD,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;QAC/C,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,GAAG,aAAa,EAAE,gBAAgB,EAAE,GAAG,CAAC,EAAE;YACnF,KAAK,EAAE,SAAS;YAChB,QAAQ,EAAE,OAAO;YACjB,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;YACjC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO,KAAK,CAAC;IACf,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,oCAAoC;QACpC,IAAI,KAAK,CAAC,MAAM,EAAE,QAAQ,CAAC,eAAe,CAAC,IAAI,KAAK,CAAC,MAAM,EAAE,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;YACvF,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;YACtE,MAAM,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;YACpF,OAAO,IAAI,CAAC,CAAC,iDAAiD;QAChE,CAAC;QACD,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E;;;GAGG;AACH,SAAS,WAAW,CAAC,WAAqB;IACxC,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAChD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAC/C,OAAO,mBAAmB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;QAC9D,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,uBAAuB,gBAAgB,CAAC,MAAM,aAAa,CAAC,CAAC;IAEzE,IAAI,CAAC;QACH,wDAAwD;QACxD,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;QAC/C,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,GAAG,gBAAgB,CAAC,EAAE;YACjF,KAAK,EAAE,MAAM;YACb,QAAQ,EAAE,OAAO;SAClB,CAAC,CAAC;QAEH,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QAEjE,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,GAAG,gBAAgB,CAAC,EAAE;gBACjF,KAAK,EAAE,SAAS;gBAChB,QAAQ,EAAE,OAAO;aAClB,CAAC,CAAC;YAEH,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC7B,MAAM,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;gBAC1C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,oCAAoC;YACpC,MAAM,SAAS,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,GAAG,gBAAgB,CAAC,EAAE;gBAC/D,KAAK,EAAE,SAAS;gBAChB,QAAQ,EAAE,OAAO;aAClB,CAAC,CAAC;YAEH,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC3B,MAAM,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;gBACzD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,CAAC,OAAO,CAAC,0CAA0C,CAAC,CAAC;YAC3D,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC1C,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QACvC,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E;;;GAGG;AACH,SAAS,wBAAwB;IAC/B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,iCAAiC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAEzF,IAAI,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAChE,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,mBAAmB,EAAE,EAAE,CAAC,CAAC;YAC5D,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,EAAE,GAAG,WAAW,KAAK,CAAC,CAAC;YAEnE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;YACzB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5B,MAAM,CAAC,IAAI,CACT,6BAA6B,MAAM,KAAK;oBACxC,gCAAgC,OAAO,IAAI;oBAC3C,6CAA6C,WAAW,aAAa,CACtE,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,iCAAiC;IACnC,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E,KAAK,UAAU,IAAI;IACjB,MAAM,CAAC,MAAM,CAAC,uCAAuC,CAAC,CAAC;IAEvD,2BAA2B;IAC3B,MAAM,aAAa,GAAG,IAAA,+BAAgB,GAAE,CAAC;IAEzC,2BAA2B;IAC3B,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,aAAa,CAAC,CAAC;IACjD,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACpB,MAAM,CAAC,IAAI,CAAC,oBAAoB,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QACjD,MAAM,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;QACrE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,8BAA8B;IAC9B,MAAM,OAAO,GAAG,IAAA,gCAAa,GAAE,CAAC;IAChC,MAAM,CAAC,IAAI,CAAC,qBAAqB,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;IAElD,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC/B,MAAM,CAAC,IAAI,CACT,qEAAqE;YACrE,mFAAmF,CACpF,CAAC;IACJ,CAAC;IAED,2BAA2B;IAC3B,MAAM,WAAW,GAAG,IAAA,6BAAc,GAAE,CAAC;IACrC,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,SAAS,WAAW,CAAC,MAAM,kBAAkB,CAAC,CAAC;IAE3D,6BAA6B;IAC7B,MAAM,KAAK,GAAG,IAAA,8BAAe,EAAC,oBAAoB,CAAC,CAAC;IACpD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;IACvE,CAAC;IAED,iCAAiC;IACjC,IAAI,MAAM,GAAqB;QAC7B,UAAU,EAAE,EAAE;QACd,UAAU,EAAE,CAAC;QACb,YAAY,EAAE,CAAC;QACf,SAAS,EAAE,CAAC;QACZ,YAAY,EAAE,CAAC;QACf,aAAa,EAAE,CAAC;QAChB,QAAQ,EAAE,KAAK;KAChB,CAAC;IAEF,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,MAAM,KAAK,GAAG,IAAA,sCAAkB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,CAAC,IAAI,CAAC,UAAU,KAAK,CAAC,MAAM,gBAAgB,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC;QAEpE,MAAM,GAAG,IAAA,0BAAY,EAAC,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QAC1C,IAAA,yBAAW,EAAC,MAAM,CAAC,CAAC;IACtB,CAAC;IAED,qBAAqB;IACrB,MAAM,YAAY,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IAE5C,uCAAuC;IACvC,MAAM,cAAc,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC;IAEhD,iCAAiC;IACjC,wBAAwB,EAAE,CAAC;IAE3B,wBAAwB;IACxB,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,IAAI,MAAM,CAAC,UAAU,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;QAC3C,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,MAAM,CAAC,GAAG,CAAC,qBAAqB,kBAAkB,8BAA8B,cAAc,OAAO,CAAC,CAAC;QAEvG,mEAAmE;QACnE,0DAA0D;QAC1D,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,MAAM,CAAC,YAAY,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QAC/C,MAAM,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,CAAC,OAAO,CAAC,uCAAuC,CAAC,CAAC;IACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,+EAA+E;AAE/E,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,MAAM,CAAC,KAAK,CAAC,qBAAqB,GAAG,CAAC,OAAO,IAAI,GAAG,EAAE,CAAC,CAAC;IACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* ============================================================================
|
|
4
|
+
* first-run-check.ts ā Force password change on first use
|
|
5
|
+
* ============================================================================
|
|
6
|
+
*/
|
|
7
|
+
/**
|
|
8
|
+
* Main security check with skip option
|
|
9
|
+
*/
|
|
10
|
+
declare function performSecurityCheck(): boolean;
|
|
11
|
+
export { performSecurityCheck as checkSecurity };
|
|
12
|
+
//# sourceMappingURL=security-check.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"security-check.d.ts","sourceRoot":"","sources":["../../../scripts/utils/security-check.ts"],"names":[],"mappings":";AACA;;;;GAIG;AAiFH;;GAEG;AACH,iBAAS,oBAAoB,IAAI,OAAO,CAQvC;AAGD,OAAO,EAAE,oBAAoB,IAAI,aAAa,EAAE,CAAC"}
|
|
@@ -0,0 +1,126 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
"use strict";
|
|
3
|
+
/**
|
|
4
|
+
* ============================================================================
|
|
5
|
+
* first-run-check.ts ā Force password change on first use
|
|
6
|
+
* ============================================================================
|
|
7
|
+
*/
|
|
8
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
9
|
+
if (k2 === undefined) k2 = k;
|
|
10
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
11
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
12
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
13
|
+
}
|
|
14
|
+
Object.defineProperty(o, k2, desc);
|
|
15
|
+
}) : (function(o, m, k, k2) {
|
|
16
|
+
if (k2 === undefined) k2 = k;
|
|
17
|
+
o[k2] = m[k];
|
|
18
|
+
}));
|
|
19
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
20
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
21
|
+
}) : function(o, v) {
|
|
22
|
+
o["default"] = v;
|
|
23
|
+
});
|
|
24
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
25
|
+
var ownKeys = function(o) {
|
|
26
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
27
|
+
var ar = [];
|
|
28
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
29
|
+
return ar;
|
|
30
|
+
};
|
|
31
|
+
return ownKeys(o);
|
|
32
|
+
};
|
|
33
|
+
return function (mod) {
|
|
34
|
+
if (mod && mod.__esModule) return mod;
|
|
35
|
+
var result = {};
|
|
36
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
37
|
+
__setModuleDefault(result, mod);
|
|
38
|
+
return result;
|
|
39
|
+
};
|
|
40
|
+
})();
|
|
41
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
+
exports.checkSecurity = performSecurityCheck;
|
|
43
|
+
const fs = __importStar(require("fs"));
|
|
44
|
+
const path = __importStar(require("path"));
|
|
45
|
+
const BYPASS_DIR = '.code-guardian';
|
|
46
|
+
const PASSWORD_FILE = 'bypass-password.hash';
|
|
47
|
+
const ADMIN_FILE = 'admin-credentials.hash';
|
|
48
|
+
const SETUP_COMPLETE_FILE = 'setup-complete';
|
|
49
|
+
const DEFAULT_PASSWORD_HASH = '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92';
|
|
50
|
+
const DEFAULT_ADMIN_PASSWORD_HASH = '240be518fabd2724ddb6f04eeb1da5967448d7e831c08c8fa822809f74c720a9';
|
|
51
|
+
function checkSecurity() {
|
|
52
|
+
const dir = path.join(process.cwd(), BYPASS_DIR);
|
|
53
|
+
const setupFile = path.join(dir, SETUP_COMPLETE_FILE);
|
|
54
|
+
// If setup already complete, skip
|
|
55
|
+
if (fs.existsSync(setupFile)) {
|
|
56
|
+
return true;
|
|
57
|
+
}
|
|
58
|
+
const passwordPath = path.join(dir, PASSWORD_FILE);
|
|
59
|
+
const adminPath = path.join(dir, ADMIN_FILE);
|
|
60
|
+
// Check if still using default passwords
|
|
61
|
+
const usingDefaultBypass = !fs.existsSync(passwordPath) ||
|
|
62
|
+
fs.readFileSync(passwordPath, 'utf-8').trim() === DEFAULT_PASSWORD_HASH;
|
|
63
|
+
const usingDefaultAdmin = !fs.existsSync(adminPath) ||
|
|
64
|
+
fs.readFileSync(adminPath, 'utf-8').trim() === DEFAULT_ADMIN_PASSWORD_HASH;
|
|
65
|
+
if (usingDefaultBypass || usingDefaultAdmin) {
|
|
66
|
+
console.error(`
|
|
67
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
68
|
+
ā š CRITICAL SECURITY WARNING š ā
|
|
69
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
70
|
+
|
|
71
|
+
ā ļø You are using DEFAULT PASSWORDS! This is a SECURITY RISK!
|
|
72
|
+
|
|
73
|
+
Default passwords are publicly known and published in the source code:
|
|
74
|
+
- Bypass password: "bypass123"
|
|
75
|
+
- Admin password: "admin123"
|
|
76
|
+
|
|
77
|
+
Anyone who can see your repository can bypass ALL security checks!
|
|
78
|
+
|
|
79
|
+
š REQUIRED ACTIONS (Run both commands):
|
|
80
|
+
|
|
81
|
+
1. Set bypass password:
|
|
82
|
+
npm run set-bypass-password
|
|
83
|
+
|
|
84
|
+
2. Set admin password:
|
|
85
|
+
npm run set-admin-password
|
|
86
|
+
|
|
87
|
+
ā ALL COMMITS ARE BLOCKED until you change these passwords.
|
|
88
|
+
|
|
89
|
+
š” To skip this check temporarily (NOT RECOMMENDED):
|
|
90
|
+
SKIP_SECURITY_CHECK=true git commit -m "message"
|
|
91
|
+
|
|
92
|
+
`);
|
|
93
|
+
return false;
|
|
94
|
+
}
|
|
95
|
+
// Mark setup as complete
|
|
96
|
+
if (!fs.existsSync(dir)) {
|
|
97
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
98
|
+
}
|
|
99
|
+
fs.writeFileSync(setupFile, new Date().toISOString());
|
|
100
|
+
console.log('ā
Security check passed - passwords have been changed from defaults.\n');
|
|
101
|
+
return true;
|
|
102
|
+
}
|
|
103
|
+
/**
|
|
104
|
+
* Allow skipping security check with env var (for emergencies)
|
|
105
|
+
*/
|
|
106
|
+
function shouldSkipSecurityCheck() {
|
|
107
|
+
return process.env.SKIP_SECURITY_CHECK === 'true';
|
|
108
|
+
}
|
|
109
|
+
/**
|
|
110
|
+
* Main security check with skip option
|
|
111
|
+
*/
|
|
112
|
+
function performSecurityCheck() {
|
|
113
|
+
// Allow skip in CI/CD or emergencies
|
|
114
|
+
if (shouldSkipSecurityCheck()) {
|
|
115
|
+
console.warn('ā ļø Security check skipped via SKIP_SECURITY_CHECK env var');
|
|
116
|
+
return true;
|
|
117
|
+
}
|
|
118
|
+
return checkSecurity();
|
|
119
|
+
}
|
|
120
|
+
// Run if called directly
|
|
121
|
+
if (require.main === module) {
|
|
122
|
+
if (!performSecurityCheck()) {
|
|
123
|
+
process.exit(1);
|
|
124
|
+
}
|
|
125
|
+
}
|
|
126
|
+
//# sourceMappingURL=security-check.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"security-check.js","sourceRoot":"","sources":["../../../scripts/utils/security-check.ts"],"names":[],"mappings":";;AACA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+F8B,6CAAa;AA7F9C,uCAAyB;AACzB,2CAA6B;AAE7B,MAAM,UAAU,GAAG,gBAAgB,CAAC;AACpC,MAAM,aAAa,GAAG,sBAAsB,CAAC;AAC7C,MAAM,UAAU,GAAG,wBAAwB,CAAC;AAC5C,MAAM,mBAAmB,GAAG,gBAAgB,CAAC;AAE7C,MAAM,qBAAqB,GAAG,kEAAkE,CAAC;AACjG,MAAM,2BAA2B,GAAG,kEAAkE,CAAC;AAEvG,SAAS,aAAa;IACpB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC;IAEtD,kCAAkC;IAClC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;IAE7C,yCAAyC;IACzC,MAAM,kBAAkB,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC;QACrD,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,qBAAqB,CAAC;IAE1E,MAAM,iBAAiB,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;QACjD,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,2BAA2B,CAAC;IAE7E,IAAI,kBAAkB,IAAI,iBAAiB,EAAE,CAAC;QAC5C,OAAO,CAAC,KAAK,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;CA0BjB,CAAC,CAAC;QACC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,yBAAyB;IACzB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC;IACD,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;IAEtD,OAAO,CAAC,GAAG,CAAC,wEAAwE,CAAC,CAAC;IAEtF,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB;IAC9B,OAAO,OAAO,CAAC,GAAG,CAAC,mBAAmB,KAAK,MAAM,CAAC;AACpD,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB;IAC3B,qCAAqC;IACrC,IAAI,uBAAuB,EAAE,EAAE,CAAC;QAC9B,OAAO,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;QAC3E,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,aAAa,EAAE,CAAC;AACzB,CAAC;AAKD,yBAAyB;AACzB,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;IAC5B,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC;QAC5B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@hatem427/code-guard-ci",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.6",
|
|
4
4
|
"description": "Production-ready TypeScript tooling to enforce PR & coding guidelines for Angular, React, and NextJS projects.",
|
|
5
5
|
"private": false,
|
|
6
6
|
"main": "dist/scripts/cli.js",
|
|
@@ -70,5 +70,129 @@
|
|
|
70
70
|
},
|
|
71
71
|
"engines": {
|
|
72
72
|
"node": ">=18.0.0"
|
|
73
|
+
},
|
|
74
|
+
"directories": {
|
|
75
|
+
"doc": "docs"
|
|
76
|
+
},
|
|
77
|
+
"dependencies": {
|
|
78
|
+
"acorn": "^8.15.0",
|
|
79
|
+
"acorn-jsx": "^5.3.2",
|
|
80
|
+
"acorn-walk": "^8.3.4",
|
|
81
|
+
"ajv": "^6.12.6",
|
|
82
|
+
"ansi-regex": "^5.0.1",
|
|
83
|
+
"ansi-styles": "^4.3.0",
|
|
84
|
+
"arg": "^4.1.3",
|
|
85
|
+
"argparse": "^2.0.1",
|
|
86
|
+
"balanced-match": "^1.0.2",
|
|
87
|
+
"brace-expansion": "^1.1.12",
|
|
88
|
+
"braces": "^3.0.3",
|
|
89
|
+
"callsites": "^3.1.0",
|
|
90
|
+
"code-block-writer": "^12.0.0",
|
|
91
|
+
"color-convert": "^2.0.1",
|
|
92
|
+
"color-name": "^1.1.4",
|
|
93
|
+
"concat-map": "^0.0.1",
|
|
94
|
+
"create-require": "^1.1.1",
|
|
95
|
+
"cross-spawn": "^7.0.6",
|
|
96
|
+
"debug": "^4.4.3",
|
|
97
|
+
"deep-is": "^0.1.4",
|
|
98
|
+
"diff": "^4.0.4",
|
|
99
|
+
"doctrine": "^3.0.0",
|
|
100
|
+
"eastasianwidth": "^0.2.0",
|
|
101
|
+
"emoji-regex": "^9.2.2",
|
|
102
|
+
"escape-string-regexp": "^4.0.0",
|
|
103
|
+
"eslint-scope": "^7.2.2",
|
|
104
|
+
"eslint-visitor-keys": "^3.4.3",
|
|
105
|
+
"espree": "^9.6.1",
|
|
106
|
+
"esquery": "^1.7.0",
|
|
107
|
+
"esrecurse": "^4.3.0",
|
|
108
|
+
"estraverse": "^5.3.0",
|
|
109
|
+
"esutils": "^2.0.3",
|
|
110
|
+
"fast-deep-equal": "^3.1.3",
|
|
111
|
+
"fast-glob": "^3.3.3",
|
|
112
|
+
"fast-json-stable-stringify": "^2.1.0",
|
|
113
|
+
"fast-levenshtein": "^2.0.6",
|
|
114
|
+
"fastq": "^1.20.1",
|
|
115
|
+
"file-entry-cache": "^6.0.1",
|
|
116
|
+
"fill-range": "^7.1.1",
|
|
117
|
+
"find-up": "^5.0.0",
|
|
118
|
+
"flat-cache": "^3.2.0",
|
|
119
|
+
"flatted": "^3.3.3",
|
|
120
|
+
"foreground-child": "^3.3.1",
|
|
121
|
+
"fs.realpath": "^1.0.0",
|
|
122
|
+
"glob-parent": "^6.0.2",
|
|
123
|
+
"globals": "^13.24.0",
|
|
124
|
+
"graphemer": "^1.4.0",
|
|
125
|
+
"has-flag": "^4.0.0",
|
|
126
|
+
"ignore": "^5.3.2",
|
|
127
|
+
"import-fresh": "^3.3.1",
|
|
128
|
+
"imurmurhash": "^0.1.4",
|
|
129
|
+
"inflight": "^1.0.6",
|
|
130
|
+
"inherits": "^2.0.4",
|
|
131
|
+
"is-extglob": "^2.1.1",
|
|
132
|
+
"is-fullwidth-code-point": "^3.0.0",
|
|
133
|
+
"is-glob": "^4.0.3",
|
|
134
|
+
"is-number": "^7.0.0",
|
|
135
|
+
"is-path-inside": "^3.0.3",
|
|
136
|
+
"isexe": "^2.0.0",
|
|
137
|
+
"jackspeak": "^3.4.3",
|
|
138
|
+
"js-yaml": "^4.1.1",
|
|
139
|
+
"json-buffer": "^3.0.1",
|
|
140
|
+
"json-schema-traverse": "^0.4.1",
|
|
141
|
+
"json-stable-stringify-without-jsonify": "^1.0.1",
|
|
142
|
+
"keyv": "^4.5.4",
|
|
143
|
+
"levn": "^0.4.1",
|
|
144
|
+
"locate-path": "^6.0.0",
|
|
145
|
+
"lodash.merge": "^4.6.2",
|
|
146
|
+
"lru-cache": "^10.4.3",
|
|
147
|
+
"make-error": "^1.3.6",
|
|
148
|
+
"merge2": "^1.4.1",
|
|
149
|
+
"micromatch": "^4.0.8",
|
|
150
|
+
"minimatch": "^3.1.2",
|
|
151
|
+
"minipass": "^7.1.2",
|
|
152
|
+
"mkdirp": "^3.0.1",
|
|
153
|
+
"ms": "^2.1.3",
|
|
154
|
+
"natural-compare": "^1.4.0",
|
|
155
|
+
"once": "^1.4.0",
|
|
156
|
+
"optionator": "^0.9.4",
|
|
157
|
+
"p-limit": "^3.1.0",
|
|
158
|
+
"p-locate": "^5.0.0",
|
|
159
|
+
"package-json-from-dist": "^1.0.1",
|
|
160
|
+
"parent-module": "^1.0.1",
|
|
161
|
+
"path-browserify": "^1.0.1",
|
|
162
|
+
"path-exists": "^4.0.0",
|
|
163
|
+
"path-is-absolute": "^1.0.1",
|
|
164
|
+
"path-key": "^3.1.1",
|
|
165
|
+
"path-scurry": "^1.11.1",
|
|
166
|
+
"picomatch": "^2.3.1",
|
|
167
|
+
"prelude-ls": "^1.2.1",
|
|
168
|
+
"punycode": "^2.3.1",
|
|
169
|
+
"queue-microtask": "^1.2.3",
|
|
170
|
+
"resolve-from": "^4.0.0",
|
|
171
|
+
"reusify": "^1.1.0",
|
|
172
|
+
"rimraf": "^3.0.2",
|
|
173
|
+
"run-parallel": "^1.2.0",
|
|
174
|
+
"shebang-command": "^2.0.0",
|
|
175
|
+
"shebang-regex": "^3.0.0",
|
|
176
|
+
"signal-exit": "^4.1.0",
|
|
177
|
+
"string-width": "^5.1.2",
|
|
178
|
+
"string-width-cjs": "^4.2.3",
|
|
179
|
+
"strip-ansi": "^6.0.1",
|
|
180
|
+
"strip-ansi-cjs": "^6.0.1",
|
|
181
|
+
"strip-json-comments": "^3.1.1",
|
|
182
|
+
"supports-color": "^7.2.0",
|
|
183
|
+
"text-table": "^0.2.0",
|
|
184
|
+
"to-regex-range": "^5.0.1",
|
|
185
|
+
"type-check": "^0.4.0",
|
|
186
|
+
"type-fest": "^0.20.2",
|
|
187
|
+
"undici-types": "^6.21.0",
|
|
188
|
+
"uri-js": "^4.4.1",
|
|
189
|
+
"v8-compile-cache-lib": "^3.0.1",
|
|
190
|
+
"which": "^2.0.2",
|
|
191
|
+
"word-wrap": "^1.2.5",
|
|
192
|
+
"wrap-ansi": "^8.1.0",
|
|
193
|
+
"wrap-ansi-cjs": "^7.0.0",
|
|
194
|
+
"wrappy": "^1.0.2",
|
|
195
|
+
"yn": "^3.1.1",
|
|
196
|
+
"yocto-queue": "^0.1.0"
|
|
73
197
|
}
|
|
74
198
|
}
|
package/scripts/cli.ts
CHANGED
|
@@ -158,6 +158,15 @@ function initProject(): void {
|
|
|
158
158
|
packageJson.scripts['precommit-check'] = 'code-guard check';
|
|
159
159
|
packageJson.scripts['generate-doc'] = 'code-guard doc';
|
|
160
160
|
packageJson.scripts['generate-pr-checklist'] = 'code-guard checklist';
|
|
161
|
+
packageJson.scripts['prepare'] = 'husky';
|
|
162
|
+
|
|
163
|
+
// Add optional scripts (they'll use ts-node if code-guard commands aren't available)
|
|
164
|
+
const packageName = '@hatem427/code-guard-ci'; // Your package name
|
|
165
|
+
packageJson.scripts['set-bypass-password'] = `npx ts-node node_modules/${packageName}/scripts/set-bypass-password.ts`;
|
|
166
|
+
packageJson.scripts['set-admin-password'] = `npx ts-node node_modules/${packageName}/scripts/set-admin-password.ts`;
|
|
167
|
+
packageJson.scripts['delete-bypass-logs'] = `npx ts-node node_modules/${packageName}/scripts/delete-bypass-logs.ts`;
|
|
168
|
+
packageJson.scripts['view-bypass-log'] = `npx ts-node node_modules/${packageName}/scripts/view-bypass-log.ts`;
|
|
169
|
+
packageJson.scripts['auto-fix'] = `npx ts-node node_modules/${packageName}/scripts/auto-fix.ts`;
|
|
161
170
|
|
|
162
171
|
fs.writeFileSync(packageJsonPath, JSON.stringify(packageJson, null, 2) + '\n');
|
|
163
172
|
console.log(' ā Added npm scripts');
|
|
@@ -165,19 +174,126 @@ function initProject(): void {
|
|
|
165
174
|
// Setup Husky
|
|
166
175
|
console.log('\nš¶ Setting up Husky...');
|
|
167
176
|
try {
|
|
168
|
-
|
|
169
|
-
|
|
177
|
+
// First, try modern husky init
|
|
178
|
+
try {
|
|
179
|
+
execSync('npx husky init', { stdio: 'pipe', cwd });
|
|
180
|
+
} catch {
|
|
181
|
+
// Fallback to manual setup
|
|
182
|
+
const huskyDir = path.join(cwd, '.husky');
|
|
183
|
+
const huskyUnderscoreDir = path.join(huskyDir, '_');
|
|
184
|
+
|
|
185
|
+
if (!fs.existsSync(huskyDir)) {
|
|
186
|
+
fs.mkdirSync(huskyDir, { recursive: true });
|
|
187
|
+
}
|
|
188
|
+
|
|
189
|
+
if (!fs.existsSync(huskyUnderscoreDir)) {
|
|
190
|
+
fs.mkdirSync(huskyUnderscoreDir, { recursive: true });
|
|
191
|
+
}
|
|
192
|
+
|
|
193
|
+
// Create husky.sh
|
|
194
|
+
const huskyShContent = `#!/usr/bin/env sh
|
|
195
|
+
if [ -z "$husky_skip_init" ]; then
|
|
196
|
+
debug () {
|
|
197
|
+
if [ "$HUSKY_DEBUG" = "1" ]; then
|
|
198
|
+
echo "husky (debug) - $1"
|
|
199
|
+
fi
|
|
200
|
+
}
|
|
201
|
+
|
|
202
|
+
readonly hook_name="$(basename -- "$0")"
|
|
203
|
+
debug "starting $hook_name..."
|
|
204
|
+
|
|
205
|
+
if [ "$HUSKY" = "0" ]; then
|
|
206
|
+
debug "HUSKY env variable is set to 0, skipping hook"
|
|
207
|
+
exit 0
|
|
208
|
+
fi
|
|
209
|
+
|
|
210
|
+
if [ -f ~/.huskyrc ]; then
|
|
211
|
+
debug "sourcing ~/.huskyrc"
|
|
212
|
+
. ~/.huskyrc
|
|
213
|
+
fi
|
|
214
|
+
|
|
215
|
+
readonly husky_skip_init=1
|
|
216
|
+
export husky_skip_init
|
|
217
|
+
sh -e "$0" "$@"
|
|
218
|
+
exitCode="$?"
|
|
219
|
+
|
|
220
|
+
if [ $exitCode != 0 ]; then
|
|
221
|
+
echo "husky - $hook_name hook exited with code $exitCode (error)"
|
|
222
|
+
fi
|
|
223
|
+
|
|
224
|
+
if [ $exitCode = 127 ]; then
|
|
225
|
+
echo "husky - command not found in PATH=$PATH"
|
|
226
|
+
fi
|
|
227
|
+
|
|
228
|
+
exit $exitCode
|
|
229
|
+
fi
|
|
230
|
+
`;
|
|
231
|
+
fs.writeFileSync(path.join(huskyUnderscoreDir, 'husky.sh'), huskyShContent);
|
|
232
|
+
fs.chmodSync(path.join(huskyUnderscoreDir, 'husky.sh'), '755');
|
|
233
|
+
}
|
|
234
|
+
|
|
235
|
+
// Create pre-commit hook
|
|
236
|
+
const preCommitHook = `#!/usr/bin/env sh
|
|
237
|
+
# ============================================================================
|
|
238
|
+
# Husky pre-commit hook
|
|
239
|
+
# ============================================================================
|
|
240
|
+
#
|
|
241
|
+
# This hook runs automatically before every commit. It:
|
|
242
|
+
# 1. Executes the Code Guardian pre-commit checks
|
|
243
|
+
# 2. Blocks the commit if errors are found
|
|
244
|
+
#
|
|
245
|
+
# Bypass methods:
|
|
246
|
+
# - Add #bypass-rules to your commit message
|
|
247
|
+
# - Run: BYPASS_RULES=true git commit -m "message"
|
|
248
|
+
#
|
|
249
|
+
# To skip this hook entirely (git native):
|
|
250
|
+
# git commit --no-verify
|
|
251
|
+
# ============================================================================
|
|
252
|
+
|
|
253
|
+
. "$(dirname -- "$0")/_/husky.sh"
|
|
254
|
+
|
|
255
|
+
echo "š”ļø Running Code Guardian pre-commit checks..."
|
|
256
|
+
|
|
257
|
+
# Run the TypeScript pre-commit check script via npm
|
|
258
|
+
npm run precommit-check
|
|
259
|
+
|
|
260
|
+
# Exit with the same code as the check script
|
|
261
|
+
# (0 = pass, 1 = blocked)
|
|
262
|
+
exit $?
|
|
263
|
+
`;
|
|
264
|
+
|
|
265
|
+
const huskyDir = path.join(cwd, '.husky');
|
|
266
|
+
const preCommitPath = path.join(huskyDir, 'pre-commit');
|
|
267
|
+
fs.writeFileSync(preCommitPath, preCommitHook);
|
|
268
|
+
fs.chmodSync(preCommitPath, '755');
|
|
269
|
+
|
|
270
|
+
console.log(' ā Created .husky/pre-commit hook');
|
|
170
271
|
console.log(' ā Husky configured');
|
|
171
|
-
} catch (error) {
|
|
172
|
-
console.warn(' ā ļø Husky setup failed
|
|
272
|
+
} catch (error: any) {
|
|
273
|
+
console.warn(' ā ļø Husky setup failed:', error.message);
|
|
274
|
+
console.warn(' You may need to set it up manually:');
|
|
275
|
+
console.warn(' 1. Run: npx husky init');
|
|
276
|
+
console.warn(' 2. Create .husky/pre-commit with the hook content');
|
|
173
277
|
}
|
|
174
278
|
|
|
175
279
|
console.log('\nā
Code Guardian initialized successfully!\n');
|
|
280
|
+
|
|
281
|
+
// Security warning
|
|
282
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā');
|
|
283
|
+
console.log('ā š SECURITY SETUP REQUIRED š ā');
|
|
284
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā\n');
|
|
285
|
+
console.log('ā ļø CRITICAL: Change default passwords immediately!\n');
|
|
286
|
+
console.log('Default passwords are publicly known. Anyone can bypass checks!\n');
|
|
287
|
+
console.log('Required commands:');
|
|
288
|
+
console.log(' 1. npm run set-bypass-password');
|
|
289
|
+
console.log(' 2. npm run set-admin-password\n');
|
|
290
|
+
console.log('š For security details, see: SECURITY.md\n');
|
|
291
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā\n');
|
|
176
292
|
console.log('Next steps:');
|
|
177
|
-
console.log('
|
|
178
|
-
console.log('
|
|
179
|
-
console.log('
|
|
180
|
-
console.log('
|
|
293
|
+
console.log(' 3. Review config files in ./config/');
|
|
294
|
+
console.log(' 4. Customize rules for your team');
|
|
295
|
+
console.log(' 5. Make a commit to test the pre-commit hook');
|
|
296
|
+
console.log(' 6. Run "npm run generate-doc -- --name=test --type=ui"\n');
|
|
181
297
|
}
|
|
182
298
|
|
|
183
299
|
/**
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* ============================================================================
|
|
4
|
+
* postinstall.ts ā Optional post-install setup
|
|
5
|
+
* ============================================================================
|
|
6
|
+
*
|
|
7
|
+
* This script runs after npm install to provide setup instructions.
|
|
8
|
+
* It does NOT automatically modify the user's project.
|
|
9
|
+
*/
|
|
10
|
+
|
|
11
|
+
console.log(`
|
|
12
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
13
|
+
ā ā
|
|
14
|
+
ā š”ļø Code Guardian installed successfully! ā
|
|
15
|
+
ā ā
|
|
16
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
17
|
+
|
|
18
|
+
š Quick Start:
|
|
19
|
+
|
|
20
|
+
1. Initialize in your project:
|
|
21
|
+
|
|
22
|
+
npx code-guard init
|
|
23
|
+
|
|
24
|
+
2. This will:
|
|
25
|
+
ā Create .husky/pre-commit hook
|
|
26
|
+
ā Add npm scripts to package.json
|
|
27
|
+
ā Copy config files and templates
|
|
28
|
+
ā Create docs directory
|
|
29
|
+
|
|
30
|
+
3. Test it:
|
|
31
|
+
|
|
32
|
+
git commit -m "test"
|
|
33
|
+
|
|
34
|
+
š Documentation:
|
|
35
|
+
https://github.com/hatem427/code-guard-ci
|
|
36
|
+
|
|
37
|
+
š Need help?
|
|
38
|
+
Run: code-guard help
|
|
39
|
+
|
|
40
|
+
`);
|
|
@@ -29,6 +29,7 @@ import { getRulesForProject } from '../config/guidelines.config';
|
|
|
29
29
|
import { executeRules, printReport, RuleEngineReport } from './utils/rule-engine';
|
|
30
30
|
import * as logger from './utils/logger';
|
|
31
31
|
import { verifyBypassPassword, recordBypass } from './utils/bypass-manager';
|
|
32
|
+
import { checkSecurity } from './utils/security-check';
|
|
32
33
|
import * as readline from 'readline';
|
|
33
34
|
|
|
34
35
|
// āā Load all project-type configs (side-effect: registers rules) āāāāāāāāāāāā
|
|
@@ -158,14 +159,21 @@ function runEslint(stagedFiles: string[]): boolean {
|
|
|
158
159
|
logger.info(`Running ESLint on ${lintableFiles.length} file(s)...`);
|
|
159
160
|
|
|
160
161
|
try {
|
|
161
|
-
|
|
162
|
-
|
|
162
|
+
// Security: Use array args to prevent command injection
|
|
163
|
+
const { spawnSync } = require('child_process');
|
|
164
|
+
const result = spawnSync('npx', ['eslint', ...lintableFiles, '--max-warnings', '0'], {
|
|
163
165
|
stdio: 'inherit',
|
|
164
166
|
encoding: 'utf-8',
|
|
165
|
-
cwd: process.cwd(),
|
|
167
|
+
cwd: process.cwd(),
|
|
166
168
|
});
|
|
167
|
-
|
|
168
|
-
|
|
169
|
+
|
|
170
|
+
if (result.status === 0) {
|
|
171
|
+
logger.success('ESLint passed.');
|
|
172
|
+
return true;
|
|
173
|
+
}
|
|
174
|
+
|
|
175
|
+
logger.error('ESLint found issues. Fix them before committing.');
|
|
176
|
+
return false;
|
|
169
177
|
} catch (error: any) {
|
|
170
178
|
// Check if ESLint config is missing
|
|
171
179
|
if (error.stdout?.includes('eslint.config') || error.stderr?.includes('eslint.config')) {
|
|
@@ -198,35 +206,51 @@ function runPrettier(stagedFiles: string[]): boolean {
|
|
|
198
206
|
logger.info(`Running Prettier on ${formattableFiles.length} file(s)...`);
|
|
199
207
|
|
|
200
208
|
try {
|
|
201
|
-
|
|
202
|
-
|
|
209
|
+
// Security: Use array args to prevent command injection
|
|
210
|
+
const { spawnSync } = require('child_process');
|
|
211
|
+
const checkResult = spawnSync('npx', ['prettier', '--check', ...formattableFiles], {
|
|
203
212
|
stdio: 'pipe',
|
|
204
213
|
encoding: 'utf-8',
|
|
205
214
|
});
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
215
|
+
|
|
216
|
+
if (checkResult.status === 0) {
|
|
217
|
+
logger.success('Prettier check passed.');
|
|
218
|
+
return true;
|
|
219
|
+
}
|
|
220
|
+
|
|
209
221
|
logger.warn('Prettier found formatting issues ā auto-fixing...');
|
|
210
222
|
|
|
211
223
|
try {
|
|
212
|
-
const
|
|
213
|
-
execSync(`npx prettier --write ${fileList}`, {
|
|
224
|
+
const writeResult = spawnSync('npx', ['prettier', '--write', ...formattableFiles], {
|
|
214
225
|
stdio: 'inherit',
|
|
215
226
|
encoding: 'utf-8',
|
|
216
227
|
});
|
|
217
228
|
|
|
229
|
+
if (writeResult.status !== 0) {
|
|
230
|
+
logger.error('Prettier auto-fix failed.');
|
|
231
|
+
return false;
|
|
232
|
+
}
|
|
233
|
+
|
|
218
234
|
// Re-stage the auto-formatted files
|
|
219
|
-
|
|
235
|
+
const gitResult = spawnSync('git', ['add', ...formattableFiles], {
|
|
220
236
|
stdio: 'inherit',
|
|
221
237
|
encoding: 'utf-8',
|
|
222
238
|
});
|
|
223
239
|
|
|
240
|
+
if (gitResult.status !== 0) {
|
|
241
|
+
logger.error('Failed to re-stage auto-formatted files.');
|
|
242
|
+
return false;
|
|
243
|
+
}
|
|
244
|
+
|
|
224
245
|
logger.success('Prettier auto-fixed and re-staged files.');
|
|
225
246
|
return true;
|
|
226
|
-
} catch {
|
|
247
|
+
} catch (error) {
|
|
227
248
|
logger.error('Prettier auto-fix failed.');
|
|
228
249
|
return false;
|
|
229
250
|
}
|
|
251
|
+
} catch (error) {
|
|
252
|
+
logger.error('Prettier check failed.');
|
|
253
|
+
return false;
|
|
230
254
|
}
|
|
231
255
|
}
|
|
232
256
|
|
|
@@ -0,0 +1,108 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* ============================================================================
|
|
4
|
+
* first-run-check.ts ā Force password change on first use
|
|
5
|
+
* ============================================================================
|
|
6
|
+
*/
|
|
7
|
+
|
|
8
|
+
import * as fs from 'fs';
|
|
9
|
+
import * as path from 'path';
|
|
10
|
+
|
|
11
|
+
const BYPASS_DIR = '.code-guardian';
|
|
12
|
+
const PASSWORD_FILE = 'bypass-password.hash';
|
|
13
|
+
const ADMIN_FILE = 'admin-credentials.hash';
|
|
14
|
+
const SETUP_COMPLETE_FILE = 'setup-complete';
|
|
15
|
+
|
|
16
|
+
const DEFAULT_PASSWORD_HASH = '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92';
|
|
17
|
+
const DEFAULT_ADMIN_PASSWORD_HASH = '240be518fabd2724ddb6f04eeb1da5967448d7e831c08c8fa822809f74c720a9';
|
|
18
|
+
|
|
19
|
+
function checkSecurity(): boolean {
|
|
20
|
+
const dir = path.join(process.cwd(), BYPASS_DIR);
|
|
21
|
+
const setupFile = path.join(dir, SETUP_COMPLETE_FILE);
|
|
22
|
+
|
|
23
|
+
// If setup already complete, skip
|
|
24
|
+
if (fs.existsSync(setupFile)) {
|
|
25
|
+
return true;
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
const passwordPath = path.join(dir, PASSWORD_FILE);
|
|
29
|
+
const adminPath = path.join(dir, ADMIN_FILE);
|
|
30
|
+
|
|
31
|
+
// Check if still using default passwords
|
|
32
|
+
const usingDefaultBypass = !fs.existsSync(passwordPath) ||
|
|
33
|
+
fs.readFileSync(passwordPath, 'utf-8').trim() === DEFAULT_PASSWORD_HASH;
|
|
34
|
+
|
|
35
|
+
const usingDefaultAdmin = !fs.existsSync(adminPath) ||
|
|
36
|
+
fs.readFileSync(adminPath, 'utf-8').trim() === DEFAULT_ADMIN_PASSWORD_HASH;
|
|
37
|
+
|
|
38
|
+
if (usingDefaultBypass || usingDefaultAdmin) {
|
|
39
|
+
console.error(`
|
|
40
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
41
|
+
ā š CRITICAL SECURITY WARNING š ā
|
|
42
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
43
|
+
|
|
44
|
+
ā ļø You are using DEFAULT PASSWORDS! This is a SECURITY RISK!
|
|
45
|
+
|
|
46
|
+
Default passwords are publicly known and published in the source code:
|
|
47
|
+
- Bypass password: "bypass123"
|
|
48
|
+
- Admin password: "admin123"
|
|
49
|
+
|
|
50
|
+
Anyone who can see your repository can bypass ALL security checks!
|
|
51
|
+
|
|
52
|
+
š REQUIRED ACTIONS (Run both commands):
|
|
53
|
+
|
|
54
|
+
1. Set bypass password:
|
|
55
|
+
npm run set-bypass-password
|
|
56
|
+
|
|
57
|
+
2. Set admin password:
|
|
58
|
+
npm run set-admin-password
|
|
59
|
+
|
|
60
|
+
ā ALL COMMITS ARE BLOCKED until you change these passwords.
|
|
61
|
+
|
|
62
|
+
š” To skip this check temporarily (NOT RECOMMENDED):
|
|
63
|
+
SKIP_SECURITY_CHECK=true git commit -m "message"
|
|
64
|
+
|
|
65
|
+
`);
|
|
66
|
+
return false;
|
|
67
|
+
}
|
|
68
|
+
|
|
69
|
+
// Mark setup as complete
|
|
70
|
+
if (!fs.existsSync(dir)) {
|
|
71
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
72
|
+
}
|
|
73
|
+
fs.writeFileSync(setupFile, new Date().toISOString());
|
|
74
|
+
|
|
75
|
+
console.log('ā
Security check passed - passwords have been changed from defaults.\n');
|
|
76
|
+
|
|
77
|
+
return true;
|
|
78
|
+
}
|
|
79
|
+
|
|
80
|
+
/**
|
|
81
|
+
* Allow skipping security check with env var (for emergencies)
|
|
82
|
+
*/
|
|
83
|
+
function shouldSkipSecurityCheck(): boolean {
|
|
84
|
+
return process.env.SKIP_SECURITY_CHECK === 'true';
|
|
85
|
+
}
|
|
86
|
+
|
|
87
|
+
/**
|
|
88
|
+
* Main security check with skip option
|
|
89
|
+
*/
|
|
90
|
+
function performSecurityCheck(): boolean {
|
|
91
|
+
// Allow skip in CI/CD or emergencies
|
|
92
|
+
if (shouldSkipSecurityCheck()) {
|
|
93
|
+
console.warn('ā ļø Security check skipped via SKIP_SECURITY_CHECK env var');
|
|
94
|
+
return true;
|
|
95
|
+
}
|
|
96
|
+
|
|
97
|
+
return checkSecurity();
|
|
98
|
+
}
|
|
99
|
+
|
|
100
|
+
// Export for use in precommit-check
|
|
101
|
+
export { performSecurityCheck as checkSecurity };
|
|
102
|
+
|
|
103
|
+
// Run if called directly
|
|
104
|
+
if (require.main === module) {
|
|
105
|
+
if (!performSecurityCheck()) {
|
|
106
|
+
process.exit(1);
|
|
107
|
+
}
|
|
108
|
+
}
|