@hatem427/code-guard-ci 3.5.1 → 3.5.3

package/scripts/utils/file-checker.ts

@@ -10,7 +10,7 @@
 
 import * as fs from 'fs';
 import * as path from 'path';
-import { execSync } from 'child_process';
+import { execSync, spawnSync } from 'child_process';
 
 // ── Types ───────────────────────────────────────────────────────────────────
 
@@ -71,7 +71,6 @@ export function getCommitMessage(): string {
     }
 
     // Fallback: try getting the last commit message (for post-commit uses)
-    const { spawnSync } = require('child_process');
     const r = spawnSync('git', ['log', '-1', '--pretty=%B'], { encoding: 'utf-8' });
     return r.status === 0 ? (r.stdout as string).trim() : '';
   } catch {

package/scripts/utils/report-generator.ts

@@ -12,6 +12,7 @@
 
 import * as fs from 'fs';
 import * as path from 'path';
+import { spawnSync } from 'child_process';
 import { RuleEngineReport, Violation } from './rule-engine';
 import { getSolutionExample } from './solution-examples';
 
@@ -326,7 +327,6 @@ function detectCurrentEditor(): 'cursor' | 'code' | null {
  */
 function openInEditor(filePath: string): void {
   try {
-    const { execSync } = require('child_process');
 
     const currentEditor = detectCurrentEditor();
 
@@ -342,14 +342,12 @@ function openInEditor(filePath: string): void {
             { cmd: 'cursor', args: `"${filePath}"` },
           ];
 
-    const { spawnSync: spawnEditor } = require('child_process');
     for (const editor of editors) {
       try {
-        const which = spawnEditor('which', [editor.cmd], { stdio: 'pipe' });
+        const which = spawnSync('which', [editor.cmd], { stdio: 'pipe' });
         if (which.status !== 0) continue;
-        // Split pre-computed args string into array to avoid shell invocation
         const editorArgs = editor.args.replace(/"/g, '').trim().split(/\s+/).filter(Boolean);
-        spawnEditor(editor.cmd, editorArgs, { stdio: 'pipe' });
+        spawnSync(editor.cmd, editorArgs, { stdio: 'pipe' });
         return;
       } catch {
         // This editor not available, try next
@@ -359,9 +357,9 @@ function openInEditor(filePath: string): void {
     // Fallback: try xdg-open on Linux, open on macOS
     const platform = process.platform;
     if (platform === 'darwin') {
-      spawnEditor('open', [filePath], { stdio: 'pipe' });
+      spawnSync('open', [filePath], { stdio: 'pipe' });
     } else if (platform === 'linux') {
-      spawnEditor('xdg-open', [filePath], { stdio: 'pipe' });
+      spawnSync('xdg-open', [filePath], { stdio: 'pipe' });
     }
     // On Windows: do nothing extra; user will see the path in console
   } catch {

package/scripts/utils/solution-examples.ts

@@ -364,8 +364,8 @@ Add real values to \`.env.local\` (gitignored).
 **Why:** HTTP traffic can be intercepted (man-in-the-middle attacks).
 
 \`\`\`diff
-- fetch('http://api.example.com/data');
-+ fetch('https://api.example.com/data');
+- fetch('http://api.placeholder.test/data');
++ fetch('https://api.placeholder.test/data');
 \`\`\`
 `,