@payal-jat/gitready-ai 1.1.0

package/README.md

@@ -0,0 +1,177 @@
+## 🚀 GitReady AI: The Future of AI-Powered Git Workflow
+
+**Elevate Your Development with Automated Commits, Security, and Dynamic Documentation.**
+
+---
+
+[![Node.js](https://img.shields.io/badge/Node.js-339933?style=for-the-badge&logo=nodedotjs&logoColor=white)](https://nodejs.org/)
+[![Google Gemini](https://img.shields.io/badge/Google_Gemini-4285F4?style=for-the-badge&logo=google-gemini&logoColor=white)](https://ai.google.dev/)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg?style=for-the-badge)](https://opensource.org/licenses/MIT)
+[![GitHub stars](https://img.shields.io/github/stars/your-username/gitready-ai?style=for-the-badge&color=gold)](https://github.com/your-username/gitready-ai/stargazers)
+[![GitHub issues](https://img.shields.io/github/issues/your-username/gitready-ai?style=for-the-badge&color=007ACC)](https://github.com/your-username/gitready-ai/issues)
+
+GitReady AI is a cutting-edge CLI tool that revolutionizes your Git workflow by integrating advanced AI capabilities with best-in-class development practices. It streamlines everything from commit message generation to security checks and even keeps your project's `README.md` dynamically updated, all with a single command. Say goodbye to manual overhead and inconsistent documentation – GitReady AI ensures every commit is professional, secure, and perfectly documented.
+
+---
+
+## ✨ Key Features
+
+GitReady AI comes packed with features designed to boost your productivity and code quality:
+
+*   **🔍 Smart Security Scanner:** Before you commit, GitReady AI automatically scans for unignored sensitive files like `.env` or `node_modules` and alerts you, preventing accidental exposure of critical data and maintaining repository hygiene.
+*   **🤖 AI-Powered Commit Messages:** Leveraging the power of Google Gemini AI, GitReady AI analyzes your staged changes (`git diff`) to generate highly relevant, professional, and Conventional Commit-compliant messages. No more generic "fix" or "update" commits!
+*   **📝 Automated README Updates:** Keeps your project documentation vibrant and current. GitReady AI intelligently identifies significant changes in your code and offers to append a "Latest Updates" summary directly to your `README.md`, reflecting your most recent work.
+*   **💡 Intelligent Fallback System:** If AI services are unreachable or your API key isn't configured, GitReady AI gracefully falls back to a smart, heuristic-based commit message generator, ensuring your workflow is never interrupted.
+*   **💬 Interactive Review & Edit:** The AI-generated commit message is presented for your review. You have the option to accept it as is, or easily edit it before the final commit, giving you complete control.
+*   **⚡ Boosted Developer Productivity:** Consolidate multiple manual steps into one powerful command. GitReady AI handles security, intelligent commit generation, and documentation updates in seconds, allowing you to focus on writing code.
+
+---
+
+## 🛠️ Professional Installation Guide
+
+Getting started with GitReady AI is quick and easy. Follow these steps to set up the CLI tool globally on your system.
+
+### Prerequisites
+
+*   **Node.js**: Ensure you have Node.js (version 16 or higher recommended) installed. You can download it from [nodejs.org](https://nodejs.org/).
+*   **Git**: Git must be installed and configured on your system.
+*   **Google Gemini API Key**: GitReady AI uses Google Gemini for its advanced capabilities.
+    1.  Visit [Google AI Studio](https://aistudio.google.com/) or the [Google Cloud Console](https://console.cloud.google.com/apis/credentials) to create a new API key.
+    2.  Ensure the Generative Language API is enabled for your project.
+
+### Installation Steps
+
+1.  **Clone the Repository:**
+    Start by cloning the GitReady AI repository to your local machine:
+    ```bash
+    git clone https://github.com/your-username/gitready-ai.git
+    cd gitready-ai
+    ```
+
+2.  **Install Dependencies:**
+    Navigate into the cloned directory and install all necessary Node.js packages:
+    ```bash
+    npm install
+    ```
+
+3.  **Configure API Key:**
+    Create a `.env` file in the root of the `gitready-ai` project directory and add your Google Gemini API key:
+    ```env
+    # .env
+    GEMINI_API_KEY=your_google_gemini_api_key_here
+    ```
+    Replace `your_google_gemini_api_key_here` with the actual API key you obtained.
+
+4.  **Link the Tool Globally:**
+    To use `gitready` from any directory in your terminal, link it globally:
+    ```bash
+    npm link
+    ```
+    Now, `gitready` is available as a command-line tool.
+
+---
+
+## 🚀 Usage
+
+Using GitReady AI is incredibly straightforward. Simply stage your changes and run the `gitready` command within your Git repository.
+
+1.  **Stage Your Changes:**
+    As with any Git workflow, first stage the files you want to commit:
+    ```bash
+    git add .
+    ```
+    Or stage specific files:
+    ```bash
+    git add src/new-feature.js README.md
+    ```
+
+2.  **Run GitReady AI:**
+    Execute the tool. It will guide you through the process:
+    ```bash
+    gitready
+    ```
+
+### Workflow at a Glance
+
+When you run `gitready`, here's what happens:
+
+1.  **Repository Check:** Verifies if you are in a valid Git repository and have staged changes.
+2.  **Security Scan:** Performs a quick check for potentially exposed `.env` or `node_modules` files.
+3.  **AI Analysis:** GitReady AI analyzes your staged `git diff` using Google Gemini (or the smart fallback if unavailable).
+4.  **Commit Message Suggestion:** Presents an AI-generated commit message for your review. You can accept it or edit it interactively.
+5.  **README Update Prompt:** Asks if you'd like to update your `README.md` with a summary of the changes. If confirmed, it will update and stage the `README.md`.
+6.  **Final Commit:** Commits your changes with the chosen message.
+
+---
+
+## 🧰 Tech Stack
+
+GitReady AI is built with a robust and modern tech stack to deliver a seamless and powerful user experience.
+
+*   **Runtime:** [![Node.js](https://img.shields.io/badge/Node.js-339933?style=flat-square&logo=nodedotjs&logoColor=white)](https://nodejs.org/)
+    *   The core runtime environment for the CLI application.
+*   **AI Engine:** [![Google Gemini 1.5 Flash](https://img.shields.io/badge/Google_Gemini_1.5_Flash-4285F4?style=flat-square&logo=google-gemini&logoColor=white)](https://ai.google.dev/models/gemini)
+    *   Powers the intelligent commit message generation and analysis. Specifically uses the `gemini-1.5-flash` model for high performance.
+*   **Git Integration:** [![Simple-Git](https://img.shields.io/badge/Simple--Git-F05033?style=flat-square&logo=git&logoColor=white)](https://github.com/steveukx/git-js)
+    *   A lightweight library for running Git commands in a Node.js environment.
+*   **Interactive CLI:** [![Inquirer.js](https://img.shields.io/badge/Inquirer.js-00B2EE?style=flat-square&logo=npm&logoColor=white)](https://github.com/SBoudrias/Inquirer.js)
+    *   Provides a beautiful and intuitive command-line interface with prompts, confirmations, and input fields.
+*   **Terminal Styling:** [![Chalk](https://img.shields.io/badge/Chalk-FF9900?style=flat-square&logo=npm&logoColor=white)](https://github.com/chalk/chalk)
+    *   Enables colorful and styled console output for better readability and user experience.
+*   **Environment Variables:** [![Dotenv](https://img.shields.io/badge/Dotenv-F7DF1E?style=flat-square&logo=npm&logoColor=black)](https://github.com/motdotla/dotenv)
+    *   Manages environment variables securely from a `.env` file.
+*   **CLI Spinners:** [![Ora](https://img.shields.io/badge/Ora-FF4081?style=flat-square&logo=npm&logoColor=white)](https://github.com/sindresorhus/ora)
+    *   Provides elegant loading spinners for a polished command-line user experience (not explicitly shown in diff, but assumed from previous README and typical CLI patterns).
+
+---
+
+## 🏗️ Technical Architecture
+
+GitReady AI is designed with a modular and robust architecture, enabling clear separation of concerns and easy extensibility.
+
+```
+.
+├── bin/
+│   └── index.js            # Main CLI Entry Point & Orchestrator
+├── src/
+│   ├── ai.js               # Google Gemini AI Integration (API Calls, Model Configuration, Retry Logic)
+│   ├── git.js              # Git Operations (Diff, Add, Commit)
+│   ├── readme.js           # README Update Logic (Parsing, Appending, Formatting)
+│   └── utils.js            # Utility functions (e.g., security scan, fallback message generator)
+├── .env.example            # Template for environment variables
+├── package.json            # Project dependencies and scripts
+└── README.md               # Project documentation (this file)
+```
+
+1.  **`bin/index.js` (The Orchestrator):** This is the heart of GitReady AI. It serves as the main entry point for the CLI, orchestrating the entire workflow. It initializes the tool, performs initial checks (Git repository, staged changes), manages the sequence of operations (security scan, AI analysis, interactive prompts, README update, commit), and handles global error catching. It uses `chalk` for terminal output styling and `simple-git` for core Git operations.
+
+2.  **`src/ai.js` (AI Core):** This module encapsulates all interactions with the Google Gemini API. It's responsible for loading the API key, configuring the generative model (`gemini-1.5-flash`), crafting prompts for optimal commit message generation, and handling API calls with robust retry logic to ensure reliability.
+
+3.  **`src/git.js` (Git Operations):** (Implied from usage in `index.js`) This module would abstract all direct interactions with Git, such as getting the staged diff, adding files to the staging area, and executing the final commit. It leverages `simple-git` for these functionalities.
+
+4.  **`src/readme.js` (Documentation Engine):** (Implied from usage in `index.js`) Dedicated to managing README updates. It parses the existing `README.md`, intelligently formats and appends new "Latest Updates" sections based on the code changes, and prepares the file for staging.
+
+5.  **`src/utils.js` (Utilities & Fallback):** (Implied from usage in `index.js`) Contains helper functions, including the logic for the "Smart Security Scan" (checking for `.env`, `node_modules` in `.gitignore`) and the "Smart Fallback Generator" which provides a heuristic-based commit message when the AI service is unavailable.
+
+This architecture ensures a clean, maintainable, and scalable codebase, allowing individual components to be developed and tested independently.
+
+---
+
+## 👨‍💻 Author
+
+GitReady AI was developed with ❤️ by Payal Jat.
+
+---
+
+## 🤝 Contributing
+
+We welcome contributions of all kinds! Whether it's reporting bugs, suggesting new features, improving documentation, or submitting pull requests, your input helps make GitReady AI even better. Please refer to our `CONTRIBUTING.md` (to be created) for detailed guidelines.
+
+---
+
+## 📜 License
+
+This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
+
+---
+*Generated by GitReady AI*

package/bin/index.js

@@ -0,0 +1,28 @@
+#!/usr/bin/env node
+
+import { Command } from 'commander';
+import chalk from 'chalk';
+const program = new Command();
+
+program
+  .name('gitready')
+  .description('AI-powered developer workflow automator')
+  .version('1.1.0');
+
+program
+  .command('commit')
+  .description('Analyze changes and generate AI commit & README update')
+  .action(async () => {
+    const { runCommitFlow } = await import('../src/commands/commit.js');
+    await runCommitFlow();
+  });
+
+program
+  .command('audit')
+  .description('Deep scan the repository for leaked secrets (AWS, JWT, Keys)')
+  .action(async () => {
+    const { runAuditFlow } = await import('../src/commands/audit.js');
+    await runAuditFlow();
+  });
+
+program.parse();

package/package.json

@@ -0,0 +1,25 @@
+{
+  "name": "@payal-jat/gitready-ai",
+  "version": "1.1.0",
+   "publishConfig": {
+    "access": "public"
+  },
+  "description": "Professional AI-powered Git workflow automator",
+  "type": "module",
+  "main": "bin/index.js",
+  "bin": {
+    "gitready": "bin/index.js"
+  },
+  "author": "Payal Jat",
+  "license": "ISC",
+  "dependencies": {
+    "@google/generative-ai": "^0.24.1",
+    "chalk": "^4.1.2",
+    "commander": "^15.0.0",
+    "dotenv": "^17.4.2",
+    "fs-extra": "^11.3.5",
+    "inquirer": "^14.0.2",
+    "openai": "^6.39.1",
+    "simple-git": "^3.36.0"
+  }
+}

package/src/ai.js

@@ -0,0 +1,122 @@
+import { GoogleGenerativeAI } from "@google/generative-ai";
+import dotenv from "dotenv";
+import path from "path";
+import { fileURLToPath } from "url";
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+dotenv.config({ path: path.join(__dirname, "../.env") });
+
+const apiKey = process.env.GEMINI_API_KEY?.trim();
+const genAI = new GoogleGenerativeAI(apiKey || "");
+
+async function generateContent(prompt) {
+    if (!apiKey) return null;
+    const modelsToTry = ["gemini-2.5-flash", "gemini-2.5-pro"];
+
+    for (const modelName of modelsToTry) {
+        try {
+            const model = genAI.getGenerativeModel({ model: modelName });
+            const result = await model.generateContent(prompt);
+            const response = await result.response;
+            const text = response.text().trim();
+            if (text) return text;
+        } catch (error) {
+            continue;
+        }
+    }
+    return null;
+}
+
+export async function getAICommitMessage(diff) {
+    const prompt = `You are an expert software engineer. Analyze this git diff and write a single Git commit message.
+
+STRICT RULES:
+- Format: <type>(<scope>): <short description>
+- Allowed types: feat, fix, refactor, docs, style, test, chore, perf
+- scope = the main file or module changed (e.g., readme, auth, cli, scanner)
+- description: max 72 chars, imperative mood ("add" not "added"), lowercase
+- If changes are complex, add ONE blank line then 2-3 bullet points explaining WHY
+- Be SPECIFIC — mention actual function names, file names, or features changed
+- NO generic phrases like "update files", "fix bug", "make changes"
+
+GOOD examples:
+  feat(cli): add interactive model selection before commit
+  fix(readme): replace appendFile with section-aware changelog update
+  refactor(ai): strengthen prompts with explicit rules and examples
+  docs(readme): add changelog section with dated entries
+
+BAD examples (never do this):
+  update files
+  fix bug
+  changes made
+  minor improvements
+
+Git diff to analyze:
+\`\`\`
+${diff.slice(0, 4000)}
+\`\`\`
+
+Respond with ONLY the commit message. No explanation, no markdown formatting, no quotes.`;
+
+    const result = await generateContent(prompt);
+    return result ? result.replace(/^['"`]+|['"`]+$/g, "").trim() : null;
+}
+
+export async function getAIReadmeSummary(diff) {
+    const prompt = `You are a technical writer updating a project changelog.
+
+Analyze this git diff and write a changelog entry as markdown bullet points.
+
+STRICT RULES:
+- Start every bullet with "- "
+- Be specific: mention actual file names, function names, or feature names
+- Use past tense: "Added", "Fixed", "Removed", "Refactored", "Improved"
+- Max 5 bullets
+- NO generic phrases like "various improvements", "minor fixes", "updated code"
+- If a function was renamed or logic was changed, say exactly what
+
+GOOD example output:
+- Refactored \`readme.js\` to maintain a persistent Changelog section instead of appending duplicates
+- Improved commit message prompt in \`ai.js\` with explicit Conventional Commits rules and examples
+- Added manual fallback input when AI summary generation fails
+- Fixed \`generateContent()\` to return null on empty response instead of throwing
+
+BAD example output:
+- Updated various files
+- Fixed some bugs
+- Made improvements to the codebase
+
+Git diff:
+\`\`\`
+${diff.slice(0, 4000)}
+\`\`\`
+
+Respond with ONLY the bullet points. No heading, no explanation, no intro line.`;
+
+    return await generateContent(prompt);
+}
+
+
+export async function getFullProjectReadme(diff) {
+    const prompt = `
+        You are a World-Class Open Source Maintainer. 
+        Analyze the following code changes and project structure to generate a TOP-TIER README.md.
+        
+        The README MUST include:
+        1. 🚀 A Catchy Project Title and a "High-Impact" Tagline.
+        2. ✨ Key Features (Extract these from the code logic).
+        3. 🛠️ Professional Installation Guide.
+        4. 🚀 Usage instructions with code blocks.
+        5. 🧰 Tech Stack (List the libraries you see in the code).
+        6. 🏗️ Technical Architecture (Explain how the code is organized).
+        7. 👨‍💻 Author section.
+
+        Use professional Markdown, Badges, and Emojis. 
+        Make it look like a repository that has 10k+ stars on GitHub.
+
+        Code Context:
+        ${diff.slice(0, 8000)}
+    `;
+    return await generateContent(prompt);
+}

package/src/commands/audit.js

@@ -0,0 +1,44 @@
+import chalk from 'chalk';
+import fs from 'fs-extra';
+import path from 'path';
+import { deepScan } from '../security/scanner.js';
+
+export async function runAuditFlow() {
+    console.log(chalk.blue.bold('\n Running GitReady Repository Audit...'));
+    
+    let score = 100;
+    const issues = [];
+    const currentDir = process.cwd();
+
+    const findings = await deepScan(currentDir);
+    if (findings.length > 0) {
+        score -= (findings.length * 15);
+        issues.push(chalk.red(`- Found ${findings.length} leaked secrets/keys!`));
+    }
+
+    if (!(await fs.pathExists(path.join(currentDir, 'README.md')))) {
+        score -= 30;
+        issues.push(chalk.yellow("- README.md is missing."));
+    }
+
+    if (!(await fs.pathExists(path.join(currentDir, '.gitignore')))) {
+        score -= 20;
+        issues.push(chalk.yellow("- .gitignore is missing."));
+    }
+
+    if (await fs.pathExists(path.join(currentDir, 'node_modules'))) {
+        score += 5; 
+    }
+
+    console.log(chalk.bold('\n--- Audit Report ---'));
+    
+    let scoreColor = score > 80 ? chalk.green : score > 50 ? chalk.yellow : chalk.red;
+    console.log(`Repo Health Score: ${scoreColor(score + '/100')}`);
+
+    if (issues.length > 0) {
+        console.log(chalk.bold('\nSuggestions to improve:'));
+        issues.forEach(issue => console.log(issue));
+    } else {
+        console.log(chalk.green('\n Your repository structure is excellent!'));
+    }
+}

package/src/commands/commit.js

@@ -0,0 +1,87 @@
+import chalk from 'chalk';
+import inquirer from 'inquirer';
+import simpleGit from 'simple-git';
+
+import { runSecurityCheck } from '../security.js';
+import { getGitDiff, commitCode } from '../git.js';
+import { getAICommitMessage } from '../ai.js';
+import { updateReadme } from '../readme.js';
+import { generateFallbackCommitMessage } from '../fallback.js';
+
+const currentDir = process.cwd();
+const git = simpleGit(currentDir);
+
+export async function runCommitFlow() {
+    console.log(chalk.blue.bold('\n GitReady AI: Commit Workflow Starting...'));
+
+    await runSecurityCheck(currentDir);
+
+    const result = await getGitDiff();
+
+    if (result.error === 'NOT_A_REPO') {
+        console.log(chalk.red('\n Error: This folder is not a Git repository.'));
+        return;
+    }
+
+    const diff = result.diff;
+    if (!diff || diff.trim() === '') {
+        console.log(chalk.red('\n  No staged changes found. Use "git add ." first.'));
+        return;
+    }
+
+    // 3. AI Analysis
+    console.log(chalk.yellow('\n Analyzing your changes with AI...'));
+    let suggestion = "";
+    let isAIGenerated = false;
+
+    try {
+        suggestion = await getAICommitMessage(diff);
+        if (suggestion) {
+            isAIGenerated = true;
+        } else {
+            suggestion = generateFallbackCommitMessage(diff);
+            isAIGenerated = false;
+        }
+    } catch (error) {
+        suggestion = generateFallbackCommitMessage(diff);
+        isAIGenerated = false;
+    }
+
+    const { finalMessage } = await inquirer.prompt([{
+        type: 'input',
+        name: 'finalMessage',
+        message: isAIGenerated ? chalk.cyan('AI Suggestion:') : chalk.yellow('Smart Suggestion (Fallback):'),
+        default: suggestion,
+        validate: input => input.trim() !== '' || 'Commit message cannot be empty.'
+    }]);
+
+    const { confirmReadmeUpdate } = await inquirer.prompt([{
+        type: 'confirm',
+        name: 'confirmReadmeUpdate',
+        message: 'Would you like to update README.md with these changes?',
+        default: true
+    }]);
+
+    if (confirmReadmeUpdate) {
+        console.log(chalk.yellow(' Updating README...'));
+        const success = await updateReadme(currentDir, diff);
+        if (success) {
+            await git.add('README.md');
+            console.log(chalk.green(' README.md updated and staged.'));
+        }
+    }
+
+    const { confirmFinalCommit } = await inquirer.prompt([{
+        type: 'confirm',
+        name: 'confirmFinalCommit',
+        message: 'Ready to commit all staged changes?',
+        default: true
+    }]);
+
+    if (confirmFinalCommit) {
+        await commitCode(finalMessage);
+        console.log(chalk.green.bold('\n Success: Everything committed successfully!'));
+    } else {
+        console.log(chalk.gray('\nCommit process cancelled by user.'));
+    }
+}

package/src/fallback.js

@@ -0,0 +1,54 @@
+export function generateFallbackCommitMessage(diff) {
+    const lowerDiff = diff.toLowerCase();
+    
+    // 1. Extract file names from the diff to be more specific
+    // This regex looks for files being changed in the git diff format
+    const changedFiles = [...diff.matchAll(/\+\+\+ b\/(.*)/g)].map(m => m[1]);
+    const mainFile = changedFiles[0] || "";
+
+    if (changedFiles.some(f => f.toLowerCase().includes("readme.md"))) {
+        return "docs: update project documentation";
+    }
+
+    if (changedFiles.some(f => f.endsWith(".css") || f.endsWith(".scss"))) {
+        const fileName = mainFile.split('/').pop();
+        return `style: updated styling in ${fileName || 'project'}`;
+    }
+
+    if (lowerDiff.includes("package.json")) {
+        if (lowerDiff.includes("\"dependencies\"") || lowerDiff.includes("\"devdependencies\"")) {
+            return "build: update npm dependencies";
+        }
+        return "chore: update package configuration";
+    }
+
+    if (changedFiles.some(f => /\.(png|jpg|jpeg|gif|svg|ico)$/i.test(f))) {
+        return "assets: update image resources";
+    }
+
+    if (lowerDiff.includes("console.log") && lowerDiff.startsWith("-")) {
+        return "chore: remove debug logs";
+    }
+    if (lowerDiff.includes("fix") || lowerDiff.includes("prevent") || lowerDiff.includes("issue")) {
+        return "fix: resolve detected logic issue";
+    }
+
+    if (mainFile.includes("components/")) {
+        const componentName = mainFile.split('/').pop().split('.')[0];
+        return `feat: update ${componentName} component`;
+    }
+
+    if (mainFile.includes("utils/") || mainFile.includes("helpers/")) {
+        return "refactor: optimize utility functions";
+    }
+
+    if (mainFile.endsWith(".js") || mainFile.endsWith(".jsx") || mainFile.endsWith(".ts")) {
+        return `feat: update logic in ${mainFile.split('/').pop()}`;
+    }
+
+    if (mainFile.endsWith(".html")) {
+        return "feat: update html structure";
+    }
+
+    return "chore: general project maintenance";
+}

package/src/git.js

@@ -0,0 +1,27 @@
+import simpleGit from 'simple-git';
+
+const git = simpleGit({
+    baseDir: process.cwd(),
+    binary: 'git',
+});
+
+export async function getGitDiff() {
+    try {
+        const isRepo = await git.checkIsRepo();
+
+        if (!isRepo) {
+            return { error: 'NOT_A_REPO' };
+        }
+
+        const diff = await git.diff(['--staged']);
+
+        return { diff: diff || '' };
+
+    } catch (err) {
+        return { error: err.message };
+    }
+}
+
+export async function commitCode(message) {
+    return await git.commit(message);
+}

package/src/readme.js

@@ -0,0 +1,43 @@
+// src/readme.js
+
+import fs from 'fs-extra';
+import path from 'path';
+import chalk from 'chalk';
+import inquirer from 'inquirer';
+import { getFullProjectReadme } from './ai.js';
+
+export async function updateReadme(currentDir, diff) {
+    const readmePath = path.join(currentDir, 'README.md');
+
+    try {
+        if (await fs.pathExists(readmePath)) {
+            const { confirmOverwrite } = await inquirer.prompt([{
+                type: 'confirm',
+                name: 'confirmOverwrite',
+                message: chalk.yellow('README.md already exists. Do you want to REGENERATE the full professional documentation?'),
+                default: false
+            }]);
+
+            if (!confirmOverwrite) {
+                console.log(chalk.gray(' README update skipped by user.'));
+                return false;
+            }
+        }
+
+        console.log(chalk.cyan(' AI is architecting your professional README...'));
+        
+        const professionalContent = await getFullProjectReadme(diff);
+        
+        if (!professionalContent) {
+            console.log(chalk.red(' AI failed to generate content.'));
+            return false;
+        }
+
+        await fs.writeFile(readmePath, professionalContent + `\n\n---\n*Generated by GitReady AI*`);
+        
+        return true;
+    } catch (error) {
+        console.error(chalk.red(` README Error: ${error.message}`));
+        return false;
+    }
+}

package/src/security/scanner.js

@@ -0,0 +1,30 @@
+import fs from 'fs-extra';
+import path from 'path';
+
+const SECRET_PATTERNS = [
+    { name: "AWS Access Key", regex: /AKIA[0-9A-Z]{16}/ },
+    { name: "GitHub Token", regex: /ghp_[a-zA-Z0-9]{36}/ },
+    { name: "Private Key", regex: /-----BEGIN (RSA|EC|DSA|OPENSSH) PRIVATE KEY-----/ },
+    { name: "Generic Secret", regex: /secret[:=]\s*['"][a-zA-Z0-9]{16,}['"]/i }
+];
+
+export async function deepScan(directory) {
+    const findings = [];
+    const files = await fs.readdir(directory, { recursive: true });
+
+    for (const file of files) {
+        if (file.includes('node_modules') || file.includes('.git')) continue;
+
+        const fullPath = path.join(directory, file);
+        if ((await fs.lstat(fullPath)).isFile()) {
+            const content = await fs.readFile(fullPath, 'utf8');
+            
+            SECRET_PATTERNS.forEach(pattern => {
+                if (pattern.regex.test(content)) {
+                    findings.push({ file, type: pattern.name });
+                }
+            });
+        }
+    }
+    return findings;
+}

package/src/security.js

@@ -0,0 +1,118 @@
+// src/security.js
+
+import fs from 'fs-extra';
+import path from 'path';
+import chalk from 'chalk';
+import inquirer from 'inquirer';
+
+export async function runSecurityCheck(currentDir) {
+    const gitIgnorePath = path.join(currentDir, '.gitignore');
+
+    const envExists =
+        await fs.pathExists(path.join(currentDir, '.env'));
+
+    const nodeModulesExists =
+        await fs.pathExists(
+            path.join(currentDir, 'node_modules')
+        );
+
+    let missingEntries = [];
+
+    let gitIgnoreContent = '';
+
+    if (await fs.pathExists(gitIgnorePath)) {
+        gitIgnoreContent = await fs.readFile(
+            gitIgnorePath,
+            'utf8'
+        );
+    }
+
+    // Check .env
+    if (
+        envExists &&
+        !gitIgnoreContent.includes('.env')
+    ) {
+        missingEntries.push('.env');
+    }
+
+    // Check node_modules
+    if (
+        nodeModulesExists &&
+        !gitIgnoreContent.includes('node_modules')
+    ) {
+        missingEntries.push('node_modules');
+    }
+
+    if (missingEntries.length === 0) {
+        console.log(
+            chalk.green(
+                ' Security Check Passed.'
+            )
+        );
+
+        return {
+            success: true,
+            updated: false
+        };
+    }
+
+    console.log(
+        chalk.yellow(
+            ` Security Alert: ${missingEntries.join(', ')} not found in .gitignore`
+        )
+    );
+
+    const { fixIgnore } = await inquirer.prompt([
+        {
+            type: 'confirm',
+            name: 'fixIgnore',
+            message: `Add ${missingEntries.join(
+                ' and '
+            )} to .gitignore?`,
+            default: true
+        }
+    ]);
+
+    if (!fixIgnore) {
+        console.log(
+            chalk.yellow(
+                ' Security recommendations skipped.'
+            )
+        );
+
+        return {
+            success: true,
+            updated: false
+        };
+    }
+
+    const entriesToAdd = [
+        '',
+        '# Added by GitReady AI',
+        ...missingEntries
+    ].join('\n');
+
+    if (await fs.pathExists(gitIgnorePath)) {
+        await fs.appendFile(
+            gitIgnorePath,
+            `\n${entriesToAdd}\n`
+        );
+    } else {
+        await fs.writeFile(
+            gitIgnorePath,
+            `${entriesToAdd}\n`
+        );
+    }
+
+    console.log(
+        chalk.green(
+            '.gitignore updated successfully.'
+        )
+    );
+
+    return {
+        success: true,
+        updated: true,
+        added: missingEntries
+    };
+}