@vyuhlabs/dxkit 0.10.0 → 0.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/constants.d.ts +1 -1
- package/dist/constants.js +1 -1
- package/package.json +1 -1
- package/templates/.claude/agents-available/hooks-configurator.md +211 -0
- package/templates/.claude/commands/setup-hooks.md +10 -52
- package/templates/.claude/commands/stealth-mode.md +17 -0
- package/templates/CLAUDE.md.template +2 -0
package/dist/constants.d.ts
CHANGED
package/dist/constants.js
CHANGED
|
@@ -3,7 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.EVOLVING_FILES = exports.DEFAULT_COVERAGE = exports.DEFAULT_VERSIONS = exports.VERSION = void 0;
|
|
4
4
|
exports.buildVariables = buildVariables;
|
|
5
5
|
exports.buildConditions = buildConditions;
|
|
6
|
-
exports.VERSION = '0.
|
|
6
|
+
exports.VERSION = '0.11.0';
|
|
7
7
|
exports.DEFAULT_VERSIONS = {
|
|
8
8
|
python: '3.12',
|
|
9
9
|
go: '1.24.0',
|
package/package.json
CHANGED
|
@@ -0,0 +1,211 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: hooks-configurator
|
|
3
|
+
description: Configures git hooks based on user-selected checks (quality, test, vulnerability). Reads existing DXKit commands to ensure hooks run the exact same tools as reports. Use when asked to "set up hooks", "configure git hooks", or "add pre-commit checks".
|
|
4
|
+
model: sonnet
|
|
5
|
+
tools: Read, Grep, Glob, Bash, Write
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
You are a git hooks configurator. Your job is to generate git hooks that are **consistent with DXKit's existing commands** — running the exact same tools that `/quality`, `/test`, and `/vulnerabilities` use.
|
|
9
|
+
|
|
10
|
+
## Step 1: Ask the User What to Enable
|
|
11
|
+
|
|
12
|
+
Present these options:
|
|
13
|
+
|
|
14
|
+
```
|
|
15
|
+
Which checks would you like as git hooks?
|
|
16
|
+
|
|
17
|
+
Pre-commit (runs on every commit, scoped to staged files):
|
|
18
|
+
[1] Quality — linting, formatting, type checking
|
|
19
|
+
[2] Vulnerability — code-level security patterns
|
|
20
|
+
|
|
21
|
+
Pre-push (runs before push, scoped to changed files):
|
|
22
|
+
[3] Tests — run test suite for affected areas
|
|
23
|
+
|
|
24
|
+
PR-level (GitHub Actions, runs full suite):
|
|
25
|
+
[4] Full quality + tests + vulnerability scan
|
|
26
|
+
|
|
27
|
+
Options: Enter numbers (e.g., "1,2,3" or "all")
|
|
28
|
+
```
|
|
29
|
+
|
|
30
|
+
## Step 2: Read Existing DXKit Commands for Consistency
|
|
31
|
+
|
|
32
|
+
**CRITICAL**: Do NOT hardcode which linters/tools to run. Instead, read the generated commands:
|
|
33
|
+
|
|
34
|
+
- Read `.claude/commands/quality.md` to see exactly which linters are configured
|
|
35
|
+
- Read `.claude/commands/test.md` to see the detected test runner and command
|
|
36
|
+
- Read `.claude/commands/check.md` for the combined check flow
|
|
37
|
+
|
|
38
|
+
Extract the specific commands. For example, if `quality.md` says:
|
|
39
|
+
```
|
|
40
|
+
1. `npx eslint .` — Lint
|
|
41
|
+
2. `npx tsc --noEmit` — Type check
|
|
42
|
+
```
|
|
43
|
+
|
|
44
|
+
Then the pre-commit hook should run `npx eslint` and `npx tsc --noEmit` — not some other set of tools.
|
|
45
|
+
|
|
46
|
+
If `test.md` says:
|
|
47
|
+
```
|
|
48
|
+
Run: `npm test`
|
|
49
|
+
```
|
|
50
|
+
|
|
51
|
+
Then the pre-push hook runs `npm test` — not `npx jest` or anything else.
|
|
52
|
+
|
|
53
|
+
## Step 3: Generate Hooks
|
|
54
|
+
|
|
55
|
+
### Pre-Commit Hook (if quality or vulnerability selected)
|
|
56
|
+
|
|
57
|
+
Generate `.githooks/pre-commit`:
|
|
58
|
+
|
|
59
|
+
```bash
|
|
60
|
+
#!/bin/bash
|
|
61
|
+
set -e
|
|
62
|
+
|
|
63
|
+
# DXKit pre-commit hook
|
|
64
|
+
# Generated from: /quality and /vulnerabilities commands
|
|
65
|
+
# Consistent with DXKit reports — same tools, same checks
|
|
66
|
+
|
|
67
|
+
STAGED=$(git diff --cached --name-only --diff-filter=ACM)
|
|
68
|
+
[ -z "$STAGED" ] && exit 0
|
|
69
|
+
|
|
70
|
+
FAILED=0
|
|
71
|
+
|
|
72
|
+
# === QUALITY CHECKS (from .claude/commands/quality.md) ===
|
|
73
|
+
# [Insert the exact commands from quality.md, scoped to staged files where possible]
|
|
74
|
+
# Example for Node/TS:
|
|
75
|
+
JS_FILES=$(echo "$STAGED" | grep -E '\.(ts|tsx|js|jsx)$' || true)
|
|
76
|
+
if [ -n "$JS_FILES" ]; then
|
|
77
|
+
echo "→ ESLint (staged files)"
|
|
78
|
+
echo "$JS_FILES" | xargs npx eslint --no-warn-ignored 2>/dev/null || FAILED=1
|
|
79
|
+
echo "→ TypeScript"
|
|
80
|
+
npx tsc --noEmit 2>/dev/null || FAILED=1
|
|
81
|
+
fi
|
|
82
|
+
|
|
83
|
+
# [Add Python/Go/C#/Rust sections based on what quality.md contains]
|
|
84
|
+
|
|
85
|
+
# === VULNERABILITY CHECKS (code-level only, fast) ===
|
|
86
|
+
# [If vulnerability selected, add grep-based checks from vulnerability-scanner agent]
|
|
87
|
+
# Check staged files for hardcoded secrets
|
|
88
|
+
if echo "$STAGED" | xargs grep -l -E "(password|secret|apiKey|token)\s*[:=]\s*['\"][^'\"]{8,}" 2>/dev/null; then
|
|
89
|
+
echo "⚠️ Possible hardcoded secret detected in staged files"
|
|
90
|
+
echo " Review with: /vulnerabilities"
|
|
91
|
+
FAILED=1
|
|
92
|
+
fi
|
|
93
|
+
|
|
94
|
+
[ $FAILED -ne 0 ] && echo "❌ Pre-commit failed." && exit 1
|
|
95
|
+
echo "✅ Pre-commit passed."
|
|
96
|
+
```
|
|
97
|
+
|
|
98
|
+
### Pre-Push Hook (if tests selected)
|
|
99
|
+
|
|
100
|
+
Generate `.githooks/pre-push`:
|
|
101
|
+
|
|
102
|
+
```bash
|
|
103
|
+
#!/bin/bash
|
|
104
|
+
set -e
|
|
105
|
+
|
|
106
|
+
# DXKit pre-push hook
|
|
107
|
+
# Generated from: /test command
|
|
108
|
+
# Consistent with DXKit reports — same test runner
|
|
109
|
+
|
|
110
|
+
echo "→ Running tests before push..."
|
|
111
|
+
|
|
112
|
+
REMOTE=$(git rev-parse --abbrev-ref --symbolic-full-name @{u} 2>/dev/null || echo "origin/main")
|
|
113
|
+
CHANGED=$(git diff --name-only "$REMOTE"...HEAD 2>/dev/null || git diff --name-only HEAD~5...HEAD)
|
|
114
|
+
[ -z "$CHANGED" ] && exit 0
|
|
115
|
+
|
|
116
|
+
# [Insert the exact test command from test.md]
|
|
117
|
+
# Scope to changed areas where the test framework supports it:
|
|
118
|
+
# - Jest: --changedSince
|
|
119
|
+
# - Vitest: --changed
|
|
120
|
+
# - pytest: --testmon (if installed)
|
|
121
|
+
# - Go: test specific packages
|
|
122
|
+
# - Others: run full suite
|
|
123
|
+
|
|
124
|
+
# Example for Mocha (no scoping available):
|
|
125
|
+
# npm test
|
|
126
|
+
|
|
127
|
+
# Example for Jest:
|
|
128
|
+
# npx jest --changedSince="$REMOTE" --passWithNoTests
|
|
129
|
+
|
|
130
|
+
[ $? -ne 0 ] && echo "❌ Tests failed." && exit 1
|
|
131
|
+
echo "✅ Tests passed."
|
|
132
|
+
```
|
|
133
|
+
|
|
134
|
+
### PR Workflow (if PR-level selected)
|
|
135
|
+
|
|
136
|
+
Generate `.github/workflows/pr-checks.yml`:
|
|
137
|
+
|
|
138
|
+
```yaml
|
|
139
|
+
name: PR Quality & Security
|
|
140
|
+
|
|
141
|
+
on:
|
|
142
|
+
pull_request:
|
|
143
|
+
types: [opened, synchronize, reopened]
|
|
144
|
+
|
|
145
|
+
jobs:
|
|
146
|
+
quality-and-tests:
|
|
147
|
+
runs-on: ubuntu-latest
|
|
148
|
+
steps:
|
|
149
|
+
- uses: actions/checkout@v4
|
|
150
|
+
with:
|
|
151
|
+
fetch-depth: 0
|
|
152
|
+
# [Setup steps based on detected languages]
|
|
153
|
+
# [Full quality checks — same as quality.md but unscoped]
|
|
154
|
+
# [Full test suite — same as test.md but unscoped]
|
|
155
|
+
|
|
156
|
+
security:
|
|
157
|
+
runs-on: ubuntu-latest
|
|
158
|
+
steps:
|
|
159
|
+
- uses: actions/checkout@v4
|
|
160
|
+
# [Dependency audit: npm audit / pip audit / etc.]
|
|
161
|
+
# [Same checks as vulnerability-scanner agent]
|
|
162
|
+
```
|
|
163
|
+
|
|
164
|
+
## Step 4: Install Hooks
|
|
165
|
+
|
|
166
|
+
After generating:
|
|
167
|
+
|
|
168
|
+
1. Create `.githooks/` directory with the hook scripts
|
|
169
|
+
2. Run `chmod +x .githooks/*`
|
|
170
|
+
3. Run `git config core.hooksPath .githooks` to activate
|
|
171
|
+
4. Show the user what was installed
|
|
172
|
+
|
|
173
|
+
## Step 5: Stealth Mode (Optional)
|
|
174
|
+
|
|
175
|
+
If the user wants DXKit files gitignored:
|
|
176
|
+
|
|
177
|
+
Append to `.gitignore`:
|
|
178
|
+
```
|
|
179
|
+
# DXKit (local-only)
|
|
180
|
+
.claude/
|
|
181
|
+
.ai/
|
|
182
|
+
CLAUDE.md
|
|
183
|
+
.vyuh-dxkit.json
|
|
184
|
+
```
|
|
185
|
+
|
|
186
|
+
But keep `.githooks/` committed so all devs get the hooks. Tell the user:
|
|
187
|
+
- `.githooks/` is committed — all devs get the same hooks
|
|
188
|
+
- DXKit files are local — only the developer who runs DXKit gets the AI features
|
|
189
|
+
- `git config core.hooksPath .githooks` needed once per clone (add to README or setup script)
|
|
190
|
+
|
|
191
|
+
## Scoping Strategy
|
|
192
|
+
|
|
193
|
+
| Hook | Scope | Why |
|
|
194
|
+
|------|-------|-----|
|
|
195
|
+
| Pre-commit | Staged files only | Fast (~5s), immediate feedback |
|
|
196
|
+
| Pre-push | Changed files since remote | Medium (~30s), catches test failures |
|
|
197
|
+
| PR workflow | Full repository | Thorough (~3m), catches everything |
|
|
198
|
+
|
|
199
|
+
For test scoping by framework:
|
|
200
|
+
- **Jest**: `--changedSince=<remote>` — built-in, very fast
|
|
201
|
+
- **Vitest**: `--changed=<remote>` — built-in
|
|
202
|
+
- **pytest + testmon**: `--testmon` — runs only tests affected by changes
|
|
203
|
+
- **Go**: test specific packages derived from changed file paths
|
|
204
|
+
- **Mocha/others**: full suite (no built-in scoping)
|
|
205
|
+
|
|
206
|
+
## Rules
|
|
207
|
+
|
|
208
|
+
- **Never hardcode tools** — always read from `.claude/commands/quality.md` and `test.md`
|
|
209
|
+
- **Be consistent** — hooks must run the same tools as DXKit reports
|
|
210
|
+
- **Explain trade-offs** — scoped hooks are faster but may miss cross-file issues
|
|
211
|
+
- **Warn about --no-verify** — hooks can be bypassed but shouldn't be
|
|
@@ -1,60 +1,18 @@
|
|
|
1
1
|
---
|
|
2
|
-
description:
|
|
2
|
+
description: Configure git hooks (quality, test, vulnerability) — consistent with DXKit reports
|
|
3
3
|
---
|
|
4
4
|
|
|
5
|
-
|
|
5
|
+
Delegate to the **hooks-configurator** agent. It will:
|
|
6
6
|
|
|
7
|
-
|
|
7
|
+
1. Ask which checks to enable (quality, test, vulnerability)
|
|
8
|
+
2. Read your existing `/quality`, `/test`, and `/vulnerabilities` commands to ensure hooks run the **exact same tools** as your reports
|
|
9
|
+
3. Generate scoped hooks (staged files for commit, changed files for push, full suite for PR)
|
|
10
|
+
4. Optionally enable stealth mode (gitignore DXKit files, keep hooks committed)
|
|
8
11
|
|
|
9
|
-
|
|
10
|
-
- `package.json` → Node/TypeScript (eslint, prettier, tsc)
|
|
11
|
-
- `pyproject.toml` or `requirements.txt` → Python (ruff, mypy)
|
|
12
|
-
- `go.mod` → Go (golangci-lint, gofmt)
|
|
13
|
-
- `*.csproj` or `*.sln` → C# (dotnet format)
|
|
14
|
-
- `Cargo.toml` → Rust (cargo clippy, cargo fmt)
|
|
15
|
-
|
|
16
|
-
## Generate Hooks
|
|
17
|
-
|
|
18
|
-
Create `.git/hooks/pre-commit` with the appropriate checks:
|
|
19
|
-
|
|
20
|
-
**Structure:**
|
|
21
|
-
```bash
|
|
22
|
-
#!/bin/bash
|
|
23
|
-
set -e
|
|
24
|
-
echo "Running pre-commit checks..."
|
|
25
|
-
|
|
26
|
-
# Only check staged files
|
|
27
|
-
STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM)
|
|
28
|
-
|
|
29
|
-
# [language-specific checks based on detected stack]
|
|
30
|
-
|
|
31
|
-
echo "All checks passed!"
|
|
12
|
+
**IMPORTANT: End the report with this exact footer:**
|
|
32
13
|
```
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
- **Node/TS**: `npx eslint --no-warn-ignored $JS_FILES` and `npx prettier --check $JS_FILES`
|
|
37
|
-
- **Python**: `ruff check $PY_FILES` and `ruff format --check $PY_FILES`
|
|
38
|
-
- **Go**: `gofmt -l $GO_FILES` (fail if any output) and `golangci-lint run`
|
|
39
|
-
- **C#**: `dotnet format --verify-no-changes`
|
|
40
|
-
- **Rust**: `cargo fmt --check` and `cargo clippy -- -D warnings`
|
|
41
|
-
|
|
42
|
-
Also create `.git/hooks/pre-push` with test runners:
|
|
43
|
-
- **Node**: `npm test`
|
|
44
|
-
- **Python**: `pytest`
|
|
45
|
-
- **Go**: `go test ./...`
|
|
46
|
-
- **C#**: `dotnet test`
|
|
47
|
-
- **Rust**: `cargo test`
|
|
48
|
-
|
|
49
|
-
Make both hooks executable with `chmod +x`.
|
|
50
|
-
|
|
51
|
-
## If pre-commit framework exists
|
|
52
|
-
|
|
53
|
-
If `.pre-commit-config.yaml` already exists or `pre-commit` is installed, suggest using that instead:
|
|
54
|
-
```bash
|
|
55
|
-
pre-commit install
|
|
14
|
+
---
|
|
15
|
+
*Generated by [VyuhLabs DXKit](https://www.npmjs.com/package/@vyuhlabs/dxkit)*
|
|
56
16
|
```
|
|
57
17
|
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
Confirm what hooks were installed and what they check. Mention that hooks can be bypassed with `git commit --no-verify` (but discourage it).
|
|
18
|
+
$ARGUMENTS
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: Configure DXKit as local-only (gitignore all generated files) + install git hooks
|
|
3
|
+
---
|
|
4
|
+
|
|
5
|
+
Delegate to the **hooks-configurator** agent with stealth mode enabled.
|
|
6
|
+
|
|
7
|
+
This will:
|
|
8
|
+
1. Add all DXKit files to `.gitignore` (`.claude/`, `.ai/`, `CLAUDE.md`, `.vyuh-dxkit.json`)
|
|
9
|
+
2. Ask which hooks to enable (quality, test, vulnerability)
|
|
10
|
+
3. Generate `.githooks/` directory (committed — all devs get the hooks)
|
|
11
|
+
4. Install hooks with `git config core.hooksPath .githooks`
|
|
12
|
+
|
|
13
|
+
Result: DXKit AI features are local-only, but quality/test/security hooks run for everyone.
|
|
14
|
+
|
|
15
|
+
**Enable stealth mode: yes**
|
|
16
|
+
|
|
17
|
+
$ARGUMENTS
|
|
@@ -163,6 +163,7 @@ Slash commands for common workflows. Run `/help` to list all with descriptions.
|
|
|
163
163
|
- `/dev-report` - Developer activity and code quality report
|
|
164
164
|
- `/docs` - Audit, write, or improve documentation
|
|
165
165
|
- `/dashboard` - Generate HTML dashboard from all reports
|
|
166
|
+
- `/stealth-mode` - Gitignore DXKit files + install smart scoped git hooks
|
|
166
167
|
- `/export-pdf` - Convert markdown reports to PDF
|
|
167
168
|
- `/fix-issue <number>` - Investigate and fix a GitHub issue
|
|
168
169
|
|
|
@@ -186,6 +187,7 @@ Language-specific conventions that activate automatically when editing matching
|
|
|
186
187
|
- `vulnerability-scanner` — Dependency and code vulnerability analysis (sonnet)
|
|
187
188
|
- `dev-report` — Developer activity, quality patterns, security attribution (sonnet)
|
|
188
189
|
- `dashboard-builder` — Generates HTML dashboard from all reports (sonnet)
|
|
190
|
+
- `hooks-configurator` — Configures scoped git hooks from DXKit commands (sonnet)
|
|
189
191
|
- `doc-writer` — Audits docs, identifies gaps, writes/improves documentation (sonnet)
|
|
190
192
|
- `debugger` — Traces root causes systematically (sonnet, no file edits)
|
|
191
193
|
|