catylst 1.0.5 → 1.0.8

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "catylst",
-  "version": "1.0.5",
+  "version": "1.0.8",
   "description": "Generate customized Kotlin Multiplatform projects with an interactive wizard",
   "keywords": [
     "kotlin",

package/postinstall.js

@@ -4,18 +4,20 @@
 // 2. Clones (or updates) the Catylst template to ~/.catylst/template
 // 3. Downloads the CLI JAR to ~/.catylst/catylst-cli.jar
 
-const { spawnSync } = require("child_process");
-const https = require("https");
+// NOTE: all progress output goes to stderr.
+// npm buffers stdout during install and only shows it on error.
+// stderr is streamed to the terminal in real-time.
+
+const { spawnSync, spawn } = require("child_process");
+const https  = require("https");
 const crypto = require("crypto");
-const fs = require("fs");
-const path = require("path");
-const os = require("os");
+const fs     = require("fs");
+const path   = require("path");
+const os     = require("os");
 
 const REPO_URL = "https://github.com/rohit-554/Catylst.git";
-const JAR_URL =
-  "https://github.com/rohit-554/Catylst/releases/latest/download/catylst-cli.jar";
+const JAR_URL  = "https://github.com/rohit-554/Catylst/releases/latest/download/catylst-cli.jar";
 
-// Trusted hosts for redirect following — no other host is allowed
 const TRUSTED_HOSTS = [
   "github.com",
   "objects.githubusercontent.com",
@@ -24,164 +26,173 @@ const TRUSTED_HOSTS = [
   "codeload.github.com",
 ];
 
-const CATYLST_DIR = path.join(os.homedir(), ".catylst");
+const CATYLST_DIR  = path.join(os.homedir(), ".catylst");
 const TEMPLATE_DIR = path.join(CATYLST_DIR, "template");
-const JAR_PATH = path.join(CATYLST_DIR, "catylst-cli.jar");
+const JAR_PATH     = path.join(CATYLST_DIR, "catylst-cli.jar");
+
+// ── colours ───────────────────────────────────────────────────────────────────
 
-const green = (s) => `\x1b[32m${s}\x1b[0m`;
+const green  = (s) => `\x1b[32m${s}\x1b[0m`;
 const yellow = (s) => `\x1b[33m${s}\x1b[0m`;
-const cyan = (s) => `\x1b[36m${s}\x1b[0m`;
-const bold = (s) => `\x1b[1m${s}\x1b[0m`;
-const dim = (s) => `\x1b[2m${s}\x1b[0m`;
+const cyan   = (s) => `\x1b[36m${s}\x1b[0m`;
+const bold   = (s) => `\x1b[1m${s}\x1b[0m`;
+const dim    = (s) => `\x1b[2m${s}\x1b[0m`;
+const purple = (s) => `\x1b[35m${s}\x1b[0m`;
+
+const print = (s) => process.stderr.write(s + "\n");
+const printRaw = (s) => process.stderr.write(s);
+
+// ── tips & jokes ──────────────────────────────────────────────────────────────
+
+const MESSAGES = [
+  ["tip",  "Room 3.1 auto-generates all your DAO queries at compile time."],
+  ["tip",  "Navigation3 uses type-safe routes — no more string typos in nav graphs."],
+  ["tip",  "Swap AI providers by changing one line in AppModule.kt."],
+  ["tip",  "bloom-build scaffolds a full screen — Entity, DAO, ViewModel, UI — in seconds."],
+  ["tip",  "Material 3 Expressive ships spring-based motion out of the box."],
+  ["tip",  "Run ./gradlew :composeApp:kspAndroidMain after every Room Entity change."],
+  ["tip",  "Koin multiplatform means one DI graph for Android, iOS, and Desktop."],
+  ["tip",  "bloom-navigate cleanly removes any feature you do not need."],
+  ["tip",  "AGP 9 brings predictive back gesture support by default."],
+  ["tip",  "commonMain code compiles to all targets — write once, ship everywhere."],
+  ["joke", "Why do Kotlin developers stay calm? They know how to handle exceptions."],
+  ["joke", "A null pointer walks into a bar. Bartender: we don't serve your type here."],
+  ["joke", "Why did the Android dev quit? Too many fragments."],
+  ["joke", "Kotlin: where semicolons go to retire."],
+  ["joke", "iOS dev asks what Gradle is. Android dev weeps softly."],
+  ["joke", "There are 10 types of developers: those who get binary and those who don't."],
+  ["joke", "A git push a day keeps the merge conflicts away. Usually."],
+  ["joke", "My code works. I have no idea why. Shipping it anyway."],
+];
+
+let tipTimer = null;
+
+function startTips() {
+  const msgs = [...MESSAGES].sort(() => Math.random() - 0.5);
+  let i = 0;
+  function next() {
+    const [kind, text] = msgs[i++ % msgs.length];
+    const label = kind === "joke" ? purple("joke") : cyan("tip ");
+    printRaw(`\r  ${label}  ${dim(text)}${" ".repeat(6)}`);
+    tipTimer = setTimeout(next, 3200);
+  }
+  next();
+}
+
+function stopTips(line) {
+  if (tipTimer) { clearTimeout(tipTimer); tipTimer = null; }
+  printRaw(`\r${line}${" ".repeat(40)}\n`);
+}
+
+// ── helpers ───────────────────────────────────────────────────────────────────
+
+// Async wrapper for spawn — keeps event loop alive so timers fire during git ops
+function runAsync(cmd, args, opts = {}) {
+  return new Promise((resolve, reject) => {
+    const child = spawn(cmd, args, { stdio: "pipe", ...opts });
+    const stderr = [];
+    child.stderr && child.stderr.on("data", (d) => stderr.push(d));
+    child.on("close", (code) => resolve({ status: code, stderr: Buffer.concat(stderr) }));
+    child.on("error", reject);
+  });
+}
 
-console.log("");
-console.log(bold("  Catylst KMP Project Generator"));
-console.log(dim("  ────────────────────────────────────────"));
-console.log("");
+function isTrustedHost(urlString) {
+  try {
+    const { hostname } = new URL(urlString);
+    return TRUSTED_HOSTS.some((h) => hostname === h || hostname.endsWith("." + h));
+  } catch { return false; }
+}
 
-// ── 1. Check Java ────────────────────────────────────────────────────────────
+// ── 1. Check Java ─────────────────────────────────────────────────────────────
 
 function checkJava() {
   const result = spawnSync("java", ["-version"], { encoding: "utf8" });
   const output = result.stderr || result.stdout || "";
-  const match = output.match(/version "(\d+)/);
+  const match  = output.match(/version "(\d+)/);
   if (!match) {
-    console.error(yellow("  ✗  Java not found. Install JDK 17+ from https://adoptium.net"));
+    print(yellow("  x  Java not found. Install JDK 17+ from https://adoptium.net"));
     process.exit(1);
   }
   const major = parseInt(match[1], 10);
   if (major < 17) {
-    console.error(
-      yellow(`  ✗  JDK 17+ required (found ${major}). Install from https://adoptium.net`)
-    );
+    print(yellow(`  x  JDK 17+ required (found ${major}). https://adoptium.net`));
     process.exit(1);
   }
-  console.log(green(`  ✓  Java ${major}`));
+  print(green(`  ok  Java ${major}`));
 }
 
-// ── 2. Clone / update template ───────────────────────────────────────────────
+// ── 2. Clone / update template ────────────────────────────────────────────────
 
-function setupTemplate() {
+async function setupTemplate() {
   fs.mkdirSync(CATYLST_DIR, { recursive: true });
 
-  const isGitRepo = fs.existsSync(path.join(TEMPLATE_DIR, ".git"));
-
-  if (isGitRepo) {
-    process.stdout.write(cyan("  ↻  Updating template..."));
-    // Use spawn array form — no shell interpolation, no injection risk
-    const result = spawnSync("git", ["pull", "--quiet", "--rebase"], {
-      cwd: TEMPLATE_DIR,
-      stdio: "pipe",
-    });
-    if (result.status === 0) {
-      console.log("\r" + green("  ✓  Template updated    "));
-    } else {
-      console.log("\r" + yellow("  ⚠  Could not update template (offline?). Using existing."));
-    }
+  if (fs.existsSync(path.join(TEMPLATE_DIR, ".git"))) {
+    startTips();
+    const r = await runAsync("git", ["pull", "--quiet", "--rebase"], { cwd: TEMPLATE_DIR });
+    stopTips(r.status === 0
+      ? green("  ok  Template updated")
+      : yellow("  !!  Could not update template (offline?). Using existing."));
   } else {
-    console.log(cyan("  ↓  Cloning template to ~/.catylst/template ..."));
+    print(dim("  ..  Cloning template\n"));
+    startTips();
     fs.rmSync(TEMPLATE_DIR, { recursive: true, force: true });
-    // Use spawn array form — REPO_URL and TEMPLATE_DIR are never shell-interpolated
-    const result = spawnSync(
-      "git",
-      ["clone", "--depth", "1", "--quiet", REPO_URL, TEMPLATE_DIR],
-      { stdio: "pipe" }
-    );
-    if (result.status !== 0) {
-      const msg = result.stderr ? result.stderr.toString().trim() : "unknown error";
-      console.error(yellow("  ✗  Failed to clone template. Is git installed?"));
-      console.error(dim(`     ${msg}`));
+    const r = await runAsync("git", ["clone", "--depth", "1", "--quiet", REPO_URL, TEMPLATE_DIR]);
+    if (r.status !== 0) {
+      stopTips("");
+      print(yellow("  x  Failed to clone. Is git installed?"));
+      print(dim("     " + r.stderr.toString().trim()));
       process.exit(1);
     }
-    console.log(green("  ✓  Template ready"));
+    stopTips(green("  ok  Template ready"));
   }
 }
 
-// ── 3. Download JAR ──────────────────────────────────────────────────────────
-
-function isTrustedHost(urlString) {
-  try {
-    const { hostname } = new URL(urlString);
-    return TRUSTED_HOSTS.some((h) => hostname === h || hostname.endsWith("." + h));
-  } catch {
-    return false;
-  }
-}
+// ── 3. Download JAR ───────────────────────────────────────────────────────────
 
 function downloadJar() {
-  // Dev mode — use local build if available
-  const localJar = path.join(
-    TEMPLATE_DIR,
-    "cli-generator",
-    "build",
-    "libs",
-    "cli-generator-1.0.0.jar"
-  );
+  const localJar = path.join(TEMPLATE_DIR, "cli-generator", "build", "libs", "cli-generator-1.0.0.jar");
   if (fs.existsSync(localJar)) {
     fs.copyFileSync(localJar, JAR_PATH);
-    console.log(green("  ✓  Using local build"));
+    print(green("  ok  Using local build"));
     return Promise.resolve();
   }
 
   return new Promise((resolve, reject) => {
-    process.stdout.write(cyan("  ↓  Downloading catylst-cli.jar ..."));
-
-    // Write to a temp file first — atomic rename prevents race conditions
+    print(dim("  ..  Downloading CLI\n"));
+    startTips();
     const tmpPath = JAR_PATH + ".tmp." + process.pid;
 
-    function get(url, redirectCount = 0) {
-      if (redirectCount > 5) return reject(new Error("Too many redirects"));
-
-      // Validate redirect destination stays on trusted hosts
-      if (!isTrustedHost(url)) {
-        return reject(new Error(`Redirect to untrusted host blocked: ${url}`));
-      }
-
-      https
-        .get(url, { headers: { "User-Agent": "catylst-npm-installer" } }, (res) => {
-          if (res.statusCode === 301 || res.statusCode === 302) {
-            const location = res.headers.location;
-            if (!location) return reject(new Error("Redirect with no Location header"));
-            return get(location, redirectCount + 1);
-          }
-          if (res.statusCode !== 200) {
-            return reject(new Error(`HTTP ${res.statusCode}`));
-          }
-
-          // Stream to temp file with restricted permissions (owner read/write only)
-          const file = fs.createWriteStream(tmpPath, { mode: 0o600 });
-          const hash = crypto.createHash("sha256");
-
-          res.on("data", (chunk) => hash.update(chunk));
-          res.pipe(file);
-
-          file.on("finish", () => {
-            file.close(() => {
-              // Atomic rename — prevents TOCTOU race where another process
-              // could read a partially-written file
-              try {
-                fs.renameSync(tmpPath, JAR_PATH);
-              } catch (e) {
-                fs.unlinkSync(tmpPath);
-                return reject(e);
-              }
-
-              const digest = hash.digest("hex");
-              console.log("\r" + green("  ✓  CLI ready                      "));
-              console.log(dim(`     SHA-256: ${digest}`));
-              resolve();
-            });
+    function get(url, hops = 0) {
+      if (hops > 5) return reject(new Error("Too many redirects"));
+      if (!isTrustedHost(url)) return reject(new Error(`Blocked redirect to: ${url}`));
+
+      https.get(url, { headers: { "User-Agent": "catylst-npm-installer" } }, (res) => {
+        if (res.statusCode === 301 || res.statusCode === 302) {
+          const loc = res.headers.location;
+          if (!loc) return reject(new Error("Redirect missing Location header"));
+          return get(loc, hops + 1);
+        }
+        if (res.statusCode !== 200) return reject(new Error(`HTTP ${res.statusCode}`));
+
+        const file = fs.createWriteStream(tmpPath, { mode: 0o600 });
+        const hash = crypto.createHash("sha256");
+
+        res.on("data", (chunk) => hash.update(chunk));
+        res.pipe(file);
+
+        file.on("finish", () => {
+          file.close(() => {
+            try { fs.renameSync(tmpPath, JAR_PATH); }
+            catch (e) { fs.unlink(tmpPath, () => {}); return reject(e); }
+            stopTips(green("  ok  CLI ready"));
+            print(dim(`     sha256: ${hash.digest("hex")}`));
+            resolve();
           });
-
-          file.on("error", (err) => {
-            fs.unlink(tmpPath, () => {});
-            reject(err);
-          });
-        })
-        .on("error", (err) => {
-          fs.unlink(tmpPath, () => {});
-          reject(err);
         });
+
+        file.on("error", (e) => { stopTips(""); fs.unlink(tmpPath, () => {}); reject(e); });
+      }).on("error", (e) => { stopTips(""); fs.unlink(tmpPath, () => {}); reject(e); });
     }
 
     get(JAR_URL);
@@ -191,17 +202,21 @@ function downloadJar() {
 // ── run ───────────────────────────────────────────────────────────────────────
 
 (async () => {
+  print("");
+  print(bold("  Catylst KMP Project Generator"));
+  print(dim("  ──────────────────────────────────────"));
+  print("");
+
   checkJava();
-  setupTemplate();
+  await setupTemplate();
   await downloadJar();
 
-  console.log("");
-  console.log(dim("  ────────────────────────────────────────"));
-  console.log("  " + green(bold("All done!")) + " Start your project:");
-  console.log("");
-  console.log("  " + cyan("catylst --interactive"));
-  console.log("");
-  console.log("  " + dim("Or non-interactive:"));
-  console.log("  " + dim("catylst --package com.example.app --name MyApp"));
-  console.log("");
+  print("");
+  print(dim("  ──────────────────────────────────────"));
+  print("  " + green(bold("Done.")) + "  Start your project:");
+  print("");
+  print("  " + cyan("catylst --interactive"));
+  print("");
+  print("  " + dim("catylst --package com.example.app --name MyApp"));
+  print("");
 })();