cc-safe-setup 10.1.0 → 10.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +1 -1
  2. package/examples/stale-env-guard.sh +33 -0
  3. package/examples/test-coverage-guard.sh +27 -0
  4. package/package.json +1 -1
package/README.md CHANGED
@@ -6,7 +6,7 @@
6
6
 
7
7
  **One command to make Claude Code safe for autonomous operation.** [日本語](docs/README.ja.md)
8
8
 
9
- 8 built-in + 104 examples = **112 hooks**. 35 CLI commands. 531 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
9
+ 8 built-in + 104 examples = **116 hooks**. 36 CLI commands. 531 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
10
10
 
11
11
  ```bash
12
12
  npx cc-safe-setup
package/examples/stale-env-guard.sh ADDED
@@ -0,0 +1,33 @@
1
+ #!/bin/bash
2
+ # ================================================================
3
+ # stale-env-guard.sh — Warn when .env files are very old
4
+ # ================================================================
5
+ # PURPOSE:
6
+ # .env files with API keys should be rotated periodically.
7
+ # This hook warns when .env hasn't been modified in 90+ days,
8
+ # suggesting credential rotation.
9
+ #
10
+ # TRIGGER: PreToolUse MATCHER: "Bash"
11
+ #
12
+ # CONFIG:
13
+ # CC_ENV_MAX_AGE_DAYS=90
14
+ # ================================================================
15
+
16
+ COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
17
+ [ -z "$COMMAND" ] && exit 0
18
+
19
+ # Only check on deploy-related or env-reading commands
20
+ echo "$COMMAND" | grep -qE '(deploy|source\s+\.env|cat\s+\.env|docker.*\.env)' || exit 0
21
+
22
+ MAX_DAYS="${CC_ENV_MAX_AGE_DAYS:-90}"
23
+
24
+ for envfile in .env .env.local .env.production; do
25
+ [ -f "$envfile" ] || continue
26
+ AGE_DAYS=$(( ($(date +%s) - $(stat -c %Y "$envfile" 2>/dev/null || echo 0)) / 86400 ))
27
+ if [ "$AGE_DAYS" -gt "$MAX_DAYS" ]; then
28
+ echo "WARNING: $envfile is $AGE_DAYS days old (threshold: $MAX_DAYS)." >&2
29
+ echo "Consider rotating API keys and credentials." >&2
30
+ fi
31
+ done
32
+
33
+ exit 0
package/examples/test-coverage-guard.sh ADDED
@@ -0,0 +1,27 @@
1
+ #!/bin/bash
2
+ # ================================================================
3
+ # test-coverage-guard.sh — Warn when code grows without tests
4
+ # ================================================================
5
+ # PURPOSE:
6
+ # Claude adds features without writing tests. This hook checks
7
+ # if source files changed more than test files, suggesting tests
8
+ # are needed before committing.
9
+ #
10
+ # TRIGGER: PreToolUse MATCHER: "Bash"
11
+ # ================================================================
12
+
13
+ COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
14
+ [ -z "$COMMAND" ] && exit 0
15
+ echo "$COMMAND" | grep -qE '^\s*git\s+commit' || exit 0
16
+
17
+ # Count staged source vs test file changes
18
+ SRC_CHANGES=$(git diff --cached --name-only 2>/dev/null | grep -cvE '(test|spec|__tests__|_test\.|\.test\.)' || echo 0)
19
+ TEST_CHANGES=$(git diff --cached --name-only 2>/dev/null | grep -cE '(test|spec|__tests__|_test\.|\.test\.)' || echo 0)
20
+
21
+ # If source changed significantly but no tests
22
+ if [ "$SRC_CHANGES" -gt 3 ] && [ "$TEST_CHANGES" -eq 0 ]; then
23
+ echo "WARNING: $SRC_CHANGES source files changed but 0 test files." >&2
24
+ echo "Consider adding tests for the new code." >&2
25
+ fi
26
+
27
+ exit 0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "cc-safe-setup",
3
- "version": "10.1.0",
3
+ "version": "10.2.0",
4
4
  "description": "One command to make Claude Code safe. 59 hooks (8 built-in + 51 examples). 26 CLI commands: dashboard, create, audit, lint, diff, migrate, compare, generate-ci. 284 tests.",
5
5
  "main": "index.mjs",
6
6
  "bin": {