npm - cc-safe-setup - Versions diffs - 2.2.0 → 2.3.0 - Mend

cc-safe-setup 2.2.0 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/index.mjs +142 -0
package/package.json +1 -1

package/index.mjs CHANGED Viewed

@@ -70,6 +70,7 @@ const INSTALL_EXAMPLE_IDX = process.argv.findIndex(a => a === '--install-example
 const INSTALL_EXAMPLE = INSTALL_EXAMPLE_IDX !== -1 ? process.argv[INSTALL_EXAMPLE_IDX + 1] : null;
 const AUDIT = process.argv.includes('--audit');
 const LEARN = process.argv.includes('--learn');
+const SCAN = process.argv.includes('--scan');
 if (HELP) {
   console.log(`
@@ -682,6 +683,146 @@ exit 0`;
   console.log();
 }
+function scan() {
+  console.log();
+  console.log(c.bold + '  cc-safe-setup --scan' + c.reset);
+  console.log(c.dim + '  Scanning project to generate safety config...' + c.reset);
+  console.log();
+  const cwd = process.cwd();
+  const detected = { languages: [], frameworks: [], hasDb: false, hasDocker: false, isMonorepo: false };
+  const hooks = ['destructive-guard', 'branch-guard', 'secret-guard', 'syntax-check'];
+  const claudeMdRules = ['# Project Safety Rules\n', '## Generated by cc-safe-setup --scan\n'];
+  // Detect languages & frameworks
+  if (existsSync(join(cwd, 'package.json'))) {
+    detected.languages.push('JavaScript/TypeScript');
+    try {
+      const pkg = JSON.parse(readFileSync(join(cwd, 'package.json'), 'utf-8'));
+      const allDeps = { ...pkg.dependencies, ...pkg.devDependencies };
+      if (allDeps.next) detected.frameworks.push('Next.js');
+      if (allDeps.react) detected.frameworks.push('React');
+      if (allDeps.express) detected.frameworks.push('Express');
+      if (allDeps.prisma || allDeps['@prisma/client']) { detected.frameworks.push('Prisma'); detected.hasDb = true; }
+      if (allDeps.sequelize) { detected.frameworks.push('Sequelize'); detected.hasDb = true; }
+      if (allDeps.typeorm) { detected.frameworks.push('TypeORM'); detected.hasDb = true; }
+    } catch(e) {}
+  }
+  if (existsSync(join(cwd, 'requirements.txt')) || existsSync(join(cwd, 'pyproject.toml'))) {
+    detected.languages.push('Python');
+    if (existsSync(join(cwd, 'manage.py'))) { detected.frameworks.push('Django'); detected.hasDb = true; }
+    if (existsSync(join(cwd, 'app.py')) || existsSync(join(cwd, 'wsgi.py'))) detected.frameworks.push('Flask');
+  }
+  if (existsSync(join(cwd, 'Gemfile'))) {
+    detected.languages.push('Ruby');
+    detected.frameworks.push('Rails');
+    detected.hasDb = true;
+  }
+  if (existsSync(join(cwd, 'composer.json'))) {
+    detected.languages.push('PHP');
+    try {
+      const composer = JSON.parse(readFileSync(join(cwd, 'composer.json'), 'utf-8'));
+      if (composer.require?.['laravel/framework']) { detected.frameworks.push('Laravel'); detected.hasDb = true; }
+      if (composer.require?.['symfony/framework-bundle']) { detected.frameworks.push('Symfony'); detected.hasDb = true; }
+    } catch(e) {}
+  }
+  if (existsSync(join(cwd, 'go.mod'))) detected.languages.push('Go');
+  if (existsSync(join(cwd, 'Cargo.toml'))) detected.languages.push('Rust');
+  // Docker
+  if (existsSync(join(cwd, 'Dockerfile')) || existsSync(join(cwd, 'docker-compose.yml')) || existsSync(join(cwd, 'compose.yaml'))) {
+    detected.hasDocker = true;
+  }
+  // Monorepo
+  if (existsSync(join(cwd, 'pnpm-workspace.yaml')) || existsSync(join(cwd, 'lerna.json')) || existsSync(join(cwd, 'nx.json'))) {
+    detected.isMonorepo = true;
+  }
+  // .env files
+  const hasEnv = existsSync(join(cwd, '.env')) || existsSync(join(cwd, '.env.local'));
+  // Display detection results
+  console.log(c.bold + '  Detected:' + c.reset);
+  if (detected.languages.length) console.log('  ' + c.green + '✓' + c.reset + ' Languages: ' + detected.languages.join(', '));
+  if (detected.frameworks.length) console.log('  ' + c.green + '✓' + c.reset + ' Frameworks: ' + detected.frameworks.join(', '));
+  if (detected.hasDb) console.log('  ' + c.green + '✓' + c.reset + ' Database detected');
+  if (detected.hasDocker) console.log('  ' + c.green + '✓' + c.reset + ' Docker detected');
+  if (detected.isMonorepo) console.log('  ' + c.green + '✓' + c.reset + ' Monorepo detected');
+  if (hasEnv) console.log('  ' + c.yellow + '⚠' + c.reset + ' .env file found (secret leak risk)');
+  console.log();
+  // Generate recommendations
+  const examples = [];
+  if (detected.hasDb) {
+    examples.push('block-database-wipe');
+    claudeMdRules.push('- Never run destructive database commands (migrate:fresh, DROP DATABASE, prisma migrate reset)');
+    claudeMdRules.push('- Always backup database before schema changes');
+  }
+  if (detected.hasDocker) {
+    examples.push('auto-approve-docker');
+    claudeMdRules.push('- Docker commands are auto-approved for build/compose/ps/logs');
+  }
+  if (hasEnv) {
+    claudeMdRules.push('- Never commit .env files. Use .env.example for templates');
+    claudeMdRules.push('- Never hardcode API keys or secrets in source files');
+  }
+  if (detected.languages.includes('Python')) {
+    examples.push('auto-approve-python');
+    claudeMdRules.push('- Run pytest after every code change');
+  }
+  if (detected.languages.includes('JavaScript/TypeScript')) {
+    examples.push('auto-approve-build');
+    claudeMdRules.push('- Run npm test after every code change');
+  }
+  // Always recommend
+  examples.push('scope-guard');
+  examples.push('protect-dotfiles');
+  claudeMdRules.push('- Always run tests before committing');
+  claudeMdRules.push('- Never force-push to main/master');
+  claudeMdRules.push('- Create a backup branch before large refactors');
+  // Display recommendations
+  console.log(c.bold + '  Recommended hooks:' + c.reset);
+  console.log('  ' + c.dim + 'npx cc-safe-setup' + c.reset + ' (8 built-in hooks)');
+  for (const ex of examples) {
+    console.log('  ' + c.dim + 'npx cc-safe-setup --install-example ' + ex + c.reset);
+  }
+  // Generate CLAUDE.md
+  console.log();
+  const claudeMdPath = join(cwd, 'CLAUDE.md');
+  if (existsSync(claudeMdPath)) {
+    console.log(c.yellow + '  CLAUDE.md already exists. Suggested rules to add:' + c.reset);
+    console.log();
+    for (const rule of claudeMdRules.slice(2)) {
+      console.log('  ' + c.dim + rule + c.reset);
+    }
+  } else {
+    const content = claudeMdRules.join('\n') + '\n';
+    if (process.argv.includes('--apply')) {
+      writeFileSync(claudeMdPath, content);
+      console.log(c.green + '  ✓ CLAUDE.md created with ' + (claudeMdRules.length - 2) + ' project-specific rules.' + c.reset);
+    } else {
+      console.log(c.bold + '  Suggested CLAUDE.md:' + c.reset);
+      console.log();
+      for (const rule of claudeMdRules) {
+        console.log('  ' + c.dim + rule + c.reset);
+      }
+      console.log();
+      console.log(c.dim + '  Run with --apply to create: npx cc-safe-setup --scan --apply' + c.reset);
+    }
+  }
+  console.log();
+}
 async function main() {
   if (UNINSTALL) return uninstall();
   if (VERIFY) return verify();
@@ -690,6 +831,7 @@ async function main() {
   if (INSTALL_EXAMPLE) return installExample(INSTALL_EXAMPLE);
   if (AUDIT) return audit();
   if (LEARN) return learn();
+  if (SCAN) return scan();
   console.log();
   console.log(c.bold + '  cc-safe-setup' + c.reset);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "cc-safe-setup",
-  "version": "2.2.0",
+  "version": "2.3.0",
   "description": "One command to make Claude Code safe for autonomous operation. 8 built-in hooks + 25 installable examples. Destructive blocker, branch guard, database wipe protection, dotfile guard, and more.",
   "main": "index.mjs",
   "bin": {