npm - cc-safe-setup - Versions diffs - 2.3.0 → 2.4.0 - Mend

cc-safe-setup 2.3.0 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +23 -0
package/action.yml +34 -0
package/examples/session-checkpoint.sh +54 -0
package/index.mjs +52 -0
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -138,6 +138,29 @@ npx cc-safe-setup --audit
 Analyzes 9 safety dimensions and gives you a score (0-100) with one-command fixes for each risk.
+### CI Integration (GitHub Action)
+```yaml
+# .github/workflows/safety.yml
+- uses: yurukusa/cc-safe-setup@main
+  with:
+    threshold: 70  # CI fails if score drops below this
+```
+### Project Scanner
+```bash
+npx cc-safe-setup --scan         # detect tech stack, recommend hooks
+npx cc-safe-setup --scan --apply # auto-create CLAUDE.md with project rules
+```
+### Self-Learning Safety
+```bash
+npx cc-safe-setup --learn        # analyze your block history for patterns
+npx cc-safe-setup --learn --apply # auto-generate custom hooks from patterns
+```
 ## Examples
 Need custom hooks beyond the 8 built-in ones? Install any example with one command:

package/action.yml ADDED Viewed

@@ -0,0 +1,34 @@
+name: 'Claude Code Safety Audit'
+description: 'Check your Claude Code safety setup and fail CI if score is below threshold'
+branding:
+  icon: 'shield'
+  color: 'green'
+inputs:
+  threshold:
+    description: 'Minimum safety score (0-100). CI fails if below this.'
+    required: false
+    default: '70'
+runs:
+  using: 'composite'
+  steps:
+    - name: Run safety audit
+      shell: bash
+      run: |
+        echo "::group::Claude Code Safety Audit"
+        npx cc-safe-setup@latest --audit 2>&1 | tee /tmp/audit-output.txt
+        echo "::endgroup::"
+        # Extract score
+        SCORE=$(grep -oP 'Safety Score: \K\d+' /tmp/audit-output.txt || echo "0")
+        THRESHOLD="${{ inputs.threshold }}"
+        echo "Safety Score: $SCORE / 100 (threshold: $THRESHOLD)"
+        if [ "$SCORE" -lt "$THRESHOLD" ]; then
+          echo "::error::Safety score $SCORE is below threshold $THRESHOLD. Run 'npx cc-safe-setup --audit --fix' to improve."
+          exit 1
+        else
+          echo "::notice::Safety score $SCORE meets threshold $THRESHOLD ✓"
+        fi

package/examples/session-checkpoint.sh ADDED Viewed

@@ -0,0 +1,54 @@
+#!/bin/bash
+# session-checkpoint.sh — Auto-save session state on every stop
+#
+# Solves: Session crashes/disconnects causing expensive re-analysis
+# of the entire codebase on next start (#37866)
+#
+# Saves: git state, recent commits, modified files, working directory.
+# Next session reads the checkpoint instead of re-analyzing everything.
+#
+# Usage: Add to settings.json as a Stop hook
+#
+# {
+#   "hooks": {
+#     "Stop": [{
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/session-checkpoint.sh" }]
+#     }]
+#   }
+# }
+#
+# Recovery: Add to CLAUDE.md:
+#   "If ~/.claude/checkpoints/ has a file for this project, read it first."
+INPUT=$(cat)
+REASON=$(echo "$INPUT" | jq -r '.stop_reason // empty' 2>/dev/null)
+CHECKPOINT_DIR="$HOME/.claude/checkpoints"
+mkdir -p "$CHECKPOINT_DIR"
+PROJECT_NAME=$(basename "$(pwd)")
+CHECKPOINT="$CHECKPOINT_DIR/${PROJECT_NAME}-latest.md"
+{
+    echo "# Session Checkpoint"
+    echo "Saved: $(date -Iseconds)"
+    echo "Directory: $(pwd)"
+    echo "Stop reason: ${REASON:-unknown}"
+    echo ""
+    echo "## Recent Commits"
+    git log --oneline -10 2>/dev/null || echo "(not a git repo)"
+    echo ""
+    echo "## Uncommitted Changes"
+    git diff --stat 2>/dev/null || echo "(none)"
+    echo ""
+    echo "## Staged Files"
+    git diff --cached --name-only 2>/dev/null || echo "(none)"
+    echo ""
+    echo "## Current Branch"
+    git branch --show-current 2>/dev/null || echo "(unknown)"
+} > "$CHECKPOINT" 2>/dev/null
+# Cleanup: keep only last 10 checkpoints
+ls -t "$CHECKPOINT_DIR"/*.md 2>/dev/null | tail -n +11 | xargs rm -f 2>/dev/null
+exit 0

package/index.mjs CHANGED Viewed

@@ -71,6 +71,7 @@ const INSTALL_EXAMPLE = INSTALL_EXAMPLE_IDX !== -1 ? process.argv[INSTALL_EXAMPL
 const AUDIT = process.argv.includes('--audit');
 const LEARN = process.argv.includes('--learn');
 const SCAN = process.argv.includes('--scan');
+const FULL = process.argv.includes('--full');
 if (HELP) {
   console.log(`
@@ -568,6 +569,18 @@ async function audit() {
     console.log();
     console.log(c.dim + '  Run with --fix to auto-apply: npx cc-safe-setup --audit --fix' + c.reset);
   }
+  // Badge output
+  if (process.argv.includes('--badge')) {
+    const color = score >= 80 ? 'brightgreen' : score >= 50 ? 'yellow' : 'red';
+    const badge = `![Claude Code Safety](https://img.shields.io/badge/Claude_Code_Safety-${score}%2F100-${color})`;
+    console.log();
+    console.log(c.bold + '  README Badge:' + c.reset);
+    console.log('  ' + badge);
+    console.log();
+    console.log(c.dim + '  Paste this into your README.md' + c.reset);
+  }
   console.log();
 }
@@ -683,6 +696,44 @@ exit 0`;
   console.log();
 }
+async function fullSetup() {
+  console.log();
+  console.log(c.bold + c.green + '  cc-safe-setup --full' + c.reset);
+  console.log(c.dim + '  Complete safety setup in one command' + c.reset);
+  console.log();
+  const { execSync } = await import('child_process');
+  const self = process.argv[1];
+  // Step 1: Install 8 built-in hooks
+  console.log(c.bold + '  Step 1: Installing 8 built-in safety hooks...' + c.reset);
+  try {
+    execSync('node ' + self + ' --yes', { stdio: 'inherit' });
+  } catch(e) {
+    // --yes doesn't exist, run normal install
+    execSync('node ' + self, { stdio: 'inherit', input: 'y\n' });
+  }
+  // Step 2: Scan project and create CLAUDE.md
+  console.log();
+  console.log(c.bold + '  Step 2: Scanning project and creating CLAUDE.md...' + c.reset);
+  scan();
+  // Step 3: Audit and show results
+  console.log();
+  console.log(c.bold + '  Step 3: Running safety audit...' + c.reset);
+  // Inject --badge into argv temporarily
+  process.argv.push('--badge');
+  await audit();
+  console.log(c.bold + c.green + '  ✓ Full setup complete!' + c.reset);
+  console.log(c.dim + '  Your project now has:' + c.reset);
+  console.log(c.dim + '  • 8 built-in safety hooks' + c.reset);
+  console.log(c.dim + '  • Project-specific hook recommendations' + c.reset);
+  console.log(c.dim + '  • Safety score and README badge' + c.reset);
+  console.log();
+}
 function scan() {
   console.log();
   console.log(c.bold + '  cc-safe-setup --scan' + c.reset);
@@ -832,6 +883,7 @@ async function main() {
   if (AUDIT) return audit();
   if (LEARN) return learn();
   if (SCAN) return scan();
+  if (FULL) return fullSetup();
   console.log();
   console.log(c.bold + '  cc-safe-setup' + c.reset);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "cc-safe-setup",
-  "version": "2.3.0",
+  "version": "2.4.0",
   "description": "One command to make Claude Code safe for autonomous operation. 8 built-in hooks + 25 installable examples. Destructive blocker, branch guard, database wipe protection, dotfile guard, and more.",
   "main": "index.mjs",
   "bin": {