cc-safe-setup 22.1.0 → 23.0.0

package/README.md

@@ -6,7 +6,7 @@
 
 **One command to make Claude Code safe for autonomous operation.** [日本語](docs/README.ja.md)
 
-8 built-in + 124 examples = **205 hooks**. 45 CLI commands. 561 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Wizard](https://yurukusa.github.io/cc-safe-setup/wizard.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
+8 built-in + 124 examples = **210 hooks**. 45 CLI commands. 561 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Wizard](https://yurukusa.github.io/cc-safe-setup/wizard.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
 
 ```bash
 npx cc-safe-setup

package/examples/check-gitattributes.sh

@@ -0,0 +1,4 @@
+# TRIGGER: PreToolUse  MATCHER: "Bash"
+COMMAND=$(cat | jq -r ".tool_input.command // empty" 2>/dev/null)
+echo "$COMMAND" | grep -qE "git\s+add.*\.(zip|tar|bin|exe)" && [ ! -f ".gitattributes" ] && echo "NOTE: Binary file without .gitattributes LFS config" >&2
+exit 0

package/examples/env-naming-convention.sh

@@ -0,0 +1,5 @@
+# TRIGGER: PostToolUse  MATCHER: "Edit|Write"
+CONTENT=$(cat | jq -r ".tool_input.new_string // empty" 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -qE "process\.env\.[a-z]" && echo "NOTE: Lowercase env var name — convention is UPPER_CASE" >&2
+exit 0

package/examples/no-anonymous-default-export.sh

@@ -0,0 +1,5 @@
+# TRIGGER: PostToolUse  MATCHER: "Edit|Write"
+CONTENT=$(cat | jq -r ".tool_input.new_string // empty" 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -qE "export default function\s*\(" && echo "NOTE: Anonymous default export — name for better debugging" >&2
+exit 0

package/examples/no-raw-password-in-url.sh

@@ -0,0 +1,5 @@
+# TRIGGER: PostToolUse  MATCHER: "Edit|Write"
+CONTENT=$(cat | jq -r ".tool_input.new_string // empty" 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -qE "://\w+:\w+@" && echo "WARNING: Password in URL — use env vars" >&2
+exit 0

package/examples/no-wildcard-delete.sh

@@ -0,0 +1,5 @@
+# TRIGGER: PreToolUse  MATCHER: "Bash"
+COMMAND=$(cat | jq -r ".tool_input.command // empty" 2>/dev/null)
+[ -z "$COMMAND" ] && exit 0
+if echo "$COMMAND" | grep -qE "rm\s+.*\*"; then echo "WARNING: rm with wildcard pattern" >&2; fi
+exit 0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cc-safe-setup",
-  "version": "22.1.0",
+  "version": "23.0.0",
   "description": "One command to make Claude Code safe. 59 hooks (8 built-in + 51 examples). 26 CLI commands: dashboard, create, audit, lint, diff, migrate, compare, generate-ci. 284 tests.",
   "main": "index.mjs",
   "bin": {