npm - cc-safe-setup - Versions diffs - 26.0.0 → 28.0.0 - Mend

cc-safe-setup 26.0.0 → 28.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

package/README.md +1 -1
package/examples/check-abort-controller.sh +5 -0
package/examples/check-aria-labels.sh +4 -0
package/examples/check-async-await-consistency.sh +5 -0
package/examples/check-charset-meta.sh +4 -0
package/examples/check-cleanup-effect.sh +5 -0
package/examples/check-controlled-input.sh +5 -0
package/examples/check-debounce.sh +5 -0
package/examples/check-error-class.sh +5 -0
package/examples/check-error-logging.sh +5 -0
package/examples/check-favicon.sh +4 -0
package/examples/check-key-prop.sh +5 -0
package/examples/check-lang-attribute.sh +4 -0
package/examples/check-lazy-loading.sh +5 -0
package/examples/check-memo-deps.sh +5 -0
package/examples/check-null-check.sh +5 -0
package/examples/check-pagination.sh +5 -0
package/examples/check-promise-all.sh +5 -0
package/examples/check-prop-types.sh +5 -0
package/examples/check-retry-logic.sh +5 -0
package/examples/check-suspense-fallback.sh +5 -0
package/examples/check-timeout-cleanup.sh +5 -0
package/examples/check-type-coercion.sh +5 -0
package/examples/check-unsubscribe.sh +5 -0
package/examples/check-viewport-meta.sh +4 -0
package/examples/check-worker-terminate.sh +5 -0
package/examples/no-alert-confirm-prompt.sh +4 -0
package/examples/no-assignment-in-condition.sh +4 -0
package/examples/no-callback-hell.sh +4 -0
package/examples/no-catch-all-route.sh +5 -0
package/examples/no-class-in-functional.sh +5 -0
package/examples/no-console-assert.sh +4 -0
package/examples/no-direct-dom-manipulation.sh +5 -0
package/examples/no-index-as-key.sh +5 -0
package/examples/no-infinite-scroll-mem.sh +5 -0
package/examples/no-inline-handler.sh +5 -0
package/examples/no-long-switch.sh +5 -0
package/examples/no-memory-leak-interval.sh +5 -0
package/examples/no-mutation-observer-leak.sh +5 -0
package/examples/no-nested-subscribe.sh +5 -0
package/examples/no-new-array-fill.sh +5 -0
package/examples/no-object-freeze-mutation.sh +5 -0
package/examples/no-redundant-fragment.sh +5 -0
package/examples/no-render-in-loop.sh +5 -0
package/examples/no-side-effects-in-render.sh +5 -0
package/examples/no-sync-external-call.sh +5 -0
package/examples/no-throw-string.sh +5 -0
package/examples/no-triple-slash-ref.sh +5 -0
package/examples/no-unreachable-code.sh +5 -0
package/examples/no-unused-state.sh +5 -0
package/examples/no-with-statement.sh +4 -0
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -6,7 +6,7 @@
 **One command to make Claude Code safe for autonomous operation.** [日本語](docs/README.ja.md)
-8 built-in + 124 examples = **250 hooks**. 45 CLI commands. 561 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Wizard](https://yurukusa.github.io/cc-safe-setup/wizard.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
+8 built-in + 124 examples = **300 hooks**. 45 CLI commands. 561 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Wizard](https://yurukusa.github.io/cc-safe-setup/wizard.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
 ```bash
 npx cc-safe-setup

package/examples/check-abort-controller.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on fetch without AbortController" >&2
+exit 0

package/examples/check-aria-labels.sh ADDED Viewed

@@ -0,0 +1,4 @@
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -qE "<(button|a|input)[^>]*>" && ! echo "$CONTENT" | grep -q "aria-" && echo "NOTE: Interactive element without ARIA" >&2
+exit 0

package/examples/check-async-await-consistency.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on mixing callbacks and async" >&2
+exit 0

package/examples/check-charset-meta.sh ADDED Viewed

@@ -0,0 +1,4 @@
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -q "<head" && ! echo "$CONTENT" | grep -q "charset" && echo "NOTE: Missing charset meta" >&2
+exit 0

package/examples/check-cleanup-effect.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on useEffect without cleanup" >&2
+exit 0

package/examples/check-controlled-input.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on uncontrolled form inputs" >&2
+exit 0

package/examples/check-debounce.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on rapid event handlers without debounce" >&2
+exit 0

package/examples/check-error-class.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on throwing non-Error objects" >&2
+exit 0

package/examples/check-error-logging.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on missing error logging" >&2
+exit 0

package/examples/check-favicon.sh ADDED Viewed

@@ -0,0 +1,4 @@
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -q "<head" && ! echo "$CONTENT" | grep -q "favicon" && echo "NOTE: Missing favicon link" >&2
+exit 0

package/examples/check-key-prop.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on missing key prop in map" >&2
+exit 0

package/examples/check-lang-attribute.sh ADDED Viewed

@@ -0,0 +1,4 @@
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -qE "<html[^>]*>" && ! echo "$CONTENT" | grep -q "lang=" && echo "NOTE: Missing lang attribute" >&2
+exit 0

package/examples/check-lazy-loading.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Suggest lazy loading for large imports" >&2
+exit 0

package/examples/check-memo-deps.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on missing useMemo/useCallback deps" >&2
+exit 0

package/examples/check-null-check.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on missing null checks" >&2
+exit 0

package/examples/check-pagination.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on unbounded data queries" >&2
+exit 0

package/examples/check-promise-all.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on Promise.all without error handling" >&2
+exit 0

package/examples/check-prop-types.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on missing PropTypes/interface" >&2
+exit 0

package/examples/check-retry-logic.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on API calls without retry" >&2
+exit 0

package/examples/check-suspense-fallback.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on missing Suspense fallback" >&2
+exit 0

package/examples/check-timeout-cleanup.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on setTimeout without clearTimeout" >&2
+exit 0

package/examples/check-type-coercion.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on loose equality (==)" >&2
+exit 0

package/examples/check-unsubscribe.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on missing event unsubscribe" >&2
+exit 0

package/examples/check-viewport-meta.sh ADDED Viewed

@@ -0,0 +1,4 @@
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -q "<head" && ! echo "$CONTENT" | grep -q "viewport" && echo "NOTE: Missing viewport meta" >&2
+exit 0

package/examples/check-worker-terminate.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on Web Worker without terminate" >&2
+exit 0

package/examples/no-alert-confirm-prompt.sh ADDED Viewed

@@ -0,0 +1,4 @@
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -qE "\balert\(|\bconfirm\(|\bprompt\(" && echo "WARNING: alert/confirm/prompt in code" >&2
+exit 0

package/examples/no-assignment-in-condition.sh ADDED Viewed

@@ -0,0 +1,4 @@
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -qE "if\s*\([^=]*=[^=]" && echo "NOTE: Assignment in condition (use ===)" >&2
+exit 0

package/examples/no-callback-hell.sh ADDED Viewed

@@ -0,0 +1,4 @@
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+DEPTH=$(echo "$CONTENT" | grep -c "function\s*("); [ "$DEPTH" -gt 3 ] && echo "NOTE: Possible callback hell ($DEPTH levels)" >&2
+exit 0

package/examples/no-catch-all-route.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on catch-all routes without 404" >&2
+exit 0

package/examples/no-class-in-functional.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on class patterns in functional" >&2
+exit 0

package/examples/no-console-assert.sh ADDED Viewed

@@ -0,0 +1,4 @@
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -q "console.assert" && echo "NOTE: console.assert in code" >&2
+exit 0

package/examples/no-direct-dom-manipulation.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on direct DOM in React" >&2
+exit 0

package/examples/no-index-as-key.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on using index as React key" >&2
+exit 0

package/examples/no-infinite-scroll-mem.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on infinite scroll without virtualization" >&2
+exit 0

package/examples/no-inline-handler.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on inline event handlers" >&2
+exit 0

package/examples/no-long-switch.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on switch with 10+ cases" >&2
+exit 0

package/examples/no-memory-leak-interval.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on setInterval without clearInterval" >&2
+exit 0

package/examples/no-mutation-observer-leak.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on MutationObserver without disconnect" >&2
+exit 0

package/examples/no-nested-subscribe.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on nested event subscriptions" >&2
+exit 0

package/examples/no-new-array-fill.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on Array constructor pitfalls" >&2
+exit 0

package/examples/no-object-freeze-mutation.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on mutating frozen objects" >&2
+exit 0

package/examples/no-redundant-fragment.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on unnecessary React fragments" >&2
+exit 0

package/examples/no-render-in-loop.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on render calls in loops" >&2
+exit 0

package/examples/no-side-effects-in-render.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on side effects in render" >&2
+exit 0

package/examples/no-sync-external-call.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on sync external API calls" >&2
+exit 0

package/examples/no-throw-string.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on throwing strings" >&2
+exit 0

package/examples/no-triple-slash-ref.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on TS triple-slash references" >&2
+exit 0

package/examples/no-unreachable-code.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on code after return" >&2
+exit 0

package/examples/no-unused-state.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "NOTE: Warn on unused state in components" >&2
+exit 0

package/examples/no-with-statement.sh ADDED Viewed

@@ -0,0 +1,4 @@
+CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
+[ -z "$CONTENT" ] && exit 0
+echo "$CONTENT" | grep -qE "\bwith\s*\(" && echo "WARNING: with statement is deprecated" >&2
+exit 0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "cc-safe-setup",
-  "version": "26.0.0",
+  "version": "28.0.0",
   "description": "One command to make Claude Code safe. 59 hooks (8 built-in + 51 examples). 26 CLI commands: dashboard, create, audit, lint, diff, migrate, compare, generate-ci. 284 tests.",
   "main": "index.mjs",
   "bin": {