clikit-plugin 0.2.15 → 0.2.16

package/dist/hooks/security-check.d.ts

@@ -16,5 +16,5 @@ export interface SecurityCheckResult {
 }
 export declare function scanContentForSecrets(content: string, filename?: string): SecurityCheckResult;
 export declare function isSensitiveFile(filepath: string): boolean;
-export declare function formatSecurityWarning(result: SecurityCheckResult): string;
+export declare function formatSecurityWarning(result: SecurityCheckResult | unknown): string;
 //# sourceMappingURL=security-check.d.ts.map

package/dist/hooks/security-check.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"security-check.d.ts","sourceRoot":"","sources":["../../src/hooks/security-check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAyBH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,OAAO,CAAC;IACd,QAAQ,EAAE,eAAe,EAAE,CAAC;CAC7B;AAED,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,mBAAmB,CAmB7F;AAED,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAEzD;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,mBAAmB,GAAG,MAAM,CAUzE"}
+{"version":3,"file":"security-check.d.ts","sourceRoot":"","sources":["../../src/hooks/security-check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAyBH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,OAAO,CAAC;IACd,QAAQ,EAAE,eAAe,EAAE,CAAC;CAC7B;AA2BD,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,mBAAmB,CAmB7F;AAED,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAEzD;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,GAAG,MAAM,CAWnF"}

package/dist/index.js

@@ -3962,6 +3962,24 @@ var SENSITIVE_FILES = [
   /id_rsa$/,
   /id_ed25519$/
 ];
+function normalizeSecurityResult(result) {
+  if (!result || typeof result !== "object") {
+    return { safe: true, findings: [] };
+  }
+  const raw = result;
+  const findings = Array.isArray(raw.findings) ? raw.findings.filter((item) => !!item && typeof item === "object").map((record) => {
+    return {
+      type: typeof record.type === "string" ? record.type : "Unknown",
+      file: typeof record.file === "string" ? record.file : undefined,
+      line: typeof record.line === "number" ? record.line : undefined,
+      snippet: typeof record.snippet === "string" ? record.snippet : undefined
+    };
+  }) : [];
+  return {
+    safe: typeof raw.safe === "boolean" ? raw.safe : findings.length === 0,
+    findings
+  };
+}
 function scanContentForSecrets(content, filename) {
   if (typeof content !== "string")
     return { safe: true, findings: [] };
@@ -3986,8 +4004,9 @@ function isSensitiveFile(filepath) {
   return SENSITIVE_FILES.some((pattern) => pattern.test(filepath));
 }
 function formatSecurityWarning(result) {
+  const safeResult = normalizeSecurityResult(result);
   const lines = ["[CliKit:security] Potential secrets detected:"];
-  for (const f of result.findings) {
+  for (const f of safeResult.findings) {
     lines.push(`  - ${f.type}${f.file ? ` in ${f.file}` : ""}${f.line ? `:${f.line}` : ""}`);
     if (f.snippet) {
       lines.push(`    ${f.snippet.substring(0, 60)}...`);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clikit-plugin",
-  "version": "0.2.15",
+  "version": "0.2.16",
   "description": "OpenCode plugin with 10 agents, 19 commands, 48 skills, 14 hooks",
   "type": "module",
   "main": "./dist/index.js",
@@ -52,11 +52,12 @@
   },
   "homepage": "https://github.com/KiraKas-Tr/CliKit#readme",
   "dependencies": {
-    "@opencode-ai/plugin": "1.2.1",
+    "@opencode-ai/plugin": "1.2.4",
     "gray-matter": "^4.0.3"
   },
   "devDependencies": {
     "bun-types": "latest",
+    "clikit-plugin": "^0.2.15",
     "typescript": "^5.7.3"
   },
   "peerDependencies": {