codegpt-ai 1.3.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/bin/setup.js +27 -18
  2. package/package.json +1 -1
package/bin/setup.js CHANGED
@@ -1,5 +1,10 @@
1
1
  #!/usr/bin/env node
2
- // Post-install: ensure Python deps are installed
2
+ /**
3
+ * Post-install: check environment, DO NOT auto-install pip packages.
4
+ * Users must explicitly run `ai setup` or `pip install` themselves.
5
+ * This prevents supply chain attacks via transitive dependency hijacking.
6
+ */
7
+
3
8
  const { execSync } = require("child_process");
4
9
 
5
10
  const pythonCmds = process.platform === "win32"
@@ -18,23 +23,27 @@ function findPython() {
18
23
 
19
24
  const python = findPython();
20
25
 
21
- if (!python) {
22
- console.log("\n CodeGPT installed but Python not found.");
23
- console.log(" Install Python from https://python.org");
24
- console.log(" Then run: pip install requests rich prompt-toolkit\n");
25
- process.exit(0);
26
- }
26
+ console.log("\n CodeGPT installed successfully.\n");
27
27
 
28
- // Install Python deps
29
- console.log(" Installing Python dependencies...");
30
- try {
31
- execSync(`${python} -m pip install requests rich prompt-toolkit --quiet`, {
32
- stdio: "inherit",
33
- });
34
- console.log(" Python dependencies installed.");
35
- } catch {
36
- console.log(" Warning: Could not install Python deps.");
37
- console.log(" Run manually: pip install requests rich prompt-toolkit");
28
+ if (python) {
29
+ // Check if deps are already installed
30
+ let depsOk = true;
31
+ try {
32
+ execSync(`${python} -c "import requests, rich, prompt_toolkit"`, { stdio: "pipe" });
33
+ } catch {
34
+ depsOk = false;
35
+ }
36
+
37
+ if (depsOk) {
38
+ console.log(" Python dependencies: ready");
39
+ } else {
40
+ console.log(" Python found but dependencies missing.");
41
+ console.log(" Run: pip install requests rich prompt-toolkit");
42
+ }
43
+ } else {
44
+ console.log(" Python not found — Node.js mode will be used.");
45
+ console.log(" Install Python for the full 80+ command experience.");
38
46
  }
39
47
 
40
- console.log("\n CodeGPT ready! Type: ai\n");
48
+ console.log("\n Type: ai");
49
+ console.log(" Docs: https://github.com/CCguvycu/codegpt\n");
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "codegpt-ai",
3
- "version": "1.3.0",
3
+ "version": "1.4.0",
4
4
  "description": "Local AI Assistant Hub — 80+ commands, 29 tools, 8 agents, training, security",
5
5
  "author": "ArukuX",
6
6
  "license": "MIT",