codeproof 1.0.4 → 1.0.5

package/bin/codeproof.js

@@ -1,61 +1,61 @@
 #!/usr/bin/env node
-import { runInit } from "../commands/init.js";
-import { runCli } from "../commands/run.js";
-import { runReportDashboard } from "../commands/reportDashboard.js";
-import { runMoveSecret } from "../commands/moveSecret.js";
-import { runWhoAmI } from "../commands/whoami.js";
-import { runIgnore } from "../commands/ignore.js";
-import { runApply } from "../commands/apply.js";
-import { logError, logInfo } from "../utils/logger.js";
-
-const [, , command, ...args] = process.argv;
-
-async function main() {
-  if (!command || command === "-h" || command === "--help") {
-    logInfo("Usage: codeproof <command>\n\nCommands:\n  init               Initialize CodeProof in a Git repository\n  run                Run CodeProof checks (stub)\n  report@dashboard   Send latest report and show dashboard link\n  move-secret        Move high-confidence secrets to .env\n  ignore             Temporarily disable commit enforcement\n  apply              Re-enable commit enforcement\n  whoami             Show the local CodeProof client ID");
-    process.exit(0);
-  }
-
-  if (command === "init") {
-    await runInit({ args, cwd: process.cwd() });
-    return;
-  }
-
-  if (command === "run") {
-    await runCli({ args, cwd: process.cwd() });
-    return;
-  }
-
-  if (command === "report@dashboard") {
-    await runReportDashboard({ args, cwd: process.cwd() });
-    return;
-  }
-
-  if (command === "move-secret") {
-    await runMoveSecret({ args, cwd: process.cwd() });
-    return;
-  }
-
-  if (command === "ignore") {
-    await runIgnore({ args, cwd: process.cwd() });
-    return;
-  }
-
-  if (command === "apply") {
-    await runApply({ args, cwd: process.cwd() });
-    return;
-  }
-
-  if (command === "whoami") {
-    await runWhoAmI();
-    return;
-  }
-
-  logError(`Unknown command: ${command}`);
-  process.exit(1);
-}
-
-main().catch((error) => {
-  logError(error?.message || String(error));
-  process.exit(1);
-});
+import { runInit } from "../commands/init.js";
+import { runCli } from "../commands/run.js";
+import { runReportDashboard } from "../commands/reportDashboard.js";
+import { runMoveSecret } from "../commands/moveSecret.js";
+import { runWhoAmI } from "../commands/whoami.js";
+import { runIgnore } from "../commands/ignore.js";
+import { runApply } from "../commands/apply.js";
+import { logError, logInfo } from "../utils/logger.js";
+
+const [, , command, ...args] = process.argv;
+
+async function main() {
+  if (!command || command === "-h" || command === "--help") {
+    logInfo("Usage: codeproof <command>\n\nCommands:\n  init               Initialize CodeProof in a Git repository\n  run                Run CodeProof checks (stub)\n  report@dashboard   Send latest report and show dashboard link\n  move-secret        Move high-confidence secrets to .env\n  ignore             Temporarily disable commit enforcement\n  apply              Re-enable commit enforcement\n  whoami             Show the local CodeProof client ID");
+    process.exit(0);
+  }
+
+  if (command === "init") {
+    await runInit({ args, cwd: process.cwd() });
+    return;
+  }
+
+  if (command === "run") {
+    await runCli({ args, cwd: process.cwd() });
+    return;
+  }
+
+  if (command === "report@dashboard") {
+    await runReportDashboard({ args, cwd: process.cwd() });
+    return;
+  }
+
+  if (command === "move-secret") {
+    await runMoveSecret({ args, cwd: process.cwd() });
+    return;
+  }
+
+  if (command === "ignore") {
+    await runIgnore({ args, cwd: process.cwd() });
+    return;
+  }
+
+  if (command === "apply") {
+    await runApply({ args, cwd: process.cwd() });
+    return;
+  }
+
+  if (command === "whoami") {
+    await runWhoAmI();
+    return;
+  }
+
+  logError(`Unknown command: ${command}`);
+  process.exit(1);
+}
+
+main().catch((error) => {
+  logError(error?.message || String(error));
+  process.exit(1);
+});

package/commands/apply.js

@@ -1,32 +1,32 @@
-import { ensureGitRepo, getGitRoot } from "../utils/git.js";
-import { logError, logInfo, logSuccess, logWarn } from "../utils/logger.js";
-import { getEnforcementState, setEnforcementState } from "../core/enforcement.js";
-
-export async function runApply({ cwd }) {
-  // Re-enable enforcement explicitly to restore pre-commit blocking.
-  ensureGitRepo(cwd);
-  const gitRoot = getGitRoot(cwd);
-
-  let current = "enabled";
-  try {
-    current = getEnforcementState(gitRoot);
-  } catch (error) {
-    logError(error?.message || "Unable to read codeproof.config.json.");
-    process.exit(1);
-  }
-
-  if (current === "enabled") {
-    logWarn("CodeProof enforcement is already enabled.");
-    return;
-  }
-
-  try {
-    setEnforcementState(gitRoot, "enabled");
-  } catch (error) {
-    logError(error?.message || "Unable to update codeproof.config.json.");
-    process.exit(1);
-  }
-
-  logSuccess("CodeProof enforcement re-enabled.");
-  logInfo("Pre-commit protection active.");
-}
+import { ensureGitRepo, getGitRoot } from "../utils/git.js";
+import { logError, logInfo, logSuccess, logWarn } from "../utils/logger.js";
+import { getEnforcementState, setEnforcementState } from "../core/enforcement.js";
+
+export async function runApply({ cwd }) {
+  // Re-enable enforcement explicitly to restore pre-commit blocking.
+  ensureGitRepo(cwd);
+  const gitRoot = getGitRoot(cwd);
+
+  let current = "enabled";
+  try {
+    current = getEnforcementState(gitRoot);
+  } catch (error) {
+    logError(error?.message || "Unable to read codeproof.config.json.");
+    process.exit(1);
+  }
+
+  if (current === "enabled") {
+    logWarn("CodeProof enforcement is already enabled.");
+    return;
+  }
+
+  try {
+    setEnforcementState(gitRoot, "enabled");
+  } catch (error) {
+    logError(error?.message || "Unable to update codeproof.config.json.");
+    process.exit(1);
+  }
+
+  logSuccess("CodeProof enforcement re-enabled.");
+  logInfo("Pre-commit protection active.");
+}

package/commands/ignore.js

@@ -1,32 +1,32 @@
-import { ensureGitRepo, getGitRoot } from "../utils/git.js";
-import { logError, logInfo, logSuccess, logWarn } from "../utils/logger.js";
-import { getEnforcementState, setEnforcementState } from "../core/enforcement.js";
-
-export async function runIgnore({ cwd }) {
-  // Controlled bypass: disabling enforcement is explicit and project-scoped.
-  ensureGitRepo(cwd);
-  const gitRoot = getGitRoot(cwd);
-
-  let current = "enabled";
-  try {
-    current = getEnforcementState(gitRoot);
-  } catch (error) {
-    logError(error?.message || "Unable to read codeproof.config.json.");
-    process.exit(1);
-  }
-
-  if (current === "disabled") {
-    logWarn("CodeProof enforcement is already disabled.");
-    return;
-  }
-
-  try {
-    setEnforcementState(gitRoot, "disabled");
-  } catch (error) {
-    logError(error?.message || "Unable to update codeproof.config.json.");
-    process.exit(1);
-  }
-
-  logSuccess("CodeProof enforcement disabled.");
-  logInfo("Commits will not be blocked until `codeproof apply` is run.");
-}
+import { ensureGitRepo, getGitRoot } from "../utils/git.js";
+import { logError, logInfo, logSuccess, logWarn } from "../utils/logger.js";
+import { getEnforcementState, setEnforcementState } from "../core/enforcement.js";
+
+export async function runIgnore({ cwd }) {
+  // Controlled bypass: disabling enforcement is explicit and project-scoped.
+  ensureGitRepo(cwd);
+  const gitRoot = getGitRoot(cwd);
+
+  let current = "enabled";
+  try {
+    current = getEnforcementState(gitRoot);
+  } catch (error) {
+    logError(error?.message || "Unable to read codeproof.config.json.");
+    process.exit(1);
+  }
+
+  if (current === "disabled") {
+    logWarn("CodeProof enforcement is already disabled.");
+    return;
+  }
+
+  try {
+    setEnforcementState(gitRoot, "disabled");
+  } catch (error) {
+    logError(error?.message || "Unable to update codeproof.config.json.");
+    process.exit(1);
+  }
+
+  logSuccess("CodeProof enforcement disabled.");
+  logInfo("Commits will not be blocked until `codeproof apply` is run.");
+}

package/commands/init.js

@@ -1,107 +1,107 @@
-import path from "path";
-import fs from "fs";
-import { ensureGitRepo, getGitRoot } from "../utils/git.js";
-import { logInfo, logSuccess, logWarn } from "../utils/logger.js";
-import { detectProjectType } from "../utils/projectType.js";
-import { installPreCommitHook } from "../hooks/preCommit.js";
-import { showWelcomeScreen } from "../ui/welcomeScreen.js";
-import { getClientId } from "../core/identity.js";
-import { randomUUID } from "crypto";
-
-
-
-export async function runInit({ cwd }) {
-  logInfo("Initializing CodeProof...");
-
-  getClientId();
-  
-  ensureGitRepo(cwd);
-  logSuccess("Git repository detected.");
-  
-  const gitRoot = getGitRoot(cwd);
-  logInfo(`Project root: ${gitRoot}`);
-
-  const projectType = detectProjectType(gitRoot);
-  logInfo(`Detected project type: ${projectType}`);
-
-  const configPath = path.join(gitRoot, "codeproof.config.json");
-  // Avoid overwriting user configuration to keep init idempotent.
-  if (fs.existsSync(configPath)) {
-    let updated = false;
-    try {
-      const raw = fs.readFileSync(configPath, "utf8");
-      const existing = JSON.parse(raw);
-      if (!existing.projectId) {
-        existing.projectId = randomUUID();
-        updated = true;
-        fs.writeFileSync(configPath, JSON.stringify(existing, null, 2) + "\n", "utf8");
-      }
-    } catch {
-      logWarn("Config already exists but could not be updated.");
-    }
-
-    if (updated) {
-      logSuccess("Added projectId to codeproof.config.json");
-    } else {
-      logWarn("Config already exists. Skipping creation.");
-    }
-  } else {
-    const config = {
-      projectId: randomUUID(),
-      projectType,
-      scanMode: "staged",
-      enforcement: "enabled",
-      features: {
-        reporting: true,
-        integration: false,
-        aiEscalation: false,
-        secretRemediation: false
-      },
-      integration: {
-        enabled: false,
-        endpointUrl: ""
-      },
-      severityRules: {
-        block: [],
-        warn: [],
-        allow: []
-      }
-    };
-    fs.writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n", "utf8");
-    logSuccess("Created codeproof.config.json");
-  }
-
-  try {
-    const raw = fs.readFileSync(configPath, "utf8");
-    const existing = JSON.parse(raw);
-    if (!existing.enforcement) {
-      existing.enforcement = "enabled";
-      fs.writeFileSync(configPath, JSON.stringify(existing, null, 2) + "\n", "utf8");
-      logSuccess("Added enforcement=enabled to codeproof.config.json");
-    }
-  } catch {
-    logWarn("Unable to update enforcement in codeproof.config.json.");
-  }
-
-  installPreCommitHook(gitRoot);
-  logSuccess("Pre-commit hook installed.");
-
-  logSuccess("CodeProof initialization complete.");
-
-  let scanMode = "staged";
-  try {
-    const configRaw = fs.readFileSync(configPath, "utf8");
-    const parsed = JSON.parse(configRaw);
-    if (parsed?.scanMode) {
-      scanMode = String(parsed.scanMode).toLowerCase();
-    }
-  } catch {
-    // UX: welcome message should never fail init; fall back to defaults for display.
-  }
-
-  showWelcomeScreen({
-    projectType,
-    scanMode,
-    configPath
-  });
+import path from "path";
+import fs from "fs";
+import { ensureGitRepo, getGitRoot } from "../utils/git.js";
+import { logInfo, logSuccess, logWarn } from "../utils/logger.js";
+import { detectProjectType } from "../utils/projectType.js";
+import { installPreCommitHook } from "../hooks/preCommit.js";
+import { showWelcomeScreen } from "../ui/welcomeScreen.js";
+import { getClientId } from "../core/identity.js";
+import { randomUUID } from "crypto";
+
+
+
+export async function runInit({ cwd }) {
+  logInfo("Initializing CodeProof...");
+
+  getClientId();
+  
+  ensureGitRepo(cwd);
+  logSuccess("Git repository detected.");
+  
+  const gitRoot = getGitRoot(cwd);
+  logInfo(`Project root: ${gitRoot}`);
+
+  const projectType = detectProjectType(gitRoot);
+  logInfo(`Detected project type: ${projectType}`);
+
+  const configPath = path.join(gitRoot, "codeproof.config.json");
+  // Avoid overwriting user configuration to keep init idempotent.
+  if (fs.existsSync(configPath)) {
+    let updated = false;
+    try {
+      const raw = fs.readFileSync(configPath, "utf8");
+      const existing = JSON.parse(raw);
+      if (!existing.projectId) {
+        existing.projectId = randomUUID();
+        updated = true;
+        fs.writeFileSync(configPath, JSON.stringify(existing, null, 2) + "\n", "utf8");
+      }
+    } catch {
+      logWarn("Config already exists but could not be updated.");
+    }
+
+    if (updated) {
+      logSuccess("Added projectId to codeproof.config.json");
+    } else {
+      logWarn("Config already exists. Skipping creation.");
+    }
+  } else {
+    const config = {
+      projectId: randomUUID(),
+      projectType,
+      scanMode: "staged",
+      enforcement: "enabled",
+      features: {
+        reporting: true,
+        integration: false,
+        aiEscalation: false,
+        secretRemediation: false
+      },
+      integration: {
+        enabled: false,
+        endpointUrl: ""
+      },
+      severityRules: {
+        block: [],
+        warn: [],
+        allow: []
+      }
+    };
+    fs.writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n", "utf8");
+    logSuccess("Created codeproof.config.json");
+  }
+
+  try {
+    const raw = fs.readFileSync(configPath, "utf8");
+    const existing = JSON.parse(raw);
+    if (!existing.enforcement) {
+      existing.enforcement = "enabled";
+      fs.writeFileSync(configPath, JSON.stringify(existing, null, 2) + "\n", "utf8");
+      logSuccess("Added enforcement=enabled to codeproof.config.json");
+    }
+  } catch {
+    logWarn("Unable to update enforcement in codeproof.config.json.");
+  }
+
+  installPreCommitHook(gitRoot);
+  logSuccess("Pre-commit hook installed.");
+
+  logSuccess("CodeProof initialization complete.");
+
+  let scanMode = "staged";
+  try {
+    const configRaw = fs.readFileSync(configPath, "utf8");
+    const parsed = JSON.parse(configRaw);
+    if (parsed?.scanMode) {
+      scanMode = String(parsed.scanMode).toLowerCase();
+    }
+  } catch {
+    // UX: welcome message should never fail init; fall back to defaults for display.
+  }
+
+  showWelcomeScreen({
+    projectType,
+    scanMode,
+    configPath
+  });
 }