npm - codymaster - Versions diffs - 4.5.1 → 4.5.2 - Mend

codymaster 4.5.1 → 4.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/package.json +2 -1
package/scripts/gate-0-secrets.js +63 -0
package/scripts/gate-1-syntax.js +53 -0
package/scripts/gate-5-dist-verify.js +55 -0
package/scripts/gate-6-smoke-test.js +30 -0
package/scripts/index-codebase.sh +552 -0
package/scripts/mcp-bridge.js +284 -0
package/scripts/postinstall.js +301 -0
package/scripts/security-fixer.js +143 -0
package/scripts/security-scan.js +55 -0
package/scripts/test-gemini.js +13 -0
package/scripts/todo-bridge.js +112 -0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "codymaster",
-  "version": "4.5.1",
+  "version": "4.5.2",
   "description": "68+ Skills. Ship 10x faster. AI-powered coding skill kit for Claude, Cursor, Gemini & more.",
   "main": "dist/index.js",
   "repository": {
@@ -46,6 +46,7 @@
   "type": "commonjs",
   "files": [
     "dist/",
+    "scripts/",
     "skills/",
     "adapters/",
     "commands/",

package/scripts/gate-0-secrets.js ADDED Viewed

@@ -0,0 +1,63 @@
+#!/usr/bin/env node
+/**
+ * Gate 0: Secret Hygiene
+ * Fastest gate (< 0.5s). Checks for leaked secrets before anything else runs.
+ */
+const fs = require('fs');
+const { execSync } = require('child_process');
+let failed = false;
+// 1. Check wrangler config files for hardcoded secret values
+const wranglerFiles = ['wrangler.toml', 'wrangler.jsonc', 'wrangler.json'];
+const dangerous = [
+  'SERVICE_KEY', 'ANON_KEY', 'DB_PASSWORD', 'SECRET_KEY', 'PRIVATE_KEY', 'API_SECRET',
+  'GCP_SERVICE_ACCOUNT', 'AZURE_CONNECTION_STRING', 'HEROKU_API_KEY', 'POSTMAN_API_KEY'
+];
+for (const wf of wranglerFiles) {
+  if (!fs.existsSync(wf)) continue;
+  const src = fs.readFileSync(wf, 'utf-8');
+  for (const key of dangerous) {
+    const valuePattern = new RegExp(key + '\\s*[=:]\\s*["\'][a-zA-Z0-9/+=]{20,}', 'g');
+    if (valuePattern.test(src)) {
+      console.error('❌ DANGEROUS: ' + wf + ' contains a ' + key + ' VALUE');
+      console.error('   Fix: wrangler secret put ' + key + ' (then remove from ' + wf + ')');
+      failed = true;
+    }
+  }
+}
+// 2. Check .gitignore has required patterns
+if (fs.existsSync('.gitignore')) {
+  const gi = fs.readFileSync('.gitignore', 'utf-8');
+  const required = ['.env', '.dev.vars'];
+  const missing = required.filter(r => !gi.includes(r));
+  if (missing.length > 0) {
+    console.error('❌ .gitignore missing: ' + missing.join(', '));
+    failed = true;
+  }
+} else {
+  console.error('❌ No .gitignore found!');
+  failed = true;
+}
+// 3. Check .env / .dev.vars files aren't tracked by git
+try {
+  const tracked = execSync('git ls-files', { encoding: 'utf-8' });
+  const badFiles = ['.env', '.dev.vars', '.env.local', '.env.production'];
+  const trackedBad = badFiles.filter(f => tracked.split('\n').includes(f));
+  if (trackedBad.length > 0) {
+    console.error('❌ CRITICAL: Secret files tracked by git: ' + trackedBad.join(', '));
+    console.error('   Fix: git rm --cached ' + trackedBad.join(' '));
+    failed = true;
+  }
+} catch (e) {
+  // Not a git repo — skip
+}
+if (failed) {
+  console.error('\n🛡️  Gate 0 FAILED. Fix issues above before deploying.');
+  process.exit(1);
+}
+console.log('✅ Gate 0 passed: secret hygiene verified');

package/scripts/gate-1-syntax.js ADDED Viewed

@@ -0,0 +1,53 @@
+#!/usr/bin/env node
+/**
+ * Gate 1: Syntax Validation
+ * Fast-fail (< 2s). Catches syntax errors before the slower test suite.
+ * - Parses all JS files in public/js/ with acorn
+ * - Runs tsc --noEmit for TypeScript in src/
+ */
+const { parse } = require('acorn');
+const fs = require('fs');
+const path = require('path');
+const { execSync } = require('child_process');
+let failed = false;
+// 1. Parse all JS files in public/js/
+const jsDir = 'public/js';
+if (fs.existsSync(jsDir)) {
+  const jsFiles = fs.readdirSync(jsDir).filter(f => f.endsWith('.js'));
+  for (const file of jsFiles) {
+    const filePath = path.join(jsDir, file);
+    const code = fs.readFileSync(filePath, 'utf-8');
+    try {
+      parse(code, { ecmaVersion: 2022, sourceType: 'script' });
+    } catch (err) {
+      console.error(`❌ Syntax error in ${filePath}:`);
+      console.error(`   Line ${err.loc?.line}, Column ${err.loc?.column}: ${err.message}`);
+      failed = true;
+    }
+  }
+  if (!failed) {
+    console.log(`✅ ${jsFiles.length} JS files parsed successfully`);
+  }
+} else {
+  console.log('⚠  No public/js/ directory found, skipping JS syntax check');
+}
+// 2. TypeScript compilation check
+if (fs.existsSync('tsconfig.json')) {
+  try {
+    execSync('npx tsc --noEmit', { encoding: 'utf-8', stdio: 'pipe' });
+    console.log('✅ TypeScript compilation check passed');
+  } catch (err) {
+    console.error('❌ TypeScript compilation errors:');
+    console.error(err.stdout || err.stderr || err.message);
+    failed = true;
+  }
+}
+if (failed) {
+  console.error('\n🔴 Gate 1 FAILED. Fix syntax errors before proceeding.');
+  process.exit(1);
+}
+console.log('✅ Gate 1 passed: syntax validation complete');

package/scripts/gate-5-dist-verify.js ADDED Viewed

@@ -0,0 +1,55 @@
+#!/usr/bin/env node
+/**
+ * Gate 5: Dist Asset Verification
+ * Verifies critical files exist in public/ after build:html + docs:build.
+ * Build can "succeed" but produce an incomplete output directory.
+ */
+const fs = require('fs');
+const path = require('path');
+const publicDir = 'public';
+// Critical HTML pages
+const requiredHtml = [
+  'dashboard/index.html',
+];
+// Critical JS files
+const requiredJs = [
+  'dashboard/app.js',
+];
+// Critical CSS files
+const requiredCss = [
+  'dashboard/style.css',
+];
+// Build required file list
+const required = [];
+// HTML pages
+for (const html of requiredHtml) {
+  required.push(path.join(publicDir, html));
+}
+// JS files
+for (const js of requiredJs) {
+  required.push(path.join(publicDir, js));
+}
+// CSS files
+for (const css of requiredCss) {
+  required.push(path.join(publicDir, css));
+}
+// Check all required files
+const missing = required.filter(f => !fs.existsSync(f));
+if (missing.length > 0) {
+  console.error('❌ Missing critical files:');
+  missing.forEach(f => console.error('   ' + f));
+  console.error(`\n🔴 Gate 5 FAILED. ${missing.length} file(s) missing from build output.`);
+  process.exit(1);
+}
+console.log(`✅ Gate 5 passed: all ${required.length} critical files present`);

package/scripts/gate-6-smoke-test.js ADDED Viewed

@@ -0,0 +1,30 @@
+#!/usr/bin/env node
+/**
+ * Gate 6: Post-Deploy Smoke Test
+ * Verifies the deployed site returns HTTP 200.
+ * Usage: node scripts/gate-6-smoke-test.js [optional-url]
+ */
+const DEPLOY_URL = process.argv[2] || process.env.DEPLOY_URL || 'https://cody.todyle.com';
+async function smokeTest() {
+  console.log(`🔍 Smoke testing: ${DEPLOY_URL}`);
+  try {
+    const res = await fetch(DEPLOY_URL);
+    if (res.status === 200) {
+      console.log(`✅ Gate 6 passed: HTTP ${res.status} from ${DEPLOY_URL}`);
+    } else {
+      console.error(`❌ Gate 6 FAILED: HTTP ${res.status} from ${DEPLOY_URL}`);
+      console.error('   ⚠  Consider immediate rollback.');
+      process.exit(1);
+    }
+  } catch (err) {
+    console.error(`❌ Gate 6 FAILED: Could not reach ${DEPLOY_URL}`);
+    console.error(`   Error: ${err.message}`);
+    console.error('   ⚠  Consider immediate rollback.');
+    process.exit(1);
+  }
+}
+smokeTest();