commit-cop 1.1.0 → 1.1.2

package/src/fix/lockfile.ts

@@ -1,23 +0,0 @@
-import { execSync } from "node:child_process";
-import fs from "node:fs";
-import path from "node:path";
-
-export function fixLockfile(cwd = process.cwd()): boolean {
-  const packageJson = path.join(cwd, "package.json");
-  const packageLock = path.join(cwd, "package-lock.json");
-
-  if (!fs.existsSync(packageJson)) {
-    return false;
-  }
-
-  const needsInstall =
-    !fs.existsSync(packageLock) ||
-    fs.statSync(packageJson).mtimeMs > fs.statSync(packageLock).mtimeMs;
-
-  if (!needsInstall) {
-    return false;
-  }
-
-  execSync("npm install", { cwd, stdio: "inherit" });
-  return true;
-}

package/src/fix/matchers.ts

@@ -1,141 +0,0 @@
-import fs from "node:fs";
-import {
-  getBaseName,
-  matchesAnyPattern,
-  normalizePath,
-} from "../checks/utils.js";
-
-export const GENERATED_FOLDERS = [
-  "node_modules/",
-  "dist/",
-  "build/",
-  ".next/",
-  "coverage/",
-];
-
-const junkExactNames = new Set([
-  ".ds_store",
-  "thumbs.db",
-  "desktop.ini",
-]);
-
-const junkNamePatterns = [/\.swp$/i, /\.bak$/i, /\.tmp$/i, /~$/];
-
-const sensitiveExactNames = new Set([
-  "id_rsa",
-  "id_ed25519",
-  "credentials.json",
-  "serviceaccountkey.json",
-  ".npmrc",
-  ".pypirc",
-]);
-
-const sensitiveNamePatterns = [
-  /\.pem$/i,
-  /\.p12$/i,
-  /\.key$/i,
-  /^firebase-adminsdk.*\.json$/i,
-];
-
-const binaryExtensions = new Set([
-  ".zip",
-  ".exe",
-  ".dll",
-  ".mp4",
-  ".mov",
-  ".sqlite",
-  ".db",
-]);
-
-const MAX_SIZE_MB = 5;
-
-function matchesGeneratedFolder(normalizedPath: string): string | null {
-  for (const folder of GENERATED_FOLDERS) {
-    if (
-      normalizedPath.startsWith(folder) ||
-      normalizedPath.includes(`/${folder}`)
-    ) {
-      return folder;
-    }
-  }
-  return null;
-}
-
-export function isEnvFile(file: string): boolean {
-  const baseName = getBaseName(file);
-  return baseName === ".env" || baseName.startsWith(".env.");
-}
-
-export function isSensitiveFile(file: string): boolean {
-  const baseName = getBaseName(file);
-  const normalizedBaseName = baseName.toLowerCase();
-  const normalizedPath = normalizePath(file).toLowerCase();
-
-  return (
-    sensitiveExactNames.has(normalizedBaseName) ||
-    matchesAnyPattern(baseName, sensitiveNamePatterns) ||
-    normalizedPath.endsWith("/credentials.json") ||
-    normalizedPath.includes("serviceaccountkey.json")
-  );
-}
-
-export function isGeneratedPath(file: string): boolean {
-  return matchesGeneratedFolder(normalizePath(file)) !== null;
-}
-
-export function isJunkFile(file: string): boolean {
-  const baseName = getBaseName(file);
-  const normalizedBaseName = baseName.toLowerCase();
-
-  return (
-    junkExactNames.has(normalizedBaseName) ||
-    matchesAnyPattern(baseName, junkNamePatterns)
-  );
-}
-
-function hasNullBytes(file: string): boolean {
-  const buffer = fs.readFileSync(file);
-  const sampleSize = Math.min(buffer.length, 8192);
-
-  for (let index = 0; index < sampleSize; index += 1) {
-    if (buffer[index] === 0) {
-      return true;
-    }
-  }
-
-  return false;
-}
-
-export function isBinaryFile(file: string): boolean {
-  if (!fs.existsSync(file)) return false;
-
-  const baseName = getBaseName(file);
-  const extension = baseName.includes(".")
-    ? baseName.slice(baseName.lastIndexOf(".")).toLowerCase()
-    : "";
-
-  if (binaryExtensions.has(extension)) return true;
-
-  try {
-    return hasNullBytes(file);
-  } catch {
-    return false;
-  }
-}
-
-export function isLargeFile(file: string): boolean {
-  if (!fs.existsSync(file)) return false;
-
-  const sizeMb = fs.statSync(file).size / 1024 / 1024;
-  return sizeMb > MAX_SIZE_MB;
-}
-
-export function shouldUnstage(file: string): string | null {
-  if (isEnvFile(file)) return "environment file";
-  if (isSensitiveFile(file)) return "sensitive file";
-  if (isGeneratedPath(file)) return "generated path";
-  if (isJunkFile(file)) return "junk file";
-  if (isBinaryFile(file)) return "binary file";
-  if (isLargeFile(file)) return "large file";
-  return null;
-}

package/src/fix/runFix.ts

@@ -1,96 +0,0 @@
-import chalk from "chalk";
-import type { WipFixOptions } from "../types.js";
-import { fixDebugCode } from "./debugCode.js";
-import { fixFocusedTests } from "./focusedTests.js";
-import { fixGitignore } from "./gitignore.js";
-import { fixJunkFiles } from "./junkFiles.js";
-import { fixLockfile } from "./lockfile.js";
-import { fixUnstageRiskyFiles } from "./unstage.js";
-
-function printSection(title: string, items: string[]): void {
-  if (items.length === 0) return;
-  console.log(chalk.green(`\n${title}`));
-  for (const item of items) {
-    console.log(`  ${item}`);
-  }
-}
-
-function printSkipped(message: string): void {
-  console.log(chalk.dim(`\n${message}`));
-}
-
-export function runWipFix(options: WipFixOptions = {}): void {
-  const fixConsoleLog = Boolean(options.fixConsoleLog);
-
-  console.log(chalk.bold("commit-cop wip-fix"));
-  console.log(chalk.dim("(work in progress — more fixes may be added later)\n"));
-
-  const gitignoreAdded = fixGitignore();
-  const testsFixed = fixFocusedTests();
-  const debugFixed = fixDebugCode(process.cwd(), { fixConsoleLog });
-  const junkRemoved = fixJunkFiles();
-  const unstaged = fixUnstageRiskyFiles();
-  const lockfileSynced = fixLockfile();
-
-  if (gitignoreAdded.length > 0) {
-    console.log(chalk.green("Updated .gitignore:"));
-    for (const entry of gitignoreAdded) {
-      console.log(`  + ${entry}`);
-    }
-  } else {
-    console.log(
-      chalk.dim(".gitignore already includes expected entries from checks")
-    );
-  }
-
-  printSection("Replaced focused test (.only) calls in:", testsFixed);
-  if (testsFixed.length === 0) {
-    printSkipped("No test.only / it.only / describe.only in test files");
-  }
-
-  if (fixConsoleLog) {
-    printSection("Removed debug lines from staged files:", debugFixed);
-    if (debugFixed.length === 0) {
-      printSkipped("No staged standalone console.log or debugger lines");
-    }
-  } else {
-    printSkipped("Skipped console.log removal (use --fix-console-log to enable)");
-    if (debugFixed.length > 0) {
-      printSection("Removed debugger lines from staged files:", debugFixed);
-    } else {
-      printSkipped("No staged debugger lines");
-    }
-  }
-
-  printSection("Deleted junk files:", junkRemoved);
-  if (junkRemoved.length === 0) {
-    printSkipped("No junk files found on disk");
-  }
-
-  printSection("Unstaged risky files:", unstaged);
-  if (unstaged.length === 0) {
-    printSkipped("No staged env, sensitive, generated, junk, binary, or large files");
-  }
-
-  if (lockfileSynced) {
-    console.log(chalk.green("\nRan npm install to sync package-lock.json"));
-  } else {
-    printSkipped("package-lock.json is up to date (or no package.json)");
-  }
-
-  printSkipped(
-    "Cannot auto-fix: merge conflicts, secrets, or localhost URLs — resolve those manually"
-  );
-
-  const changed =
-    gitignoreAdded.length > 0 ||
-    testsFixed.length > 0 ||
-    debugFixed.length > 0 ||
-    junkRemoved.length > 0 ||
-    unstaged.length > 0 ||
-    lockfileSynced;
-
-  if (!changed) {
-    console.log(chalk.dim("\nNothing to fix."));
-  }
-}

package/src/fix/unstage.ts

@@ -1,25 +0,0 @@
-import { execSync } from "node:child_process";
-import { getStagedFiles } from "../git.js";
-import { shouldUnstage } from "./matchers.js";
-
-export function fixUnstageRiskyFiles(): string[] {
-  let stagedFiles: string[];
-
-  try {
-    stagedFiles = getStagedFiles();
-  } catch {
-    return [];
-  }
-
-  const unstaged: string[] = [];
-
-  for (const file of stagedFiles) {
-    const reason = shouldUnstage(file);
-    if (!reason) continue;
-
-    execSync(`git restore --staged -- "${file}"`, { stdio: "pipe" });
-    unstaged.push(`${file} (${reason})`);
-  }
-
-  return unstaged;
-}

package/src/fix/utils.ts

@@ -1,50 +0,0 @@
-import fs from "node:fs";
-import path from "node:path";
-
-export const SKIP_DIRS = new Set([
-  "node_modules",
-  "dist",
-  "build",
-  ".next",
-  "coverage",
-  ".git",
-]);
-
-export function walkRepo(
-  cwd: string,
-  onFile: (absolutePath: string, relativePath: string) => void
-): void {
-  function walk(dir: string): void {
-    if (!fs.existsSync(dir)) return;
-
-    for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {
-      if (SKIP_DIRS.has(entry.name)) continue;
-
-      const absolutePath = path.join(dir, entry.name);
-      const relativePath = path.relative(cwd, absolutePath);
-
-      if (entry.isDirectory()) {
-        walk(absolutePath);
-        continue;
-      }
-
-      onFile(absolutePath, relativePath);
-    }
-  }
-
-  walk(cwd);
-}
-
-export function walkCodeFiles(
-  cwd: string,
-  predicate: (relativePath: string) => boolean,
-  files: string[] = []
-): string[] {
-  walkRepo(cwd, (absolutePath, relativePath) => {
-    if (!/\.(ts|tsx|js|jsx|mjs|cjs)$/.test(relativePath)) return;
-    if (!predicate(relativePath)) return;
-    files.push(absolutePath);
-  });
-
-  return files;
-}

package/src/git.ts

@@ -1,17 +0,0 @@
-import { execSync } from "node:child_process";
-import { PRODUCT_NAME } from "./brand.js";
-
-export function getStagedFiles(): string[] {
-  try {
-    const output = execSync("git diff --cached --name-only", {
-      encoding: "utf-8",
-    });
-
-    return output
-      .split("\n")
-      .map((file) => file.trim())
-      .filter(Boolean);
-  } catch {
-    throw new Error(`${PRODUCT_NAME} must be run inside a Git repository.`);
-  }
-}

package/src/hook.ts

@@ -1,98 +0,0 @@
-import { execSync } from "node:child_process";
-import fs from "node:fs";
-import path from "node:path";
-import { CLI_NAME, PRODUCT_NAME } from "./brand.js";
-
-const HOOK_MARKER = "# Generated by Commit Cop";
-const BACKUP_SUFFIX = ".commit-cop.backup";
-
-function getGitHooksDir(): string {
-  try {
-    const gitPath = execSync("git rev-parse --git-path hooks", {
-      encoding: "utf-8",
-    }).trim();
-
-    return path.resolve(gitPath);
-  } catch {
-    throw new Error(`${PRODUCT_NAME} install must be run inside a Git repository.`);
-  }
-}
-
-function buildHookScript(strict: boolean): string {
-  const strictFlag = strict ? " --strict" : "";
-
-  return `#!/bin/sh
-${HOOK_MARKER}
-# Re-run: npx ${CLI_NAME} install
-
-cd "$(git rev-parse --show-toplevel)" || exit 1
-
-if [ -x "./node_modules/.bin/${CLI_NAME}" ]; then
-  exec ./node_modules/.bin/${CLI_NAME}${strictFlag}
-fi
-
-if command -v ${CLI_NAME} >/dev/null 2>&1; then
-  exec ${CLI_NAME}${strictFlag}
-fi
-
-exec npx ${CLI_NAME}${strictFlag}
-`;
-}
-
-export function installHook(strict = false): void {
-  const hooksDir = getGitHooksDir();
-  const hookPath = path.join(hooksDir, "pre-commit");
-  const backupPath = `${hookPath}${BACKUP_SUFFIX}`;
-
-  fs.mkdirSync(hooksDir, { recursive: true });
-
-  if (fs.existsSync(hookPath)) {
-    const existing = fs.readFileSync(hookPath, "utf-8");
-
-    if (existing.includes(HOOK_MARKER)) {
-      console.log(`${PRODUCT_NAME}: Updating existing pre-commit hook.`);
-    } else {
-      fs.copyFileSync(hookPath, backupPath);
-      console.log(
-        `${PRODUCT_NAME}: Backed up existing pre-commit hook to ${path.basename(backupPath)}.`
-      );
-    }
-  }
-
-  fs.writeFileSync(hookPath, buildHookScript(strict), { mode: 0o755 });
-
-  console.log(`${PRODUCT_NAME}: Pre-commit hook installed.`);
-  console.log(`  ${hookPath}`);
-  console.log("");
-  console.log("Commit Cop will now run automatically on git commit.");
-}
-
-export function uninstallHook(): void {
-  const hooksDir = getGitHooksDir();
-  const hookPath = path.join(hooksDir, "pre-commit");
-  const backupPath = `${hookPath}${BACKUP_SUFFIX}`;
-
-  if (!fs.existsSync(hookPath)) {
-    console.log(`${PRODUCT_NAME}: No pre-commit hook found.`);
-    return;
-  }
-
-  const existing = fs.readFileSync(hookPath, "utf-8");
-
-  if (!existing.includes(HOOK_MARKER)) {
-    throw new Error(
-      `${PRODUCT_NAME} did not install this pre-commit hook. Remove it manually if needed.`
-    );
-  }
-
-  fs.unlinkSync(hookPath);
-
-  if (fs.existsSync(backupPath)) {
-    fs.copyFileSync(backupPath, hookPath);
-    fs.unlinkSync(backupPath);
-    console.log(`${PRODUCT_NAME}: Pre-commit hook removed and previous hook restored.`);
-    return;
-  }
-
-  console.log(`${PRODUCT_NAME}: Pre-commit hook removed.`);
-}

package/src/index.ts

@@ -1,59 +0,0 @@
-#!/usr/bin/env node
-
-import { CLI_NAME, PRODUCT_NAME, TAGLINE } from "./brand.js";
-import { Command } from "commander";
-import { runWipFix } from "./fix/runFix.js";
-import { installHook, uninstallHook } from "./hook.js";
-import { runScan } from "./runScan.js";
-
-const program = new Command();
-
-program
-  .name(CLI_NAME)
-  .description(`${PRODUCT_NAME} — ${TAGLINE}`);
-
-program
-  .command("scan", { isDefault: true })
-  .description("Scan staged files for risky commits")
-  .option("--strict", "Treat warnings as errors")
-  .option(
-    "--allow-console-log",
-    "Skip console.log warnings (for projects that keep console.log on purpose)"
-  )
-  .action(async (options) => {
-    const exitCode = await runScan(
-      Boolean(options.strict),
-      Boolean(options.allowConsoleLog)
-    );
-    process.exit(exitCode);
-  });
-
-program
-  .command("wip-fix")
-  .description(
-    "Apply common repo fixes matching commit-cop checks (.gitignore, debug code, unstaging, etc.)"
-  )
-  .option(
-    "--fix-console-log",
-    "Also remove standalone console.log lines from staged files (debugger lines are always removed)"
-  )
-  .action((options) => {
-    runWipFix({ fixConsoleLog: Boolean(options.fixConsoleLog) });
-  });
-
-program
-  .command("install")
-  .description("Install a Git pre-commit hook that runs Commit Cop on every commit")
-  .option("--strict", "Treat warnings as errors in the hook")
-  .action((options) => {
-    installHook(Boolean(options.strict));
-  });
-
-program
-  .command("uninstall")
-  .description("Remove the Commit Cop pre-commit hook")
-  .action(() => {
-    uninstallHook();
-  });
-
-program.parse();

package/src/reporter.ts

@@ -1,88 +0,0 @@
-import { PRODUCT_NAME } from "./brand.js";
-import chalk from "chalk";
-import type { Finding, Severity } from "./types.js";
-
-const WIDTH = 52;
-
-function line(char = "─"): string {
-  return chalk.dim(char.repeat(WIDTH));
-}
-
-function printHeader(title: string): void {
-  console.log("");
-  console.log(line("═"));
-  console.log(chalk.bold(`  ${title}`));
-  console.log(line("═"));
-}
-
-function printSection(title: string, color: (text: string) => string): void {
-  console.log("");
-  console.log(line());
-  console.log(color(chalk.bold(`  ${title}`)));
-  console.log(line());
-  console.log("");
-}
-
-function printSummary(scannedCount: number, errors: number, warnings: number): void {
-  console.log("");
-  console.log(chalk.dim(`  Scanned ${scannedCount} staged file(s)`));
-  console.log(
-    `  ${chalk.red(`Errors: ${errors}`)}${chalk.dim("  │  ")}${chalk.yellow(`Warnings: ${warnings}`)}`
-  );
-}
-
-function printFinding(finding: Finding, index: number): void {
-  const location = finding.line
-    ? `${finding.file}:${finding.line}`
-    : finding.file;
-
-  const checkLabel = chalk.dim(`[${finding.checkName}]`);
-
-  console.log(chalk.bold(`  ${index}.`) + ` ${checkLabel}`);
-  console.log(`     ${chalk.cyan(location)}`);
-  console.log(`     ${finding.message}`);
-
-  if (finding.suggestion) {
-    console.log(chalk.gray(`     → ${finding.suggestion}`));
-  }
-
-  console.log("");
-}
-
-function printFindings(findings: Finding[], severity: Severity): void {
-  const filtered = findings.filter((finding) => finding.severity === severity);
-
-  filtered.forEach((finding, index) => {
-    printFinding(finding, index + 1);
-  });
-}
-
-export function printReport(findings: Finding[], scannedCount: number) {
-  const errors = findings.filter((finding) => finding.severity === "error");
-  const warnings = findings.filter((finding) => finding.severity === "warning");
-
-  printHeader(`${PRODUCT_NAME} Report`);
-  printSummary(scannedCount, errors.length, warnings.length);
-
-  if (findings.length === 0) {
-    console.log("");
-    console.log(chalk.green("  ✅ All clear — no issues found in staged files."));
-    console.log("");
-    console.log(line("═"));
-    console.log("");
-    return;
-  }
-
-  if (errors.length > 0) {
-    printSection(`ERRORS (${errors.length})`, chalk.red);
-    printFindings(findings, "error");
-  }
-
-  if (warnings.length > 0) {
-    printSection(`WARNINGS (${warnings.length})`, chalk.yellow);
-    printFindings(findings, "warning");
-  }
-
-  console.log(line("═"));
-  console.log("");
-}

package/src/runScan.ts

@@ -1,35 +0,0 @@
-import { PRODUCT_NAME } from "./brand.js";
-import { getStagedFiles } from "./git.js";
-import { runChecks } from "./scanner.js";
-import { printReport } from "./reporter.js";
-
-export async function runScan(
-  strict = false,
-  allowConsoleLog = false
-): Promise<number> {
-  const stagedFiles = getStagedFiles();
-
-  if (stagedFiles.length === 0) {
-    console.log(`${PRODUCT_NAME}: No staged files found.`);
-    return 0;
-  }
-
-  const findings = await runChecks({
-    stagedFiles,
-    strict,
-    allowConsoleLog,
-  });
-
-  printReport(findings, stagedFiles.length);
-
-  const hasErrors = findings.some((finding) => finding.severity === "error");
-  const hasWarnings = findings.some(
-    (finding) => finding.severity === "warning"
-  );
-
-  if (hasErrors || (strict && hasWarnings)) {
-    return 1;
-  }
-
-  return 0;
-}

package/src/scanner.ts

@@ -1,44 +0,0 @@
-import type { CheckContext, Finding } from "./types.js";
-import { envFileCheck } from "./checks/envFileCheck.js";
-import { generatedFolderCheck } from "./checks/generatedFolderCheck.ts";
-import { mergeConflictCheck } from "./checks/mergeConflictCheck.ts";
-import { sensitiveFilenameCheck } from "./checks/sensitiveFilenameCheck.ts";
-import { secretCheck } from "./checks/secretCheck.ts";
-import { focusedTestCheck } from "./checks/focusedTestCheck.ts";
-import { consoleLogCheck } from "./checks/consoleLogCheck.ts";
-import { debuggerCheck } from "./checks/debuggerCheck.ts";
-import { localHostCheck } from "./checks/localHostCheck.ts";
-import { junkFileCheck } from "./checks/junkFileCheck.ts";
-import { lockfileDriftCheck } from "./checks/lockfileDriftCheck.ts";
-import { largeFileCheck } from "./checks/largeFileCheck.ts";
-import { binaryFileCheck } from "./checks/binaryFileCheck.ts";
-
-const checks = [
-  mergeConflictCheck,
-  envFileCheck,
-  sensitiveFilenameCheck,
-  generatedFolderCheck,
-  secretCheck,
-  focusedTestCheck,
-  consoleLogCheck,
-  debuggerCheck,
-  localHostCheck,
-  junkFileCheck,
-  lockfileDriftCheck,
-  largeFileCheck,
-  binaryFileCheck,
-];
-
-export async function runChecks(context: CheckContext): Promise<Finding[]> {
-  const allFindings: Finding[] = [];
-  const activeChecks = context.allowConsoleLog
-    ? checks.filter((check) => check !== consoleLogCheck)
-    : checks;
-
-  for (const check of activeChecks) {
-    const findings = await check.run(context);
-    allFindings.push(...findings);
-  }
-
-  return allFindings;
-}