commitshow 0.3.23 → 0.3.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +79 -33
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -17,34 +17,73 @@ npx commitshow@latest audit github.com/owner/repo
|
|
|
17
17
|
```
|
|
18
18
|
|
|
19
19
|
```
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
20
|
+
██████╗ ██████╗ ███╗ ███╗ ███╗ ███╗ ██╗ ████████╗ ███████╗ ██╗ ██╗ ██████╗ ██╗ ██╗
|
|
21
|
+
██╔════╝ ██╔═══██╗ ████╗ ████║ ████╗ ████║ ██║ ╚══██╔══╝ ██╔════╝ ██║ ██║ ██╔═══██╗ ██║ ██║
|
|
22
|
+
██║ ██║ ██║ ██╔████╔██║ ██╔████╔██║ ██║ ██║ ███████╗ ███████║ ██║ ██║ ██║ █╗ ██║
|
|
23
|
+
██║ ██║ ██║ ██║╚██╔╝██║ ██║╚██╔╝██║ ██║ ██║ ╚════██║ ██╔══██║ ██║ ██║ ██║███╗██║
|
|
24
|
+
╚██████╗ ╚██████╔╝ ██║ ╚═╝ ██║ ██║ ╚═╝ ██║ ██║ ██║ ██╗ ███████║ ██║ ██║ ╚██████╔╝ ╚███╔███╔╝
|
|
25
|
+
╚═════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚══════╝ ╚═╝ ╚═╝ ╚═════╝ ╚══╝╚══╝
|
|
26
|
+
|
|
27
|
+
╭────────────────────────────────────────────────────────╮
|
|
28
|
+
│ ✻ commit.show — Audit report │
|
|
29
|
+
╰────────────────────────────────────────────────────────╯
|
|
30
|
+
|
|
31
|
+
commitshow github.com/commitshow/commitshow
|
|
32
|
+
|
|
33
|
+
Findings · 1 critical · 1 warning · 3 strengths
|
|
34
|
+
|
|
35
|
+
┌────────────────────────────────────────────────────────┐
|
|
36
|
+
│ What this build missed │
|
|
37
|
+
│ ✕ 25 FK columns unindexed — fk_columns_seen=100 vs in… │
|
|
38
|
+
│ ⚠ Zero observability libs in 17 deps — no Sentry, Pin… │
|
|
39
|
+
│ │
|
|
40
|
+
│ What it got right │
|
|
41
|
+
│ ↑ 56 RLS policies cover all 19 tables — gap_estimate=… │
|
|
42
|
+
│ ↑ Lighthouse accessibility 93, best practices 96, SEO… │
|
|
43
|
+
│ ↑ Rate-limit middleware active on API routes — vibe_c… │
|
|
44
|
+
└────────────────────────────────────────────────────────┘
|
|
45
|
+
|
|
46
|
+
┌────────────────────────────────────────────────────────┐
|
|
47
|
+
│ AI Coder 7 Frames · what AI ships without │
|
|
48
|
+
│ │
|
|
49
|
+
│ ✕ Error tracking │
|
|
50
|
+
│ no sentry / datadog / pino / winston / otel lib in… │
|
|
51
|
+
│ ⚠ Database indexes │
|
|
52
|
+
│ 100 FK columns · 75 indexes · 25 unindexed │
|
|
53
|
+
│ → supabase/schema.sql · id → auth │
|
|
54
|
+
│ ✓ RLS coverage │
|
|
55
|
+
│ 19 tables · 56 policies · all covered │
|
|
56
|
+
│ ✓ Secret in client code │
|
|
57
|
+
│ no service-role keys in client paths │
|
|
58
|
+
│ ✓ API rate limiting │
|
|
59
|
+
│ custom middleware detected │
|
|
60
|
+
└────────────────────────────────────────────────────────┘
|
|
61
|
+
|
|
62
|
+
Δ +20 since last audit
|
|
63
|
+
|
|
64
|
+
→ https://commit.show/projects/1c262df3-…
|
|
65
|
+
|
|
66
|
+
next · feed your AI loop → commitshow audit . --json
|
|
67
|
+
|
|
68
|
+
╔════════════════════════════╗
|
|
69
|
+
║ commitshow/commitshow ║
|
|
70
|
+
║ ║
|
|
71
|
+
║ ███████╗ ███████╗ ║
|
|
72
|
+
║ ╚════██║ ╚════██║ ║
|
|
73
|
+
║ ██╔╝ ██╔╝ ║
|
|
74
|
+
║ ██╔╝ ██╔╝ ║
|
|
75
|
+
║ ██║ ██║ ║
|
|
76
|
+
║ ╚═╝ ╚═╝ ║
|
|
77
|
+
║ ║
|
|
78
|
+
║ / 100 · walk-on · strong ║
|
|
79
|
+
╚════════════════════════════╝
|
|
80
|
+
audition unlocks final 5 · max walk-on score 95
|
|
81
|
+
|
|
82
|
+
Audit 35/50 ▰▰▰▰▰▰▰▰▰▰▰▰▰▰▱▱▱▱▱▱
|
|
83
|
+
Scout —/30 ─ audition unlocks ─
|
|
84
|
+
Comm. —/20 ─ audition unlocks ─
|
|
85
|
+
|
|
86
|
+
commit.show
|
|
48
87
|
```
|
|
49
88
|
|
|
50
89
|
> [⭐ Star us on GitHub](https://github.com/commitshow/cli) if `commitshow audit` saved you a `// TODO`.
|
|
@@ -231,11 +270,18 @@ changes do. Known keys: `project`, `score`, `standing`, `strengths`, `concerns`,
|
|
|
231
270
|
|
|
232
271
|
## What's in the report
|
|
233
272
|
|
|
234
|
-
-
|
|
235
|
-
|
|
236
|
-
- **
|
|
237
|
-
- **
|
|
238
|
-
-
|
|
273
|
+
Top-to-bottom, what each section gives you:
|
|
274
|
+
|
|
275
|
+
- **COMMIT.SHOW masthead** · ANSI Shadow wordmark on terminals ≥ 100 cols. The thin rounded `╭ ✻ commit.show — Audit report ╮` strip is always rendered as the title fallback.
|
|
276
|
+
- **Findings counter** · `Findings · 1 critical · 1 warning · 3 strengths` — scan one line, you know the tone before reading the bullets.
|
|
277
|
+
- **What this build missed** · errors-first box. First concern is `✕` scarlet (highest-impact), the rest are `⚠` gold. Engine ranks them by decision-impact, not by severity tier.
|
|
278
|
+
- **What it got right** · `↑` teal · 3 bullets · for context only. Don't lead with these.
|
|
279
|
+
- **AI Coder 7 Frames** · the deterministic pillar — RLS coverage, secret-in-bundle, API rate limiting, prompt-injection surface, DB indexes, mock data in prod, error tracking. Pass / warn / fail per frame, with file paths.
|
|
280
|
+
- **Δ since last audit** · positive = improving · negative = regressed · null on first run.
|
|
281
|
+
- **`next:` hint** · one-line nudge to feed `--json | jq .concerns` into your coding agent.
|
|
282
|
+
- **Trophy block** · score billboard (metallic-gold gradient · ANSI Shadow digits) with the repo slug embedded so a screenshot crop is self-contained. Axis bars (Audit / Scout / Community) sit directly under it as the per-pillar breakdown. `commit.show` wordmark anchors the bottom-right.
|
|
283
|
+
|
|
284
|
+
Walk-on auditions cap the `Audit` axis at `45/50` and lock `Scout` / `Community` behind the audition gate; the captions explicitly call this out.
|
|
239
285
|
|
|
240
286
|
## Roadmap
|
|
241
287
|
|