delimit-cli 4.0.1 → 4.0.3

package/scripts/crosspost_devto.py

@@ -0,0 +1,304 @@
+#!/usr/bin/env python3
+"""
+Cross-post markdown articles to Dev.to.
+
+Reads articles from a content directory, publishes or updates them
+on Dev.to via the Forem API. Idempotent — tracks published article
+IDs in a local manifest to support updates.
+
+Usage:
+    # Publish all articles (dry run):
+    python scripts/crosspost_devto.py --dir /home/delimit/delimit-private/blog --dry-run
+
+    # Publish all articles:
+    DEV_TO_API_KEY=your_key python scripts/crosspost_devto.py --dir /home/delimit/delimit-private/blog
+
+    # Publish a single article:
+    DEV_TO_API_KEY=your_key python scripts/crosspost_devto.py --file /home/delimit/delimit-private/blog/01-catch-breaking-api-changes.md
+
+    # List published articles:
+    DEV_TO_API_KEY=your_key python scripts/crosspost_devto.py --list
+
+Requires:
+    DEV_TO_API_KEY environment variable (get from https://dev.to/settings/extensions)
+"""
+
+import argparse
+import json
+import os
+import re
+import sys
+from pathlib import Path
+
+try:
+    import requests
+except ImportError:
+    print("ERROR: 'requests' package required. Install with: pip install requests")
+    sys.exit(1)
+
+API_BASE = "https://dev.to/api"
+MANIFEST_FILE = ".devto_manifest.json"
+
+
+def get_api_key():
+    key = os.environ.get("DEV_TO_API_KEY")
+    if not key:
+        print("ERROR: DEV_TO_API_KEY environment variable not set.")
+        print("Get your key from: https://dev.to/settings/extensions")
+        sys.exit(1)
+    return key
+
+
+def load_manifest(content_dir):
+    """Load the manifest that maps filenames to Dev.to article IDs."""
+    manifest_path = Path(content_dir) / MANIFEST_FILE
+    if manifest_path.exists():
+        with open(manifest_path) as f:
+            return json.load(f)
+    return {}
+
+
+def save_manifest(content_dir, manifest):
+    """Save the manifest after publishing."""
+    manifest_path = Path(content_dir) / MANIFEST_FILE
+    with open(manifest_path, "w") as f:
+        json.dump(manifest, f, indent=2)
+    print(f"  Manifest saved: {manifest_path}")
+
+
+def parse_frontmatter(filepath):
+    """Parse YAML-ish frontmatter from a markdown file.
+
+    Returns (frontmatter_dict, body_markdown).
+    """
+    text = Path(filepath).read_text(encoding="utf-8")
+
+    # Match frontmatter block
+    match = re.match(r"^---\s*\n(.*?)\n---\s*\n(.*)", text, re.DOTALL)
+    if not match:
+        print(f"  WARNING: No frontmatter found in {filepath}")
+        return {}, text
+
+    fm_text = match.group(1)
+    body = match.group(2).strip()
+
+    # Simple key: value parser (handles quoted and unquoted values)
+    fm = {}
+    for line in fm_text.strip().split("\n"):
+        line = line.strip()
+        if not line or ":" not in line:
+            continue
+        key, _, value = line.partition(":")
+        key = key.strip()
+        value = value.strip().strip('"').strip("'")
+        # Parse boolean
+        if value.lower() == "true":
+            value = True
+        elif value.lower() == "false":
+            value = False
+        fm[key] = value
+
+    return fm, body
+
+
+def build_article_payload(filepath, publish=False):
+    """Build the Dev.to article creation/update payload."""
+    fm, body = parse_frontmatter(filepath)
+
+    if not fm.get("title"):
+        print(f"  ERROR: Article {filepath} has no title in frontmatter.")
+        return None
+
+    # Parse tags from comma-separated string
+    tags = []
+    if fm.get("tags"):
+        if isinstance(fm["tags"], str):
+            tags = [t.strip() for t in fm["tags"].split(",")]
+        else:
+            tags = fm["tags"]
+    # Dev.to allows max 4 tags
+    tags = tags[:4]
+
+    payload = {
+        "article": {
+            "title": fm["title"],
+            "body_markdown": body,
+            "published": publish,
+            "tags": tags,
+        }
+    }
+
+    if fm.get("description"):
+        payload["article"]["description"] = fm["description"]
+    if fm.get("canonical_url"):
+        payload["article"]["canonical_url"] = fm["canonical_url"]
+    if fm.get("cover_image"):
+        payload["article"]["cover_image"] = fm["cover_image"]
+    if fm.get("series"):
+        payload["article"]["series"] = fm["series"]
+
+    return payload
+
+
+def create_article(api_key, payload):
+    """Create a new article on Dev.to."""
+    resp = requests.post(
+        f"{API_BASE}/articles",
+        headers={
+            "api-key": api_key,
+            "Content-Type": "application/json",
+        },
+        json=payload,
+        timeout=30,
+    )
+    resp.raise_for_status()
+    return resp.json()
+
+
+def update_article(api_key, article_id, payload):
+    """Update an existing article on Dev.to."""
+    resp = requests.put(
+        f"{API_BASE}/articles/{article_id}",
+        headers={
+            "api-key": api_key,
+            "Content-Type": "application/json",
+        },
+        json=payload,
+        timeout=30,
+    )
+    resp.raise_for_status()
+    return resp.json()
+
+
+def list_articles(api_key):
+    """List the authenticated user's articles."""
+    resp = requests.get(
+        f"{API_BASE}/articles/me/all",
+        headers={"api-key": api_key},
+        timeout=30,
+    )
+    resp.raise_for_status()
+    return resp.json()
+
+
+def publish_file(api_key, filepath, manifest, content_dir, dry_run=False, publish=False):
+    """Publish or update a single article."""
+    filename = Path(filepath).name
+    print(f"\nProcessing: {filename}")
+
+    payload = build_article_payload(filepath, publish=publish)
+    if not payload:
+        return False
+
+    title = payload["article"]["title"]
+    existing_id = manifest.get(filename, {}).get("id")
+
+    if dry_run:
+        action = "UPDATE" if existing_id else "CREATE"
+        status = "published" if publish else "draft"
+        print(f"  [DRY RUN] Would {action} ({status}): {title}")
+        if existing_id:
+            print(f"  [DRY RUN] Existing article ID: {existing_id}")
+        print(f"  [DRY RUN] Tags: {payload['article'].get('tags', [])}")
+        return True
+
+    try:
+        if existing_id:
+            print(f"  Updating article {existing_id}: {title}")
+            result = update_article(api_key, existing_id, payload)
+        else:
+            print(f"  Creating article: {title}")
+            result = create_article(api_key, payload)
+
+        article_id = result["id"]
+        article_url = result.get("url", f"https://dev.to/delimit_ai/{result.get('slug', '')}")
+
+        manifest[filename] = {
+            "id": article_id,
+            "url": article_url,
+            "title": title,
+        }
+        save_manifest(content_dir, manifest)
+
+        status = "PUBLISHED" if publish else "DRAFT"
+        print(f"  {status}: {article_url}")
+        return True
+
+    except requests.exceptions.HTTPError as e:
+        print(f"  ERROR: {e}")
+        if e.response is not None:
+            print(f"  Response: {e.response.text[:500]}")
+        return False
+
+
+def main():
+    parser = argparse.ArgumentParser(description="Cross-post articles to Dev.to")
+    parser.add_argument("--dir", help="Directory containing markdown articles")
+    parser.add_argument("--file", help="Single markdown file to publish")
+    parser.add_argument("--list", action="store_true", help="List published articles")
+    parser.add_argument("--dry-run", action="store_true", help="Preview without publishing")
+    parser.add_argument("--publish", action="store_true",
+                        help="Publish articles (default: save as draft)")
+    args = parser.parse_args()
+
+    if args.list:
+        api_key = get_api_key()
+        articles = list_articles(api_key)
+        if not articles:
+            print("No articles found.")
+            return
+        print(f"Found {len(articles)} articles:\n")
+        for a in articles:
+            status = "PUBLISHED" if a.get("published") else "DRAFT"
+            print(f"  [{status}] {a['title']}")
+            print(f"    URL: {a.get('url', 'N/A')}")
+            print(f"    ID:  {a['id']}")
+            print()
+        return
+
+    if not args.dir and not args.file:
+        parser.print_help()
+        print("\nError: specify --dir or --file")
+        sys.exit(1)
+
+    api_key = None
+    if not args.dry_run:
+        api_key = get_api_key()
+
+    content_dir = args.dir or str(Path(args.file).parent)
+    manifest = load_manifest(content_dir)
+
+    files = []
+    if args.file:
+        files = [args.file]
+    else:
+        files = sorted(
+            str(p) for p in Path(args.dir).glob("*.md")
+            if not p.name.startswith(".")
+            and p.name not in ("README.md", "DEVTO_SETUP.md")
+            and not p.name.isupper()  # skip ALL-CAPS docs like DEVTO_SETUP.md
+        )
+
+    if not files:
+        print(f"No markdown files found in {args.dir}")
+        sys.exit(1)
+
+    print(f"Found {len(files)} article(s) to process")
+    if args.dry_run:
+        print("MODE: dry run (no API calls)")
+    elif args.publish:
+        print("MODE: publish (articles will be live)")
+    else:
+        print("MODE: draft (articles saved as drafts on Dev.to)")
+
+    success = 0
+    for filepath in files:
+        if publish_file(api_key, filepath, manifest, content_dir,
+                        dry_run=args.dry_run, publish=args.publish):
+            success += 1
+
+    print(f"\nDone: {success}/{len(files)} articles processed successfully.")
+
+
+if __name__ == "__main__":
+    main()

package/scripts/security-check.sh

@@ -0,0 +1,66 @@
+#!/bin/bash
+# Pre-publish security check — blocks npm publish if secrets are found
+# Run: bash scripts/security-check.sh
+
+set -euo pipefail
+
+echo "🔍 Delimit pre-publish security scan..."
+
+FAIL=0
+
+# Pack to temp and scan the actual tarball contents
+TMPDIR=$(mktemp -d)
+npm pack --pack-destination "$TMPDIR" --quiet 2>/dev/null
+TARBALL=$(ls "$TMPDIR"/*.tgz)
+tar -xzf "$TARBALL" -C "$TMPDIR"
+
+# 1. Credential patterns
+echo -n "  Credentials... "
+if grep -rEi '(password|passwd|secret|api_key|apikey)\s*[:=]\s*["\x27][^"\x27]{4,}' "$TMPDIR/package/" --include="*.py" --include="*.js" --include="*.json" 2>/dev/null | grep -v 'environ\|getenv\|process\.env\|os\.environ\|<configured\|example\|placeholder\|REDACTED\|\${credentials\|credentials\.\|security-scan-ignore'; then
+    echo "❌ FOUND CREDENTIALS"
+    FAIL=1
+else
+    echo "✅ clean"
+fi
+
+# 2. Blocklist terms
+echo -n "  Blocklist... "
+BLOCKLIST="jamsonsholdings|Bladabah|Domainvested26|Delimit26|home/jamsons|infracore|crypttrx|\.wr_env"
+if grep -rEi "$BLOCKLIST" "$TMPDIR/package/" --include="*.py" --include="*.js" --include="*.json" 2>/dev/null; then
+    echo "❌ BLOCKED TERMS FOUND"
+    FAIL=1
+else
+    echo "✅ clean"
+fi
+
+# 3. PII (email addresses that aren't examples)
+echo -n "  PII... "
+if grep -rEi '[a-z0-9._%+-]+@(gmail|yahoo|hotmail|outlook|proton|jamsons|wire\.report|domainvested)' "$TMPDIR/package/" --include="*.py" --include="*.js" --include="*.json" 2>/dev/null | grep -v "example\|placeholder\|<configured\|noreply\|e\.g\.\|docstring\|Args:\|Credential resolution"; then
+    echo "❌ PII FOUND"
+    FAIL=1
+else
+    echo "✅ clean"
+fi
+
+# 4. Proprietary files that shouldn't ship
+echo -n "  Proprietary files... "
+PROPRIETARY="social_target\.py|social\.py|founding_users\.py|inbox_daemon\.py|deliberation\.py"
+if find "$TMPDIR/package/" -name "*.py" | grep -Ei "$PROPRIETARY" 2>/dev/null; then
+    echo "❌ PROPRIETARY FILES IN PACKAGE"
+    FAIL=1
+else
+    echo "✅ clean"
+fi
+
+# Cleanup
+rm -rf "$TMPDIR"
+
+if [ $FAIL -ne 0 ]; then
+    echo ""
+    echo "❌ SECURITY CHECK FAILED — do not publish"
+    exit 1
+fi
+
+echo ""
+echo "✅ All security checks passed"
+exit 0

package/scripts/weekly-tweet.py

@@ -0,0 +1,191 @@
+#!/usr/bin/env python3
+"""
+Weekly Activity Tweet for @delimit_ai.
+
+Gathers GitHub activity stats across delimit-ai repos and npm download
+counts, then posts a summary tweet via the Twitter API.
+
+Reads Twitter credentials from environment variables (for GitHub Actions).
+"""
+
+import os
+import sys
+import json
+from datetime import datetime, timedelta, timezone
+
+import requests
+import tweepy
+
+ORG = "delimit-ai"
+NPM_PACKAGE = "delimit-cli"
+GITHUB_API = "https://api.github.com"
+NPM_API = "https://api.npmjs.org"
+
+
+def get_org_repos():
+    """Fetch all public repos for the org."""
+    repos = []
+    page = 1
+    while True:
+        resp = requests.get(
+            f"{GITHUB_API}/orgs/{ORG}/repos",
+            params={"type": "public", "per_page": 100, "page": page},
+        )
+        if resp.status_code != 200:
+            break
+        batch = resp.json()
+        if not batch:
+            break
+        repos.extend(batch)
+        page += 1
+    return repos
+
+
+def get_total_stars(repos):
+    """Sum stargazers across all repos."""
+    return sum(r.get("stargazers_count", 0) for r in repos)
+
+
+def get_commits_last_week(repos):
+    """Count commits in the last 7 days across all repos."""
+    since = (datetime.now(timezone.utc) - timedelta(days=7)).isoformat()
+    total = 0
+    for repo in repos:
+        name = repo["full_name"]
+        page = 1
+        while True:
+            resp = requests.get(
+                f"{GITHUB_API}/repos/{name}/commits",
+                params={"since": since, "per_page": 100, "page": page},
+            )
+            if resp.status_code != 200:
+                break
+            batch = resp.json()
+            if not batch:
+                break
+            total += len(batch)
+            if len(batch) < 100:
+                break
+            page += 1
+    return total
+
+
+def get_prs_merged_last_week(repos):
+    """Count PRs merged in the last 7 days."""
+    since = (datetime.now(timezone.utc) - timedelta(days=7)).isoformat()
+    total = 0
+    for repo in repos:
+        name = repo["full_name"]
+        resp = requests.get(
+            f"{GITHUB_API}/repos/{name}/pulls",
+            params={"state": "closed", "sort": "updated", "direction": "desc", "per_page": 100},
+        )
+        if resp.status_code != 200:
+            continue
+        for pr in resp.json():
+            if pr.get("merged_at") and pr["merged_at"] >= since:
+                total += 1
+    return total
+
+
+def get_issues_stats(repos):
+    """Count issues opened and closed in the last 7 days."""
+    since = (datetime.now(timezone.utc) - timedelta(days=7)).isoformat()
+    opened = 0
+    closed = 0
+    for repo in repos:
+        name = repo["full_name"]
+        # Opened
+        resp = requests.get(
+            f"{GITHUB_API}/repos/{name}/issues",
+            params={"state": "all", "since": since, "per_page": 100},
+        )
+        if resp.status_code == 200:
+            for issue in resp.json():
+                if issue.get("pull_request"):
+                    continue
+                if issue.get("created_at", "") >= since:
+                    opened += 1
+                if issue.get("closed_at") and issue["closed_at"] >= since:
+                    closed += 1
+    return opened, closed
+
+
+def get_npm_downloads():
+    """Get npm download count for the last week."""
+    resp = requests.get(f"{NPM_API}/downloads/point/last-week/{NPM_PACKAGE}")
+    if resp.status_code != 200:
+        return 0
+    return resp.json().get("downloads", 0)
+
+
+def format_tweet(npm_downloads, total_stars, prs_merged, commits):
+    """Format the weekly summary tweet."""
+    lines = ["This week at Delimit:", ""]
+    if npm_downloads > 0:
+        lines.append(f"\U0001f4e6 {npm_downloads:,} npm downloads")
+    if total_stars > 0:
+        lines.append(f"\u2b50 {total_stars:,} stars")
+    if prs_merged > 0:
+        lines.append(f"\U0001f500 {prs_merged:,} PRs merged")
+    if commits > 0:
+        lines.append(f"\U0001f6e0\ufe0f {commits:,} commits")
+    lines.append("")
+    lines.append("Keep Building.")
+    lines.append("")
+    lines.append("delimit.ai")
+    return "\n".join(lines)
+
+
+def post_tweet(text):
+    """Post tweet using tweepy with OAuth 1.0a credentials from env vars."""
+    consumer_key = os.environ.get("TWITTER_CONSUMER_KEY")
+    consumer_secret = os.environ.get("TWITTER_CONSUMER_SECRET")
+    access_token = os.environ.get("TWITTER_ACCESS_TOKEN")
+    access_token_secret = os.environ.get("TWITTER_ACCESS_TOKEN_SECRET")
+
+    if not all([consumer_key, consumer_secret, access_token, access_token_secret]):
+        print("ERROR: Missing Twitter credentials in environment variables.")
+        sys.exit(1)
+
+    client = tweepy.Client(
+        consumer_key=consumer_key,
+        consumer_secret=consumer_secret,
+        access_token=access_token,
+        access_token_secret=access_token_secret,
+    )
+    response = client.create_tweet(text=text)
+    print(f"Tweet posted: https://x.com/delimit_ai/status/{response.data['id']}")
+
+
+def main():
+    print("Gathering weekly stats for delimit-ai...")
+
+    repos = get_org_repos()
+    print(f"  Found {len(repos)} public repos")
+
+    npm_downloads = get_npm_downloads()
+    print(f"  npm downloads (last week): {npm_downloads}")
+
+    total_stars = get_total_stars(repos)
+    print(f"  Total stars: {total_stars}")
+
+    prs_merged = get_prs_merged_last_week(repos)
+    print(f"  PRs merged (last week): {prs_merged}")
+
+    commits = get_commits_last_week(repos)
+    print(f"  Commits (last week): {commits}")
+
+    # Don't tweet if there's nothing to report
+    if npm_downloads == 0 and total_stars == 0 and prs_merged == 0 and commits == 0:
+        print("No activity this week. Skipping tweet.")
+        return
+
+    tweet_text = format_tweet(npm_downloads, total_stars, prs_merged, commits)
+    print(f"\nTweet ({len(tweet_text)} chars):\n{tweet_text}\n")
+
+    post_tweet(tweet_text)
+
+
+if __name__ == "__main__":
+    main()