npm - hookstack-cli - Versions diffs - 0.1.18 → 0.1.19 - Mend

hookstack-cli 0.1.18 → 0.1.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/bin/cli.mjs CHANGED Viewed

@@ -11,7 +11,6 @@ import {
   mergeHooks,
   assertSafeTarget,
   collectIncomingHooks,
-  buildSummaryRows,
   buildSecurityRows,
 } from './core.mjs'
@@ -71,29 +70,36 @@ function capCell(on, width) {
   return on ? pc.yellow(text) : pc.dim(text)
 }
-const SNYK_COLOR = { high: pc.red, medium: pc.yellow, low: pc.cyan, safe: pc.green, unknown: pc.dim }
+const VERDICT_COLOR = { high: pc.red, medium: pc.yellow, low: pc.cyan, safe: pc.green, unknown: pc.dim }
 export function securityPanel(rows) {
-  const W = { name: 28, cap: 8, snyk: 10 }
+  const W = { name: 24, benefit: 34, cap: 7, snyk: 9, codeql: 8 }
   const header = pc.dim(
-    ''.padEnd(W.name) + 'Shell'.padEnd(W.cap) + 'Net'.padEnd(W.cap) +
-    'Writes'.padEnd(W.cap) + 'Snyk',
+    ''.padEnd(W.name) +
+    ''.padEnd(W.benefit) +
+    'Shell'.padEnd(W.cap) +
+    'Net'.padEnd(W.cap) +
+    'Writes'.padEnd(W.cap) +
+    'Snyk'.padEnd(W.snyk) +
+    'CodeQL',
   )
-  const body = rows.map(r =>
-    truncPad(r.name, W.name) +
-    capCell(r.shell, W.cap) +
-    capCell(r.network, W.cap) +
-    capCell(r.fsWrite, W.cap) +
-    (SNYK_COLOR[r.snyk.level] ?? pc.dim)(truncPad(r.snyk.label, W.snyk)),
-  )
-  const anyUnknown = rows.some(r => r.snyk.level === 'unknown')
+  const body = rows.flatMap(r => {
+    const benefitText = r.benefit ? truncPad(r.benefit, W.benefit) : ''.padEnd(W.benefit)
+    const row = truncPad(r.name, W.name) +
+      pc.dim(benefitText) +
+      capCell(r.shell, W.cap) +
+      capCell(r.network, W.cap) +
+      capCell(r.fsWrite, W.cap) +
+      (VERDICT_COLOR[r.snyk.level] ?? pc.dim)(truncPad(r.snyk.label, W.snyk)) +
+      (VERDICT_COLOR[r.codeql.level] ?? pc.dim)(r.codeql.label)
+    return [row]
+  })
   const footer = [
     '',
     pc.dim('Shell = runs commands · Net = network access · Writes = filesystem writes'),
-    anyUnknown ? pc.dim('Snyk "—" = not scanned yet') : null,
     pc.dim(`Details: ${API_BASE}/hook/<slug>`),
-  ].filter(v => v !== null).join('\n')
-  return [header, ...body, footer].join('\n')
+  ].join('\n')
+  return [header, '', ...body, footer].join('\n')
 }
 // ── install ───────────────────────────────────────────────────────────────────
@@ -184,12 +190,10 @@ async function interactiveInstall(slugs, args) {
   scope = scopeResult
   const dirs = resolveScopeRoot(scope, { cwd: process.cwd(), home: homedir() })
-  const summaryRows = buildSummaryRows(hooks, { root: dirs.root })
   const secRows = buildSecurityRows(hooks)
-  // Panels
-  p.note(summaryPanel(summaryRows), 'Installation Summary')
-  p.note(securityPanel(secRows), 'Security Assessment')
+  // Panel
+  p.note(securityPanel(secRows), 'Installation Summary')
   // Confirm
   const scopeLabel = scope === 'global' ? '~/.claude' : scope === 'copilot' ? './.claude (Copilot mode)' : './.claude'

package/bin/core.mjs CHANGED Viewed

@@ -159,6 +159,16 @@ export function snykVerdict(snyk) {
   return { label: 'Safe', level: 'safe' }
 }
+// Maps a stored CodeQL scan to a short verdict label.
+export function codeqlVerdict(codeql) {
+  if (!codeql || typeof codeql !== 'object') return { label: '—', level: 'unknown' }
+  const { critical = 0, high = 0, medium = 0, low = 0 } = codeql
+  if (critical > 0 || high > 0) return { label: 'High Risk', level: 'high' }
+  if (medium > 0) return { label: 'Med Risk', level: 'medium' }
+  if (low > 0) return { label: 'Low Risk', level: 'low' }
+  return { label: 'Safe', level: 'safe' }
+}
 export function shortRepo(url) {
   if (!url) return null
   return String(url)
@@ -184,12 +194,14 @@ export function buildSummaryRows(hooks, { root }) {
   })
 }
-// Display rows for the "Security" panel: local static capabilities + Snyk verdict.
+// Display rows for the "Installation Summary" panel: description + static capabilities + verdicts.
 export function buildSecurityRows(hooks) {
   return hooks.map(h => ({
     slug: h.slug,
     name: h.name ?? h.slug,
+    benefit: h.benefit ?? null,
     ...analyzeSecurity(h.code_snippet),
     snyk: snykVerdict(h.security?.snyk),
+    codeql: codeqlVerdict(h.security?.codeql),
   }))
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "hookstack-cli",
-  "version": "0.1.18",
+  "version": "0.1.19",
   "description": "CLI installer for the Hookstack catalogue of Claude Code hooks",
   "type": "module",
   "bin": {