npm - pipechecker - Versions diffs - 0.2.2 → 0.2.3 - Mend

pipechecker 0.2.2 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md +41 -198
package/npm/pipechecker-darwin-arm64/pipechecker +0 -0
package/npm/pipechecker-darwin-x64/pipechecker +0 -0
package/npm/pipechecker-linux-arm64/pipechecker +0 -0
package/npm/pipechecker-linux-x64/pipechecker +0 -0
package/npm/pipechecker-x64.exe/pipechecker.exe +0 -0
package/package.json +1 -1
package/scripts/install.js +3 -3

package/README.md CHANGED Viewed

@@ -1,206 +1,49 @@
-# 🔍 Pipecheck
+# PipeChecker
-[![CI](https://github.com/Ayyankhan101/PipeCheck/workflows/CI/badge.svg)](https://github.com/Ayyankhan101/PipeCheck/actions)
-[![Crates.io](https://img.shields.io/crates/v/pipecheck.svg)](https://crates.io/crates/pipecheck)
-[![npm](https://img.shields.io/npm/v/pipecheck.svg)](https://www.npmjs.com/package/pipecheck)
-[![License](https://img.shields.io/badge/license-MIT%2FApache--2.0-blue.svg)](LICENSE-MIT)
+A Rust‑native CI/CD pipeline auditor that validates GitHub Actions, GitLab CI, and CircleCI workflows.
-**A blazingly fast CI/CD pipeline auditor that catches errors before you push.**
-Stop wasting time debugging CI failures. Pipecheck validates your GitHub Actions, GitLab CI, and CircleCI configurations locally, catching syntax errors, circular dependencies, and security issues instantly.
-## 🚀 Quick Start
-### Install via npm (recommended)
-```bash
-npm install -g pipecheck
-```
-### Install via Cargo
-```bash
-cargo install pipecheck
-```
-### Run
+## Quick start
 ```bash
-pipecheck .github/workflows/ci.yml
-```
-## ✨ Features
-- ✅ **Syntax Validation** - Parse and validate GitHub Actions, GitLab CI, and CircleCI configs
-- 🔄 **Dependency Analysis** - Detect circular dependencies in job workflows
-- 🔐 **Secrets Auditing** - Identify hardcoded secrets and environment variable issues
-- 🐳 **Docker Validation** - Check Docker image references and tags
-- 📊 **Multiple Output Formats** - Text and JSON output for CI integration
-- ⚡ **Fast** - Written in Rust for maximum performance
-- 🎯 **Zero Config** - Works out of the box
-## 💡 Why Pipecheck?
-**Before Pipecheck:**
-```
-git push
-→ Wait 5 minutes
-→ CI fails: "Circular dependency detected"
-→ Fix locally
-→ git push again
-→ Wait 5 minutes...
-```
-**With Pipecheck:**
-```
-pipecheck .github/workflows/ci.yml
-→ ❌ ERROR: Circular dependency detected: job-a -> job-c -> job-b
-→ Fix immediately
-→ git push with confidence ✅
-```
-## 📖 Usage
-### Quick Start
+# Build and install (if not already built)
+cargo install --path .
+# Run the auditor on a repository (auto‑detects workflow files)
+pipechecker --all
+```
+## CLI flags
+| Flag | Description |
+|------|-------------|
+| `--all` | Audit **all** workflow files in the repository |
+| `--watch` | Watch files for changes and re‑run the audit |
+| `--fix` | Attempt automatic fixes (e.g., pin unpinned actions) |
+| `--tui` | Launch the interactive terminal UI |
+| `--format json` | Output results as JSON |
+| `--strict` | Treat warnings as errors |
+| `--no-pinning` | Skip Docker image and action‑pinning checks |
+## Symbols used in output
+- `✅` – No issues found
+- `⚠️` – **Warning** (non‑critical issue)
+- `❌` – **Error** (must be addressed)
+- `🔧` – Auto‑fix mode
+## Testing
+Run the full test suite:
 ```bash
-# Auto-detect and check workflow
-pipecheck
-# Check specific file
-pipecheck .github/workflows/ci.yml
-# Check all workflows
-pipecheck --all
-# Interactive TUI mode
-pipecheck --tui
-```
-### All Options
-```
-CI/CD Pipeline Auditor - Catch errors before you push
-Usage: pipecheck [OPTIONS] [FILE]
-Arguments:
-  [FILE]  Path to pipeline configuration file (auto-detects if not provided)
-Options:
-  -a, --all              Check all workflow files in directory
-      --install-hook     Install pre-commit hook
-  -w, --watch            Watch for file changes and re-check
-      --fix              Automatically fix issues where possible
-      --tui              Interactive terminal UI mode
-  -f, --format <FORMAT>  Output format (text, json) [default: text]
-      --no-docker        Skip Docker image checks
-  -s, --strict           Enable strict mode (warnings as errors)
-  -h, --help             Print help
-  -V, --version          Print version
+cargo test
 ```
+The repository includes unit tests for the auditors (syntax, DAG, secrets) to ensure future changes don’t re‑introduce bugs.
-### Interactive Features
-```bash
-# Install pre-commit hook
-pipecheck --install-hook
-# Watch mode - auto-recheck on file changes
-pipecheck --watch
-# Interactive TUI mode
-pipecheck --tui
-# Auto-fix issues (Coming soon!)
-pipecheck --fix
-```
-### Configuration File
-Create `.pipecheckrc.yml` in your project root:
-```yaml
-ignore:
-  - .github/workflows/old-*.yml
-rules:
-  circular_dependencies: true
-  missing_secrets: true
-  docker_latest_tag: true
-```
-### Output Formats
-```bash
-# Text output (default)
-pipecheck .github/workflows/ci.yml
-# JSON output for CI integration
-pipecheck .github/workflows/ci.yml --format json
-# Strict mode (warnings as errors)
-pipecheck .github/workflows/ci.yml --strict
-# Skip Docker checks
-pipecheck .github/workflows/ci.yml --no-docker
-```
-## 📋 Example Output
-```
-Provider: GitHubActions
-1 errors, 0 warnings
-❌ ERROR: Circular dependency detected: job-a -> job-c -> job-b
-   💡 Remove one of the dependencies to break the cycle
-ℹ️  INFO: Job 'build' uses secret: API_KEY
-   💡 Ensure this secret is configured in repository settings
-```
-## 🔧 Supported Platforms
-| Platform | Status | File Pattern |
-|----------|--------|--------------|
-| **GitHub Actions** | ✅ Full Support | `.github/workflows/*.yml` |
-| **GitLab CI** | ✅ Full Support | `.gitlab-ci.yml` |
-| **CircleCI** | ✅ Full Support | `.circleci/config.yml` |
-## 🏗️ Use in CI/CD
-### GitHub Actions
-```yaml
-- name: Validate workflows
-  run: |
-    npm install -g pipecheck
-    pipecheck .github/workflows/*.yml --strict
-```
-### GitLab CI
-```yaml
-validate:
-  script:
-    - cargo install pipecheck
-    - pipecheck .gitlab-ci.yml --strict
-```
-### Pre-commit Hook
-```bash
-#!/bin/bash
-pipecheck .github/workflows/*.yml --strict || exit 1
-```
-## 🤝 Contributing
-Contributions are welcome! See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
-## 📝 License
-Licensed under either of:
-- MIT License ([LICENSE-MIT](LICENSE-MIT))
-- Apache License, Version 2.0 ([LICENSE-APACHE](LICENSE-APACHE))
-at your option.
+## CI configuration
+The GitHub Actions CI (`.github/workflows/ci.yml`) already runs:
+- **Clippy** with `-D warnings`
+- **rustfmt** checks
+- **cargo audit** and **cargo deny** for security and licensing
+- **Coverage** with `cargo tarpaulin`
+- **Matrix builds** across Linux, macOS, and Windows, including cross‑compilation for `aarch64`.
-## 🌟 Show Your Support
+The `network` feature (Docker image pinning) is exercised in the CI matrix via the `test` job, which builds the project with all optional features enabled.
-If Pipecheck saves you time, give it a ⭐ on GitHub!
+## License
+This project is licensed under either **MIT** or **Apache‑2.0** at your option. The `deny.toml` also includes **MPL‑2.0** and **Unicode‑3.0** as allowed licenses.

package/npm/pipechecker-darwin-arm64/pipechecker CHANGED Viewed

Binary file

package/npm/pipechecker-darwin-x64/pipechecker CHANGED Viewed

Binary file

package/npm/pipechecker-linux-arm64/pipechecker CHANGED Viewed

Binary file

package/npm/pipechecker-linux-x64/pipechecker CHANGED Viewed

Binary file

package/npm/pipechecker-x64.exe/pipechecker.exe CHANGED Viewed

Binary file

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "pipechecker",
-  "version": "0.2.2",
+  "version": "0.2.3",
   "description": "CI/CD Pipeline Auditor - Catch errors before you push",
   "bin": {
     "pipechecker": "./bin/pipechecker.js"

package/scripts/install.js CHANGED Viewed

@@ -62,7 +62,7 @@ async function install() {
   // Check if binary already exists
   if (fs.existsSync(binaryPath)) {
-    console.log('✓ Pipecheck binary already installed');
+    console.log('✓ Pipechecker binary already installed');
     return;
   }
@@ -78,7 +78,7 @@ async function install() {
   try {
     await download(url, binaryPath);
     fs.chmodSync(binaryPath, 0o755);
-    console.log('✓ Pipecheck installed successfully');
+    console.log('✓ Pipechecker installed successfully');
   } catch (error) {
     console.error(`Failed to download binary from ${url}`);
     console.error('Falling back to building from source...');
@@ -89,7 +89,7 @@ async function install() {
         process.platform === 'win32' ? 'pipechecker.exe' : 'pipechecker');
       fs.copyFileSync(sourceBinary, binaryPath);
       fs.chmodSync(binaryPath, 0o755);
-      console.log('✓ Pipecheck installed from source');
+      console.log('✓ Pipechecker installed from source');
     } catch (buildError) {
       console.error('Failed to build from source. Please ensure Rust is installed.');
       console.error('Visit https://rustup.rs to install Rust');