proof-of-commitment 1.29.1 → 1.30.0

package/index.js

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 /**
- * proof-of-commitment CLI v1.29.0
+ * proof-of-commitment CLI v1.30.0
  * Scores npm/PyPI/Cargo/Go packages on behavioral commitment signals.
  * Usage: npx proof-of-commitment [packages...] [options]
  */
@@ -596,7 +596,7 @@ function printTable(results, { totalScanned, totalCritical, lockfile } = {}) {
   console.log(clr(c.cyan, `\n  🔗 Full report: ${WEB}?packages=${encodeURIComponent(topPkgs)}&${utm}`));
   console.log(clr(c.cyan, `  🤖 GitHub Action: github.com/piiiico/commit-action — block CRITICAL packages in CI`));
   console.log(clr(c.dim, `  📋 Add to this project: `) + clr(c.cyan, `poc init`) + clr(c.dim, ` — creates workflow + README badge`));
-  console.log(clr(c.dim, `  🛡️  Protect every install: `) + clr(c.cyan, `poc hook`) + clr(c.dim, ` — Cursor hook, blocks CRITICAL before npm/pip/cargo runs`));
+  console.log(clr(c.dim, `  🛡️  Protect every install: `) + clr(c.cyan, `poc hook`) + clr(c.dim, ` — Cursor/Claude Code/Windsurf hook, blocks CRITICAL before npm/pip/cargo runs`));
 
   // Per-package profile URLs — drive traffic to permanent, indexable pages
   const ecoPath = { npm: 'npm', pypi: 'pypi', cargo: 'cargo', golang: 'go' };
@@ -710,40 +710,41 @@ async function inlineSignup(results, opts = {}) {
   const critPkgs = results.filter(r => hasCritical(r.riskFlags));
   const lowScorePkgs = results.filter(r => typeof r.score === 'number' && r.score < 60);
   const hasFindings = critPkgs.length >= 1 || lowScorePkgs.length >= 2;
-  // engagementSignal: true when the backend returned an `_cta` field, which
-  // means this IP has scored ≥ AUDIT_SOFT_CTA_AT (5) packages today.
-  // That's a server-confirmed engagement signal independent of local result
-  // shape — the user is approaching the daily wall (15) and will hit it
-  // soon. Pre-this fix, single-package healthy scans at counts 5–14 saw
-  // only a dim URL: the strongest in-terminal conversion moment dropped to
-  // a copy-paste task. With engagementSignal=true we bypass the findings
-  // gate so the inline email→key prompt fires at the moment of warmest
-  // engagement. Closes the leak found 2026-06-10 dogfooding /api/keys/stats:
-  // 4 IPs hit AUDIT_SOFT_CTA_AT in 7d, 0 organic signups.
+  // engagementSignal: server _cta — this IP has scored ≥ AUDIT_SOFT_CTA_AT
+  // (5) packages today. Server-confirmed repeat-use signal independent of
+  // local result shape.
   const engagementSignal = !!opts.engagementSignal;
-  // Gate: show prompt when there's something worth monitoring OR the user
-  // has demonstrated repeat-use engagement today (server _cta signal).
-  // Old gate (results.length < 3) blocked the most common entry point:
-  // `npx proof-of-commitment axios` after reading about an attack.
-  // A single CRITICAL result IS the high-intent moment — don't skip it.
-  // For healthy single-package checks with no findings AND no engagement
-  // signal, still skip.
-  if (results.length < 3 && !hasFindings && !engagementSignal) return;
-
-  // Copy adapts to context. Findings → degradation framing.
-  // Healthy → baseline-lock framing (still real value: alert me if any score drops).
-  // engagementSignal without findings → soft-CTA wall-approach framing.
+  // 2026-06-11 v1.30.0 proposition shift: gate relaxed to results.length<1.
+  // Prior gates (`<3 && !hasFindings && !engagementSignal`) blocked the most
+  // common entry point — `npx proof-of-commitment axios` after reading about
+  // an attack — when the result was healthy. The watchlist auto-seed shipped
+  // earlier today (abe53f1) made single-package signups valuable: signup →
+  // that package goes on watchlist + email if attacked. "Enter to skip"
+  // keeps opt-out one keystroke. Closes the proposition gap from 2026-06-10
+  // /api/keys/stats dogfood: 4 IPs hit soft-CTA in 7d, 0 organic signups —
+  // copy was quota-focused, not value-focused.
+  if (results.length < 1) return;
+
+  // Heading copy: lead with the proposition (auto-watch + alert on attack),
+  // not the friction (quota wall). Pre-v1.30.0 the engagementSignal heading
+  // was wall-approach quota framing (see git log for prior copy) — friction-
+  // removal for a user the system has already identified as security-engaged.
+  // New framing names what they actually get: watchlist seeded from this
+  // scan, email if anything tampers.
+  const count = results.length;
+  const pkgRef = count === 1 ? 'this' : `these ${count}`;
+  const subjRef = count === 1 ? 'it' : 'any';
+  const subjGets = count === 1 ? 'gets' : 'get';
+
   const heading = hasFindings
-    ? (results.length === 1
-      ? '  🔔 Monitor this package. Get alerted if it gets worse.'
-      : '  🔔 Lock in this audit. Get alerted if these packages get worse.')
+    ? `  🔔 Auto-watch ${pkgRef}. Email if ${subjRef} ${subjGets} attacked or score drops.`
     : engagementSignal
-      ? '  🔔 Past the free anonymous quota on this network — lift it to 200/day.'
-      : '  🔔 Lock in this baseline. Get alerted if any of these packages degrade.';
+      ? `  🔔 You're scanning a lot. Watch ${pkgRef} for the next attack? Free.`
+      : `  🔔 Auto-watch ${pkgRef}. Free email alert if ${subjRef} ${subjGets} attacked.`;
 
   console.log(clr(c.dim, '  ─────────────────────────────────────────────'));
   console.log(clr(c.bold, heading));
-  console.log(clr(c.dim, '     Free, no card, 10 seconds. Saves to ~/.commit/config.\n'));
+  console.log(clr(c.dim, '     Seeds your watchlist from this scan. 10s, no card.\n'));
 
   const { createInterface } = await import('readline');
   const rl = createInterface({ input: process.stdin, output: process.stdout });
@@ -845,7 +846,7 @@ async function inlineSignup(results, opts = {}) {
 
 function printHelp() {
   console.log(`
-${clr(c.bold, 'proof-of-commitment')} v1.29.1 — supply chain risk scorer
+${clr(c.bold, 'proof-of-commitment')} v1.30.0 — supply chain risk scorer
 
 ${clr(c.bold, 'Usage:')}
   npx proof-of-commitment                            Auto-detect manifest in current dir
@@ -873,11 +874,12 @@ ${clr(c.bold, 'Reports:')}
                       Saves audit-report.html to cwd + prints Markdown for GitHub issues
 
 ${clr(c.bold, 'IDE Hooks:')}
-  poc hook            Install supply chain gate for Cursor + Claude Code (blocks CRITICAL packages)
+  poc hook            Install supply chain gate for Cursor + Claude Code + Windsurf
   poc hook --cursor   Install only the Cursor beforeShellExecution hook
   poc hook --claude-code  Install only the Claude Code PreToolUse hook
-  poc hook --global   Install for the current user (~/.cursor + ~/.claude)
-  poc hook --uninstall Remove the hook from both Cursor and Claude Code
+  poc hook --windsurf Install only the Windsurf pre_run_command hook
+  poc hook --global   Install for the current user (~/.cursor + ~/.claude + ~/.codeium/windsurf)
+  poc hook --uninstall Remove the hook from all IDEs
 
 ${clr(c.bold, 'Account:')}
   poc login [key]     Save and validate your API key (interactive or direct)
@@ -1503,18 +1505,20 @@ async function cmdLogout() {
 }
 
 /**
- * poc hook [--cursor] [--claude-code] [--global] [--uninstall]
- * Install a supply chain gate hook for Cursor (beforeShellExecution) and/or
- * Claude Code (PreToolUse) that scores packages before install.
+ * poc hook [--cursor] [--claude-code] [--windsurf] [--global] [--uninstall]
+ * Install a supply chain gate hook for Cursor (beforeShellExecution),
+ * Claude Code (PreToolUse), and/or Windsurf (pre_run_command) that scores
+ * packages before install.
  *
  * Writes a single hook script to ~/.commit/cursor-hook.js (the filename is
  * kept for backward compatibility with v1.21.x installs; the same script
  * now auto-detects whether stdin is in Cursor or Claude Code format and
  * emits the matching response shape).
  *
- * Default installs both Cursor + Claude Code configs. Pass --cursor or
- * --claude-code to install only one. --global writes to ~/.cursor and
- * ~/.claude; default writes to ./.cursor and ./.claude.
+ * Default installs all three (Cursor + Claude Code + Windsurf). Pass
+ * --cursor, --claude-code, or --windsurf to install only one.
+ * --global writes to ~/.cursor, ~/.claude, and ~/.codeium/windsurf;
+ * default writes to ./.cursor, ./.claude, and ./.windsurf.
  */
 async function cmdHook(args) {
   const os = await import('os');
@@ -1525,22 +1529,26 @@ async function cmdHook(args) {
   const uninstall = args.includes('--uninstall') || args.includes('--remove');
   const onlyCursor = args.includes('--cursor');
   const onlyClaude = args.includes('--claude-code') || args.includes('--claude');
-  // Default (no client flag) = install both. --cursor and --claude-code narrow scope.
-  const installCursor = !onlyClaude;
-  const installClaude = !onlyCursor;
+  const onlyWindsurf = args.includes('--windsurf');
+  // Default (no client flag) = install all three. Narrow with --cursor, --claude-code, or --windsurf.
+  const hasClientFlag = onlyCursor || onlyClaude || onlyWindsurf;
+  const installCursor = hasClientFlag ? onlyCursor : true;
+  const installClaude = hasClientFlag ? onlyClaude : true;
+  const installWindsurf = hasClientFlag ? onlyWindsurf : true;
 
   // ── Hook script (plain Node.js, no external deps) ─────────────────────
-  // Single script serves BOTH Cursor (beforeShellExecution) and Claude Code
-  // (PreToolUse). It auto-detects which client called it by inspecting the
-  // stdin JSON and emits the matching response format.
+  // Single script serves Cursor (beforeShellExecution), Claude Code
+  // (PreToolUse), AND Windsurf (pre_run_command). It auto-detects which
+  // client called it by inspecting the stdin JSON and emits the matching
+  // response format.
   const hookScript = `#!/usr/bin/env node
 /**
- * Commit supply chain hook for Cursor + Claude Code (auto-generated by \`poc hook\`)
+ * Commit supply chain hook for Cursor + Claude Code + Windsurf (auto-generated by \`poc hook\`)
  * Intercepts npm/pip/cargo/go install commands and scores packages
  * against getcommit.dev before they run.
  *
  * CRITICAL packages are blocked. HIGH packages trigger confirmation.
- * Auto-detects Cursor vs Claude Code stdin format and replies in kind.
+ * Auto-detects Cursor vs Claude Code vs Windsurf stdin format and replies in kind.
  * Docs: https://getcommit.dev/docs/cursor-hook
  */
 const API = process.env.COMMIT_API_URL || 'https://poc-backend.amdal-dev.workers.dev/api/audit';
@@ -1577,7 +1585,11 @@ function parseInstall(cmd) {
 // Detect which client called us and how to extract the command.
 // Cursor:      stdin = { command: 'npm install ...', workingDirectory? }
 // Claude Code: stdin = { tool_name: 'Bash', tool_input: { command: '...' }, hook_event_name: 'PreToolUse', ... }
+// Windsurf:    stdin = { agent_action_name: 'pre_run_command', tool_info: { command_line: '...' } }
 function detectClient(input) {
+  if (input && input.agent_action_name === 'pre_run_command' && input.tool_info) {
+    return { client: 'windsurf', cmd: input.tool_info.command_line || '' };
+  }
   if (input && input.tool_input && typeof input.tool_input.command === 'string') {
     return { client: 'claude-code', cmd: input.tool_input.command };
   }
@@ -1589,8 +1601,8 @@ function detectClient(input) {
 
 // Emit the appropriate "no decision" / "allow" output for the detected client.
 function emitAllow(client) {
-  if (client === 'claude-code') {
-    // No stdout + exit 0 = defer to normal permission flow.
+  if (client === 'claude-code' || client === 'windsurf') {
+    // No stdout + exit 0 = allow / defer to normal permission flow.
     return;
   }
   process.stdout.write(JSON.stringify({ permission: 'allow' }));
@@ -1598,6 +1610,12 @@ function emitAllow(client) {
 
 // Emit deny / ask in the matching format.
 function emit(client, decision, userMsg, agentMsg) {
+  if (client === 'windsurf') {
+    // Windsurf uses exit codes: 0 = allow, 2 = block. stderr = message shown in Cascade UI.
+    process.stderr.write(userMsg.replace(/\\\\n/g, '\\n'));
+    process.exit(2);
+    return;
+  }
   if (client === 'claude-code') {
     process.stdout.write(JSON.stringify({
       hookSpecificOutput: {
@@ -1641,7 +1659,7 @@ async function main() {
     // Without this, hook would silently allow unscored packages on 429 (false sense of security).
     const rateLimited = res.status === 429;
     // Per-client attribution so /api/keys/create source counters split traffic cleanly.
-    const refTag = client === 'claude-code' ? 'claude-code-hook-429' : 'cursor-hook-429';
+    const refTag = client === 'claude-code' ? 'claude-code-hook-429' : client === 'windsurf' ? 'windsurf-hook-429' : 'cursor-hook-429';
     const rlUrl = rateLimited ? 'https://getcommit.dev/get-started?ref=' + refTag + '&utm_source=cli' : '';
     const unscored = rateLimited ? Math.max(0, parsed.pkgs.length - results.length) : 0;
     const rlNote = rateLimited
@@ -1775,6 +1793,46 @@ main();
     } catch { return false; }
   }
 
+  // ── Windsurf config helpers ──────────────────────────────────────────
+  function windsurfHooksFile(global) {
+    const dir = global ? path.join(os.homedir(), '.codeium', 'windsurf') : path.join(process.cwd(), '.windsurf');
+    return { dir, file: path.join(dir, 'hooks.json') };
+  }
+
+  function installWindsurfHook(global) {
+    const { dir, file } = windsurfHooksFile(global);
+    if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+    let cfg = { hooks: {} };
+    if (fs.existsSync(file)) {
+      try { cfg = JSON.parse(fs.readFileSync(file, 'utf-8')); } catch {}
+    }
+    if (!cfg.hooks) cfg.hooks = {};
+    if (!Array.isArray(cfg.hooks.pre_run_command)) cfg.hooks.pre_run_command = [];
+    const existing = cfg.hooks.pre_run_command.some(h => h.command?.includes('cursor-hook.js'));
+    if (!existing) {
+      cfg.hooks.pre_run_command.push({
+        command: `node ${hookPath}`,
+        show_output: true
+      });
+    }
+    fs.writeFileSync(file, JSON.stringify(cfg, null, 2) + '\n');
+    return file;
+  }
+
+  function uninstallWindsurfHook(global) {
+    const { file } = windsurfHooksFile(global);
+    if (!fs.existsSync(file)) return false;
+    try {
+      const cfg = JSON.parse(fs.readFileSync(file, 'utf-8'));
+      const hooks = cfg.hooks?.pre_run_command || [];
+      const filtered = hooks.filter(h => !h.command?.includes('cursor-hook.js'));
+      if (filtered.length === hooks.length) return false;
+      cfg.hooks.pre_run_command = filtered;
+      fs.writeFileSync(file, JSON.stringify(cfg, null, 2) + '\n');
+      return true;
+    } catch { return false; }
+  }
+
   // ── Uninstall ──────────────────────────────────────────────────────────
   if (uninstall) {
     let removed = false;
@@ -1794,9 +1852,16 @@ main();
         console.log(clr(c.dim, `  Updated: ${claudeSettingsFile(g).file}`));
       }
     }
+    // Windsurf: same.
+    for (const g of [false, true]) {
+      if (uninstallWindsurfHook(g)) {
+        removed = true;
+        console.log(clr(c.dim, `  Updated: ${windsurfHooksFile(g).file}`));
+      }
+    }
 
     if (removed) {
-      console.log(clr(c.green, '\n  ✓ Commit hook uninstalled (Cursor + Claude Code).'));
+      console.log(clr(c.green, '\n  ✓ Commit hook uninstalled (Cursor + Claude Code + Windsurf).'));
     } else {
       console.log(clr(c.dim, '\n  No hook found to remove.'));
     }
@@ -1812,6 +1877,7 @@ main();
   const writtenFiles = [];
   if (installCursor) writtenFiles.push({ client: 'Cursor', file: installCursorHook(isGlobal) });
   if (installClaude) writtenFiles.push({ client: 'Claude Code', file: installClaudeHook(isGlobal) });
+  if (installWindsurf) writtenFiles.push({ client: 'Windsurf', file: installWindsurfHook(isGlobal) });
 
   // 3. Report
   const clientList = writtenFiles.map(w => w.client).join(' + ');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "proof-of-commitment",
-  "version": "1.29.1",
+  "version": "1.30.0",
   "mcpName": "io.github.piiiico/proof-of-commitment",
   "description": "Supply chain security risk scorer for npm, PyPI, Cargo, and Go packages — behavioral signals that can't be faked",
   "type": "module",