ready-to-ship 1.0.0

package/README.md

@@ -0,0 +1,196 @@
+# 🚀 Ready-to-Ship CLI
+
+**Validate a backend project before deployment like a senior engineer would.**
+
+[![npm version](https://img.shields.io/npm/v/ready-to-ship)](https://www.npmjs.com/package/ready-to-ship)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+> **The only CLI that combines environment, auth, API, security, dependencies, and database validation in one tool.**
+
+## ✨ Features
+
+- ✅ **Environment Validation** - Check `.env` files, missing variables, weak secrets, type validation
+- 🔐 **Auth Validation** - Detect unprotected routes, JWT configuration, middleware checks
+- 🌐 **API Validation** - Health endpoints, route consistency, HTTP method patterns
+- 📁 **Project Validation** - Structure, README, error handling, best practices
+- 🔒 **Security Validation** - CORS, security headers, rate limiting, vulnerability detection
+- 📦 **Dependencies Validation** - Package health, lock files, outdated packages
+- 🗄️ **Database Validation** - Connection handling, pooling, migration files
+- 🔧 **Auto-Fix Suggestions** - Get actionable fixes for common issues
+- 📊 **Comprehensive Reports** - Combined verdict with detailed insights
+- 🎯 **CI/CD Ready** - GitHub Actions templates included
+
+## Installation
+
+```bash
+npm install -g ready-to-ship
+```
+
+Or use with npx (no installation needed):
+
+```bash
+npx ready-to-ship <command>
+```
+
+## Usage
+
+### Individual Checks
+
+```bash
+# Check environment variables
+npx ready-to-ship env
+
+# Check authentication & route protection
+npx ready-to-ship auth
+
+# Check API endpoints
+npx ready-to-ship api
+
+# Check project structure
+npx ready-to-ship project
+
+# Check security configurations
+npx ready-to-ship security
+
+# Check dependencies
+npx ready-to-ship dependencies
+
+# Check database configuration
+npx ready-to-ship database
+```
+
+### Auto-Fix
+
+```bash
+# Get fix suggestions
+npx ready-to-ship fix
+
+# Apply fixes automatically (creates files)
+npx ready-to-ship fix --apply
+```
+
+### Full Report
+
+```bash
+# Generate comprehensive report
+npx ready-to-ship report
+
+# With verbose output
+npx ready-to-ship report --verbose
+
+# Export to JSON
+npx ready-to-ship report --json
+```
+
+### Options
+
+- `-p, --path <path>` - Specify project path (default: current directory)
+- `--json` - Export results to JSON (report command only)
+- `--verbose` - Show detailed logs (report command only)
+
+## What It Checks
+
+### 🔹 ENV Module
+- Missing environment variables (compared to `.env.example`)
+- Weak secrets (short JWT_SECRET, etc.)
+- Unused variables
+- Type validation (URL, email, number)
+
+### 🔹 AUTH Module
+- Unprotected sensitive routes
+- Missing auth middleware
+- JWT expiry configuration
+- Route protection patterns
+
+### 🔹 API Module
+- Health endpoint presence
+- Route consistency
+- HTTP method patterns
+- RESTful API best practices
+
+### 🔹 PROJECT Module
+- `.env.example` existence
+- README presence and quality
+- Project structure
+- Error handling middleware
+
+### 🔹 SECURITY Module
+- CORS configuration
+- Security headers (Helmet.js)
+- Rate limiting
+- Common security anti-patterns
+- eval() usage detection
+
+### 🔹 DEPENDENCIES Module
+- Lock file presence
+- Outdated packages
+- Security package recommendations
+- Dependency count analysis
+
+### 🔹 DATABASE Module
+- Database connection configuration
+- Connection error handling
+- Connection pooling
+- Migration files
+- Database type detection
+
+## Example Output
+
+```
+========================
+READY-TO-SHIP REPORT
+========================
+
+ENV:     ✅ PASS
+AUTH:    ❌ FAIL
+API:     ✅ PASS
+PROJECT: ❌ FAIL
+
+FINAL VERDICT: ❌ NOT READY
+```
+
+## 🎯 Why Ready-to-Ship?
+
+**Most validation tools only check one thing.** Ready-to-Ship is the **only CLI** that combines:
+- ✅ Environment validation
+- ✅ Security checks
+- ✅ Auth validation
+- ✅ API health
+- ✅ Dependencies analysis
+- ✅ Database configuration
+- ✅ Auto-fix suggestions
+
+**All in one command.** Save hours of manual review before every deployment.
+
+## 🚀 CI/CD Integration
+
+Add to your GitHub Actions workflow:
+
+```yaml
+- name: Run Ready-to-Ship
+  run: npx ready-to-ship report --json
+```
+
+See `templates/.github/workflows/ready-to-ship.yml` for a complete example.
+
+## 📈 Roadmap
+
+- [ ] OpenAPI/Swagger spec validation
+- [ ] Docker/container readiness checks
+- [ ] Performance hints
+- [ ] Logging setup validation
+- [ ] VSCode extension
+- [ ] Slack/Discord webhook integration
+
+## 🤝 Contributing
+
+Contributions welcome! Please feel free to submit a Pull Request.
+
+## 📝 License
+
+MIT
+
+## ⭐ Star History
+
+If you find this tool useful, please consider giving it a star on GitHub!
+

package/UNIQUE_FEATURES.md

@@ -0,0 +1,114 @@
+# 🎯 What Makes Ready-to-Ship Unique
+
+## Comparison with Existing Tools
+
+Most validation tools only check **one thing**:
+- `dotenv-safe` - Only checks env variables
+- `eslint-plugin-security` - Only code security
+- `npm audit` - Only dependency vulnerabilities
+- `helmet` - Only security headers (runtime)
+
+**Ready-to-Ship combines ALL of these + more in one tool.**
+
+## Unique Features
+
+### 1. **Comprehensive Validation (7 Modules)**
+- ✅ Environment (env vars, secrets, types)
+- ✅ Authentication (route protection, JWT)
+- ✅ API (health endpoints, consistency)
+- ✅ Project (structure, README, error handling)
+- ✅ Security (CORS, headers, rate limiting)
+- ✅ Dependencies (lock files, outdated packages)
+- ✅ Database (connection, pooling, migrations)
+
+**No other tool does all of this.**
+
+### 2. **Auto-Fix Suggestions**
+Not just detection - **actionable fixes**:
+- Creates `.env.example` if missing
+- Generates README template
+- Suggests security package installations
+- Provides code snippets for fixes
+
+### 3. **Zero Configuration**
+Works immediately on any Node.js project:
+- No config files needed
+- Auto-detects project structure
+- Smart pattern matching
+- Framework agnostic
+
+### 4. **Beautiful Human-Readable Output**
+- ✅/❌ Visual indicators
+- Colored output (chalk)
+- Clear error messages
+- Actionable suggestions
+
+### 5. **CI/CD Ready**
+- GitHub Actions templates included
+- JSON export for automation
+- Exit codes for CI integration
+- Artifact upload support
+
+### 6. **Extensible Architecture**
+Easy to add new modules:
+- Modular design
+- Shared utilities
+- Consistent API
+- Plugin-ready
+
+### 7. **Smart Detection**
+- Auto-detects frameworks (Express, Fastify, Koa, NestJS)
+- Detects database types (MongoDB, PostgreSQL, MySQL, Redis)
+- Finds route files automatically
+- Identifies security patterns
+
+## Market Positioning
+
+### Target Users
+- **Node.js developers** - Individual developers
+- **SaaS startups** - Small teams without dedicated DevOps
+- **Agencies** - Multiple client projects
+- **Open source maintainers** - Project quality checks
+
+### Use Cases
+1. **Pre-deployment checks** - Before pushing to production
+2. **Code review** - Automated quality checks
+3. **CI/CD integration** - Automated validation
+4. **Onboarding** - New team member project review
+5. **Audit** - Security and best practices audit
+
+## Competitive Advantages
+
+1. **All-in-One** - No need to run 5+ different tools
+2. **Time Saving** - Saves hours of manual review
+3. **Cost Effective** - Free, open source
+4. **Easy to Use** - Single command, zero config
+5. **Actionable** - Not just warnings, but fixes
+6. **Beautiful** - Great developer experience
+
+## Why It Will Be Popular
+
+1. **Solves Real Problem** - Every backend dev needs this
+2. **Saves Time** - Catches issues before production
+3. **Prevents Costly Mistakes** - Security, env, auth issues
+4. **Shareable** - Teams will recommend it
+5. **Extensible** - Community can add modules
+6. **Well Documented** - Easy to understand and use
+
+## Growth Strategy
+
+1. **Launch** - Publish to npm, GitHub
+2. **Content** - Blog posts, tutorials
+3. **Community** - Reddit, Twitter, Dev.to
+4. **Word of Mouth** - Developers share tools that save time
+5. **Iterate** - Add features based on feedback
+
+## Success Indicators
+
+- ✅ 1000+ npm downloads/week
+- ✅ 500+ GitHub stars
+- ✅ Featured in awesome-nodejs lists
+- ✅ Blog posts and tutorials
+- ✅ Community contributions
+- ✅ Used by major projects
+

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "ready-to-ship",
+  "version": "1.0.0",
+  "description": "🚀 Validate a backend project before deployment like a senior engineer would. Comprehensive checks for env, auth, API, security, dependencies, and database configuration.",
+  "main": "src/cli.js",
+  "bin": {
+    "ready-to-ship": "src/cli.js"
+  },
+  "scripts": {
+    "start": "node src/cli.js",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [
+    "cli",
+    "validation",
+    "backend",
+    "deployment",
+    "env",
+    "auth",
+    "api",
+    "readiness",
+    "security",
+    "dependencies",
+    "database",
+    "devops",
+    "ci-cd",
+    "pre-deployment",
+    "backend-validator",
+    "production-ready",
+    "code-review",
+    "automation"
+  ],
+  "author": "Aakash Singh <aakashskilldevelopment@gmail.com>",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/TheAakashSingh/ready-to-ship.git"
+  },
+  "bugs": {
+    "url": "https://github.com/TheAakashSingh/ready-to-ship/issues"
+  },
+  "homepage": "https://github.com/TheAakashSingh/ready-to-ship#readme",
+  "dependencies": {
+    "chalk": "^4.1.2",
+    "commander": "^9.4.1",
+    "dotenv": "^16.3.1",
+    "fs-extra": "^11.1.1",
+    "glob": "^10.3.10"
+  },
+  "engines": {
+    "node": ">=14.0.0"
+  }
+}

package/publish.sh

@@ -0,0 +1,64 @@
+#!/bin/bash
+# Quick publish script for ready-to-ship CLI
+
+echo "🚀 Ready-to-Ship CLI - Publishing to npm"
+echo "=========================================="
+echo ""
+
+# Check if logged in
+echo "1. Checking npm login..."
+if ! npm whoami &> /dev/null; then
+    echo "❌ Not logged in to npm"
+    echo "   Run: npm login"
+    exit 1
+fi
+
+echo "✅ Logged in as: $(npm whoami)"
+echo ""
+
+# Check package name availability
+echo "2. Checking package name availability..."
+if npm view ready-to-ship &> /dev/null; then
+    echo "❌ Package name 'ready-to-ship' is already taken"
+    echo "   Consider using: @$(npm whoami)/ready-to-ship"
+    exit 1
+fi
+
+echo "✅ Package name 'ready-to-ship' is available!"
+echo ""
+
+# Dry run
+echo "3. Running dry-run (packaging test)..."
+npm pack --dry-run
+echo ""
+
+# Ask for confirmation
+read -p "4. Ready to publish? (y/n) " -n 1 -r
+echo ""
+if [[ ! $REPLY =~ ^[Yy]$ ]]; then
+    echo "❌ Publishing cancelled"
+    exit 1
+fi
+
+# Publish
+echo "5. Publishing to npm..."
+npm publish
+
+if [ $? -eq 0 ]; then
+    echo ""
+    echo "🎉 SUCCESS! Your package is now live!"
+    echo ""
+    echo "Install it with:"
+    echo "  npm install -g ready-to-ship"
+    echo ""
+    echo "Or use with npx:"
+    echo "  npx ready-to-ship report"
+    echo ""
+    echo "View on npm:"
+    echo "  https://www.npmjs.com/package/ready-to-ship"
+else
+    echo ""
+    echo "❌ Publishing failed. Check the error above."
+    exit 1
+fi
+

package/src/cli.js

@@ -0,0 +1,155 @@
+#!/usr/bin/env node
+
+const { program } = require('commander');
+const chalk = require('chalk');
+const envModule = require('./modules/env');
+const authModule = require('./modules/auth');
+const apiModule = require('./modules/api');
+const projectModule = require('./modules/project');
+const securityModule = require('./modules/security');
+const dependenciesModule = require('./modules/dependencies');
+const databaseModule = require('./modules/database');
+const reportModule = require('./modules/report');
+const { generateFixes } = require('./utils/fixHelpers');
+
+program
+  .name('ready-to-ship')
+  .description('Validate a backend project before deployment like a senior engineer would')
+  .version('1.0.0');
+
+program
+  .command('env')
+  .description('Validate .env and env usage')
+  .option('-p, --path <path>', 'Project path (default: current directory)', process.cwd())
+  .action(async (options) => {
+    const result = await envModule.validate(options.path);
+    process.exit(result.passed ? 0 : 1);
+  });
+
+program
+  .command('auth')
+  .description('Check auth middleware & route protection')
+  .option('-p, --path <path>', 'Project path (default: current directory)', process.cwd())
+  .action(async (options) => {
+    const result = await authModule.validate(options.path);
+    process.exit(result.passed ? 0 : 1);
+  });
+
+program
+  .command('api')
+  .description('Check health endpoint + route consistency')
+  .option('-p, --path <path>', 'Project path (default: current directory)', process.cwd())
+  .action(async (options) => {
+    const result = await apiModule.validate(options.path);
+    process.exit(result.passed ? 0 : 1);
+  });
+
+program
+  .command('project')
+  .description('Check project structure, README, .env.example, error handling')
+  .option('-p, --path <path>', 'Project path (default: current directory)', process.cwd())
+  .action(async (options) => {
+    const result = await projectModule.validate(options.path);
+    process.exit(result.passed ? 0 : 1);
+  });
+
+program
+  .command('security')
+  .description('Check security configurations (CORS, headers, rate limiting)')
+  .option('-p, --path <path>', 'Project path (default: current directory)', process.cwd())
+  .action(async (options) => {
+    const result = await securityModule.validate(options.path);
+    process.exit(result.passed ? 0 : 1);
+  });
+
+program
+  .command('dependencies')
+  .description('Check dependencies for vulnerabilities and best practices')
+  .option('-p, --path <path>', 'Project path (default: current directory)', process.cwd())
+  .action(async (options) => {
+    const result = await dependenciesModule.validate(options.path);
+    process.exit(result.passed ? 0 : 1);
+  });
+
+program
+  .command('database')
+  .description('Validate database configuration and connection handling')
+  .option('-p, --path <path>', 'Project path (default: current directory)', process.cwd())
+  .action(async (options) => {
+    const result = await databaseModule.validate(options.path);
+    process.exit(result.passed ? 0 : 1);
+  });
+
+program
+  .command('report')
+  .description('Generate final summary combining all checks')
+  .option('-p, --path <path>', 'Project path (default: current directory)', process.cwd())
+  .option('--json', 'Export results to JSON')
+  .option('--verbose', 'Show detailed logs')
+  .option('--skip <modules>', 'Skip specific modules (comma-separated)', (value) => value.split(','))
+  .action(async (options) => {
+    const result = await reportModule.generate(options.path, {
+      json: options.json,
+      verbose: options.verbose,
+      skip: options.skip || []
+    });
+    process.exit(result.passed ? 0 : 1);
+  });
+
+program
+  .command('fix')
+  .description('Generate auto-fix suggestions for common issues')
+  .option('-p, --path <path>', 'Project path (default: current directory)', process.cwd())
+  .option('--apply', 'Apply fixes automatically (creates files)')
+  .action(async (options) => {
+    const { generateFixes, applyFixes } = require('./utils/fixHelpers');
+    
+    // Run all checks to get issues
+    const results = {
+      env: await envModule.validate(options.path),
+      auth: await authModule.validate(options.path),
+      api: await apiModule.validate(options.path),
+      project: await projectModule.validate(options.path),
+      security: await securityModule.validate(options.path)
+    };
+    
+    // Collect all issues
+    const allIssues = [];
+    Object.values(results).forEach(result => {
+      if (result.issues) allIssues.push(...result.issues);
+      if (result.warnings) allIssues.push(...result.warnings);
+    });
+    
+    // Generate fixes
+    const fixes = await generateFixes(allIssues, options.path);
+    
+    if (fixes.length === 0) {
+      console.log(chalk.green('\n✅ No fixes needed!'));
+      return;
+    }
+    
+    console.log(chalk.cyan('\n🔧 AUTO-FIX SUGGESTIONS\n'));
+    
+    if (options.apply) {
+      const applied = await applyFixes(fixes, options.path, false);
+      applied.forEach(fix => {
+        if (fix.status === 'created') {
+          console.log(chalk.green(`✅ Created: ${fix.filePath}`));
+        } else if (fix.status === 'suggestion') {
+          console.log(chalk.yellow(`💡 ${fix.description}`));
+        }
+      });
+    } else {
+      fixes.forEach((fix, index) => {
+        console.log(chalk.yellow(`\n${index + 1}. ${fix.description}`));
+        if (fix.type === 'create_file') {
+          console.log(chalk.gray(`   Would create: ${fix.file}`));
+          console.log(chalk.gray('   Run with --apply to create this file'));
+        }
+      });
+      console.log(chalk.cyan('\n💡 Run with --apply to automatically create files'));
+    }
+  });
+
+program.parse();
+