safeword 0.15.2 → 0.15.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "safeword",
-  "version": "0.15.2",
+  "version": "0.15.3",
   "description": "CLI for setting up and managing safeword development environments",
   "type": "module",
   "bin": {

package/templates/commands/audit.md

@@ -9,24 +9,31 @@ Run a comprehensive code audit. Execute these commands and report results.
 ## Instructions
 
 ```bash
-# 1. Refresh config (detect current architecture)
-bunx safeword sync-config 2>&1
+# =========================================================================
+# REFRESH CONFIG (detect current architecture)
+# =========================================================================
+
+# 0. Regenerate depcruise config from current project structure
+bunx safeword@latest sync-config 2>&1 || true
 
 # =========================================================================
 # ARCHITECTURE CHECKS (circular deps, layer violations)
 # =========================================================================
 
-# 2a. Architecture - TypeScript/JS (depcruise)
-[ -f .dependency-cruiser.js ] && {
-  bunx depcruise --output-type err --config .dependency-cruiser.js . 2>&1 || true
+# 1a. Architecture - TypeScript/JS (depcruise)
+DEPCRUISE_CONFIG=""
+[ -f .dependency-cruiser.cjs ] && DEPCRUISE_CONFIG=".dependency-cruiser.cjs"
+[ -f .dependency-cruiser.js ] && DEPCRUISE_CONFIG=".dependency-cruiser.js"
+[ -n "$DEPCRUISE_CONFIG" ] && {
+  bunx depcruise --output-type err --config "$DEPCRUISE_CONFIG" . 2>&1 || true
 }
 
-# 2b. Architecture - Python
+# 1b. Architecture - Python
 # Note: Python circular imports cause ImportError at runtime.
 # If your Python code runs, it has no blocking circular imports.
 # For static analysis, consider: pip install import-linter
 
-# 2c. Architecture - Go
+# 1c. Architecture - Go
 # Note: Go compiler prevents circular imports between packages at build time.
 # If your Go project builds, it has no circular dependencies.
 
@@ -34,17 +41,17 @@ bunx safeword sync-config 2>&1
 # DEAD CODE DETECTION
 # =========================================================================
 
-# 3a. Dead code - TypeScript/JS (knip with auto-fix)
+# 2a. Dead code - TypeScript/JS (knip with auto-fix)
 [ -f package.json ] && {
   bunx knip --fix 2>&1 || true
 }
 
-# 3b. Dead code - Python (deadcode)
+# 2b. Dead code - Python (deadcode)
 ([ -f pyproject.toml ] || [ -f requirements.txt ]) && {
   deadcode . 2>&1 || true
 }
 
-# 3c. Dead code - Go (golangci-lint unused)
+# 2c. Dead code - Go (golangci-lint unused)
 [ -f go.mod ] && {
   golangci-lint run --enable unused --out-format colored-line-number 2>&1 || true
 }
@@ -53,24 +60,24 @@ bunx safeword sync-config 2>&1
 # CODE DUPLICATION
 # =========================================================================
 
-# 4. Copy/paste detection (all languages)
+# 3. Copy/paste detection (all languages)
 bunx jscpd . --gitignore --min-lines 10 --reporters console 2>&1 || true
 
 # =========================================================================
 # OUTDATED DEPENDENCIES
 # =========================================================================
 
-# 5a. Outdated - TypeScript/JS
+# 4a. Outdated - TypeScript/JS
 [ -f package.json ] && {
   bun outdated 2>&1 || npm outdated 2>&1 || true
 }
 
-# 5b. Outdated - Python (uv > poetry > pip)
+# 4b. Outdated - Python (uv > poetry > pip)
 ([ -f pyproject.toml ] || [ -f requirements.txt ]) && {
   uv pip list --outdated 2>&1 || poetry show --outdated 2>&1 || pip list --outdated 2>&1 || true
 }
 
-# 5c. Outdated - Go
+# 4c. Outdated - Go
 [ -f go.mod ] && {
   go list -m -u all 2>&1 | grep '\[' || echo "All Go modules up to date"
 }