tgit 0.25.0__tar.gz → 0.26.0__tar.gz

{tgit-0.25.0 → tgit-0.26.0}/CHANGELOG.md

@@ -1,3 +1,15 @@
+## v0.26.0
+
+[v0.25.0...v0.26.0](https://github.com/Jannchie/tgit/compare/v0.25.0...v0.26.0)
+
+### :sparkles: Features
+
+- **commit**: add secret detection support - By [Jannchie](mailto:jannchie@gmail.com) in [e1f5207](https://github.com/Jannchie/tgit/commit/e1f5207)
+
+### :wrench: Chores
+
+- **commit**: add default token limit and defaults to commit model - By [Jannchie](mailto:jannchie@gmail.com) in [66d4d45](https://github.com/Jannchie/tgit/commit/66d4d45)
+
 ## v0.25.0
 
 [v0.24.1...v0.25.0](https://github.com/Jannchie/tgit/compare/v0.24.1...v0.25.0)

{tgit-0.25.0 → tgit-0.26.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: tgit
-Version: 0.25.0
+Version: 0.26.0
 Summary: Tool for Git Interaction Temptation (tgit): An elegant CLI tool that simplifies and streamlines your Git workflow, making version control a breeze.
 Author-email: Jannchie <jannchie@gmail.com>
 License-Expression: MIT

{tgit-0.25.0 → tgit-0.26.0}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "tgit"
-version = "0.25.0"
+version = "0.26.0"
 description = "Tool for Git Interaction Temptation (tgit): An elegant CLI tool that simplifies and streamlines your Git workflow, making version control a breeze."
 authors = [{ name = "Jannchie", email = "jannchie@gmail.com" }]
 dependencies = [

{tgit-0.25.0 → tgit-0.26.0}/tests/unit/test_commit.py

@@ -10,6 +10,7 @@ from click.testing import CliRunner
 from tgit.commit import (
     CommitArgs,
     CommitData,
+    PotentialSecret,
     TemplateParams,
     get_changed_files_from_status,
     get_file_change_sizes,
@@ -61,7 +62,7 @@ class TestCommitData:
 
     def test_commit_data_creation(self):
         """Test creating CommitData instance."""
-        data = CommitData(type="feat", scope="auth", msg="add login functionality", is_breaking=False)
+        data = CommitData(type="feat", scope="auth", msg="add login functionality", is_breaking=False, secrets=[])
         assert data.type == "feat"
         assert data.scope == "auth"
         assert data.msg == "add login functionality"
@@ -69,9 +70,16 @@ class TestCommitData:
 
     def test_commit_data_with_none_scope(self):
         """Test CommitData with None scope."""
-        data = CommitData(type="fix", scope=None, msg="fix bug", is_breaking=False)
+        data = CommitData(type="fix", scope=None, msg="fix bug", is_breaking=False, secrets=[])
         assert data.scope is None
 
+    def test_commit_data_with_secrets(self):
+        """Test CommitData with suspected secrets."""
+        secret = PotentialSecret(file="config.env", description="looks like api key")
+        data = CommitData(type="chore", scope=None, msg="update config", is_breaking=False, secrets=[secret])
+        assert len(data.secrets) == 1
+        assert data.secrets[0].file == "config.env"
+
 
 class TestGetChangedFilesFromStatus:
     """Test get_changed_files_from_status function."""
@@ -296,7 +304,7 @@ class TestGenerateCommitWithAI:
 
         # Mock the response
         mock_response = Mock()
-        mock_commit_data = CommitData(type="feat", scope="auth", msg="add login", is_breaking=False)
+        mock_commit_data = CommitData(type="feat", scope="auth", msg="add login", is_breaking=False, secrets=[])
         mock_response.output_parsed = mock_commit_data
         mock_client.responses.parse.return_value = mock_response
 
@@ -334,7 +342,7 @@ class TestGenerateCommitWithAI:
         mock_settings.model = "o1-mini"
 
         mock_response = Mock()
-        mock_commit_data = CommitData(type="fix", scope=None, msg="correct bug", is_breaking=False)
+        mock_commit_data = CommitData(type="fix", scope=None, msg="correct bug", is_breaking=False, secrets=[])
         mock_response.output_parsed = mock_commit_data
         mock_client.responses.parse.return_value = mock_response
 
@@ -396,7 +404,7 @@ class TestGetAICommand:
         mock_repo_instance.active_branch.name = "main"
         mock_settings.commit.emoji = True
 
-        mock_commit_data = CommitData(type="feat", scope="auth", msg="add login", is_breaking=False)
+        mock_commit_data = CommitData(type="feat", scope="auth", msg="add login", is_breaking=False, secrets=[])
         mock_generate.return_value = mock_commit_data
         mock_get_commit_command.return_value = "git commit -m 'feat(auth): add login'"
 
@@ -406,6 +414,63 @@ class TestGetAICommand:
         mock_generate.assert_called_once()
         mock_get_commit_command.assert_called_once_with("feat", "auth", "add login", use_emoji=True, is_breaking=False)
 
+    @patch("tgit.commit.click.confirm")
+    @patch("tgit.commit.Path.cwd")
+    @patch("tgit.commit.git.Repo")
+    @patch("tgit.commit.get_filtered_diff_files")
+    @patch("tgit.commit._generate_commit_with_ai")
+    @patch("tgit.commit.get_commit_command")
+    @patch("tgit.commit.settings")
+    def test_get_ai_command_detected_secrets_abort(self, mock_settings, mock_get_commit_command, mock_generate, mock_get_files, mock_repo, mock_cwd, mock_confirm):
+        """Test get_ai_command aborts when secrets are detected and user declines."""
+        mock_cwd.return_value = Path(tempfile.gettempdir())
+        mock_repo_instance = Mock()
+        mock_repo.return_value = mock_repo_instance
+        mock_get_files.return_value = (["src/file.py"], [])
+        mock_repo_instance.git.diff.return_value = "diff content"
+        mock_repo_instance.active_branch.name = "main"
+        mock_settings.commit.emoji = True
+
+        secret = PotentialSecret(file="src/file.py", description="possible api key")
+        mock_commit_data = CommitData(type="feat", scope="auth", msg="add login", is_breaking=False, secrets=[secret])
+        mock_generate.return_value = mock_commit_data
+        mock_confirm.return_value = False
+
+        result = get_ai_command()
+
+        assert result is None
+        mock_confirm.assert_called_once_with("Detected potential secrets. Continue with commit?", default=False)
+        mock_get_commit_command.assert_not_called()
+
+    @patch("tgit.commit.click.confirm")
+    @patch("tgit.commit.Path.cwd")
+    @patch("tgit.commit.git.Repo")
+    @patch("tgit.commit.get_filtered_diff_files")
+    @patch("tgit.commit._generate_commit_with_ai")
+    @patch("tgit.commit.get_commit_command")
+    @patch("tgit.commit.settings")
+    def test_get_ai_command_detected_secrets_continue(self, mock_settings, mock_get_commit_command, mock_generate, mock_get_files, mock_repo, mock_cwd, mock_confirm):
+        """Test get_ai_command continues when secrets are detected and user agrees."""
+        mock_cwd.return_value = Path(tempfile.gettempdir())
+        mock_repo_instance = Mock()
+        mock_repo.return_value = mock_repo_instance
+        mock_get_files.return_value = (["src/file.py"], [])
+        mock_repo_instance.git.diff.return_value = "diff content"
+        mock_repo_instance.active_branch.name = "main"
+        mock_settings.commit.emoji = True
+
+        secret = PotentialSecret(file="src/file.py", description="possible api key")
+        mock_commit_data = CommitData(type="feat", scope="auth", msg="add login", is_breaking=False, secrets=[secret])
+        mock_generate.return_value = mock_commit_data
+        mock_get_commit_command.return_value = "git commit -m 'feat(auth): add login'"
+        mock_confirm.return_value = True
+
+        result = get_ai_command()
+
+        assert result == "git commit -m 'feat(auth): add login'"
+        mock_confirm.assert_called_once_with("Detected potential secrets. Continue with commit?", default=False)
+        mock_get_commit_command.assert_called_once_with("feat", "auth", "add login", use_emoji=True, is_breaking=False)
+
     @patch("tgit.commit.Path.cwd")
     @patch("tgit.commit.git.Repo")
     @patch("tgit.commit.get_filtered_diff_files")

{tgit-0.25.0 → tgit-0.26.0}/tgit/commit.py

@@ -8,7 +8,7 @@ from typing import TYPE_CHECKING, Any
 import click
 import git
 from jinja2 import Environment, FileSystemLoader
-from pydantic import BaseModel
+from pydantic import BaseModel, Field
 from rich import get_console, print
 
 from tgit.constants import DEFAULT_MODEL, REASONING_MODEL_HINTS
@@ -25,6 +25,7 @@ with importlib.resources.path("tgit", "prompts") as prompt_path:
 commit_types = ["feat", "fix", "chore", "docs", "style", "refactor", "perf", "wip"]
 commit_file = "commit.txt"
 commit_prompt_template = env.get_template("commit.txt")
+DEFAULT_MAX_OUTPUT_TOKENS = 256
 
 # Define click arguments/options at module level to avoid B008
 MESSAGE_ARG = click.argument(
@@ -65,11 +66,17 @@ class TemplateParams:
     specified_type: str | None = None
 
 
+class PotentialSecret(BaseModel):
+    file: str
+    description: str
+
+
 class CommitData(BaseModel):
     type: str
-    scope: str | None
+    scope: str | None = None
     msg: str
-    is_breaking: bool
+    is_breaking: bool = False
+    secrets: list[PotentialSecret] = Field(default_factory=list)
 
 
 def _supports_reasoning(model: str) -> bool:
@@ -196,7 +203,7 @@ def _generate_commit_with_ai(diff: str, specified_type: str | None, current_bran
                 {"role": "user", "content": diff},
             ],
             "model": model_name,
-            "max_output_tokens": 50,
+            "max_output_tokens": DEFAULT_MAX_OUTPUT_TOKENS,
             "text_format": CommitData,
         }
         if _supports_reasoning(model_name):
@@ -243,6 +250,16 @@ def get_ai_command(specified_type: str | None = None) -> str | None:
         print(e)
         return None
 
+    detected_secrets: list[PotentialSecret] = resp.secrets if resp.secrets else []
+    if detected_secrets:
+        print("[red]Detected potential secrets in these files:[/red]")
+        for secret in detected_secrets:
+            print(f"[red]- {secret.file}: {secret.description}[/red]")
+        proceed = click.confirm("Detected potential secrets. Continue with commit?", default=False)
+        if not proceed:
+            print("[yellow]Commit aborted. Please review sensitive content.[/yellow]")
+            return None
+
     # 如果用户指定了类型，则使用用户指定的类型，否则使用 AI 生成的类型
     commit_type = specified_type if specified_type is not None else resp.type
 

{tgit-0.25.0 → tgit-0.26.0}/tgit/prompts/commit.txt

@@ -34,12 +34,18 @@ Mark `is_breaking: true` only if changes:
 - Require user action for compatibility
 - Remove or significantly change existing functionality
 
+### Secret Detection
+- Review the diff for potential secrets (API keys, tokens, passwords, private keys, credentials, etc.).
+- For every suspected secret, add an entry to the `secrets` array with the file path and a brief description of why it is sensitive.
+- If no secrets are found, return an empty array.
+
 ## Analysis Process
 1. Review the diff comprehensively
 2. Identify the primary type of change
 3. Determine appropriate scope from modified files/areas
 4. Craft a concise message covering main changes
 5. Assess backward compatibility impact
+6. Flag any suspected secrets
 
 ## Output Format
 Return valid JSON matching this structure:
@@ -48,15 +54,22 @@ Return valid JSON matching this structure:
   "type": "string",
   "scope": "string|null", 
   "msg": "string",
-  "is_breaking": "boolean"
+  "is_breaking": "boolean",
+  "secrets": [
+    {
+      "file": "string",
+      "description": "string"
+    }
+  ]
 }
 ```
 
 ## Examples
 ```json
-{"type": "feat", "scope": "auth", "msg": "add oauth2 login", "is_breaking": false}
-{"type": "fix", "scope": "api", "msg": "handle null user responses", "is_breaking": false}
-{"type": "refactor", "scope": null, "msg": "restructure project layout", "is_breaking": true}
+{"type": "feat", "scope": "auth", "msg": "add oauth2 login", "is_breaking": false, "secrets": []}
+{"type": "fix", "scope": "api", "msg": "handle null user responses", "is_breaking": false, "secrets": []}
+{"type": "refactor", "scope": null, "msg": "restructure project layout", "is_breaking": true, "secrets": []}
+{"type": "chore", "scope": "config", "msg": "update secrets storage", "is_breaking": false, "secrets": [{"file": "config/.env", "description": "detected value resembling api key"}]}
 ```
 
-Now analyze the provided diff and generate the commit message.
+Now analyze the provided diff and generate the commit message.