Skip to content

Commit c305c3a

Browse files
authored
Merge pull request #41 from masseater/migrate-husky
chore(devkit): migrate git hooks to husky
2 parents 086b253 + ef45f97 commit c305c3a

27 files changed

Lines changed: 482 additions & 531 deletions

File tree

.claude-plugin/marketplace.json

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -38,13 +38,13 @@
3838
"name": "devkit",
3939
"source": "./plugins/devkit",
4040
"description": "Development toolkit — tech stack definitions, project setup, and quality automation",
41-
"version": "0.3.7"
41+
"version": "0.3.8"
4242
},
4343
{
4444
"name": "discord-notify",
4545
"source": "./plugins/discord-notify",
4646
"description": "Discord通知 — idle時にセッションの最新メッセージをDiscordスレッドに投稿",
47-
"version": "0.0.2"
47+
"version": "0.0.3"
4848
},
4949
{
5050
"name": "eslint-lsp",
@@ -56,13 +56,13 @@
5656
"name": "github-workflow",
5757
"source": "./plugins/github-workflow",
5858
"description": "Git/GitHub ワークフロー支援 — Stop 時にブランチ状態とコンフリクトを通知",
59-
"version": "0.0.6"
59+
"version": "0.0.7"
6060
},
6161
{
6262
"name": "mutils",
6363
"source": "./plugins/mutils",
6464
"description": "汎用ユーティリティ(フック・スキル)",
65-
"version": "0.18.8"
65+
"version": "0.18.9"
6666
},
6767
{
6868
"name": "plan",

.github/renovate.json5

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
{
2+
$schema: "https://docs.renovatebot.com/renovate-schema.json",
3+
extends: ["config:recommended"],
4+
prConcurrentLimit: 10,
5+
automerge: true,
6+
automergeType: "pr",
7+
packageRules: [
8+
{
9+
matchUpdateTypes: ["major"],
10+
automerge: false,
11+
},
12+
{
13+
matchUpdateTypes: ["lockFileMaintenance"],
14+
automerge: true,
15+
},
16+
{
17+
groupName: "biomejs",
18+
matchPackageNames: ["@biomejs/biome"],
19+
},
20+
{
21+
groupName: "typescript",
22+
matchPackageNames: ["typescript", "@typescript/native-preview"],
23+
},
24+
{
25+
groupName: "radix-ui",
26+
matchPackagePrefixes: ["@radix-ui/"],
27+
},
28+
{
29+
groupName: "storybook",
30+
matchPackagePrefixes: ["@storybook/"],
31+
},
32+
{
33+
groupName: "tanstack",
34+
matchPackagePrefixes: ["@tanstack/"],
35+
},
36+
{
37+
groupName: "tailwindcss",
38+
matchPackagePrefixes: ["@tailwindcss/"],
39+
matchPackageNames: ["tailwindcss", "tailwind-merge"],
40+
},
41+
],
42+
schedule: ["before 6am on Saturday"],
43+
}

.gitignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,9 +12,11 @@
1212
node_modules/
1313
dist/
1414
.turbo/
15+
.husky/_/
1516
docs/api/
1617
.serena/
1718

1819
!.claude/.turbo
1920
coverage/
2021
.specstory/
22+
.agents/tmp/

.husky/pre-commit

Lines changed: 82 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,82 @@
1+
#!/bin/sh
2+
set -eu
3+
4+
bunx lint-staged
5+
6+
printf '%s\n' "Running security check..."
7+
8+
staged_diff=$(git diff --cached)
9+
10+
if [ -z "$staged_diff" ]; then
11+
printf '%s\n' "No staged changes. Skipping security check."
12+
exit 0
13+
fi
14+
15+
temp_file=$(mktemp)
16+
prompt_file=$(mktemp)
17+
18+
cleanup() {
19+
rm -f "$temp_file" "$prompt_file"
20+
}
21+
22+
trap cleanup EXIT HUP INT TERM
23+
24+
printf '%s' "$staged_diff" > "$temp_file"
25+
26+
cat > "$prompt_file" <<'EOF'
27+
以下のgit diffの内容をセキュリティの観点で分析してください。
28+
29+
チェック項目:
30+
- APIキー、パスワード、トークンなどの機密情報のハードコード
31+
- 危険な関数やコマンドの使用(eval, exec, system呼び出しなど)
32+
- SQLインジェクション、XSSなどの脆弱性
33+
- 企業の機密情報や非公開の技術情報
34+
- セキュリティ設定の不適切な変更
35+
- ユーザー固有の記述(例:PC名、ユーザー名など)。
36+
- tmpファイルなどgitにコミットされないファイルなら問題ない。
37+
38+
問題がある場合は「SECURITY_RISK:」で始まる行で具体的に指摘してください。
39+
問題がない場合は「OK」とだけ回答してください。
40+
41+
差分内容:
42+
```diff
43+
EOF
44+
45+
cat "$temp_file" >> "$prompt_file"
46+
printf '\n```\n' >> "$prompt_file"
47+
48+
if ! command -v claude >/dev/null 2>&1; then
49+
printf '%s\n' "claude command not found. Unable to run security check."
50+
exit 1
51+
fi
52+
53+
saved_claudecode=${CLAUDECODE-}
54+
unset CLAUDECODE
55+
56+
if ! result=$(claude --permission-mode default --settings '{"disableAllHooks": true}' --append-system-prompt-file "$prompt_file" -p "pls review" 2>/dev/null); then
57+
if [ -n "$saved_claudecode" ]; then
58+
export CLAUDECODE="$saved_claudecode"
59+
fi
60+
printf '%s\n' "Security check failed because claude did not return a valid response."
61+
exit 1
62+
fi
63+
64+
if [ -n "$saved_claudecode" ]; then
65+
export CLAUDECODE="$saved_claudecode"
66+
fi
67+
68+
printf '%s\n' "========== RESULT =========="
69+
printf '%s\n' "$result"
70+
71+
if printf '%s\n' "$result" | grep -q "SECURITY_RISK:"; then
72+
printf '%s\n' "Security risk detected. Commit aborted."
73+
exit 1
74+
fi
75+
76+
if printf '%s\n' "$result" | grep -qw "OK"; then
77+
printf '%s\n' "Security check passed."
78+
exit 0
79+
fi
80+
81+
printf '%s\n' "Security check result was ambiguous. Commit aborted."
82+
exit 1

.husky/pre-push

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
#!/bin/sh
2+
set -eu
3+
4+
bun run build
5+
bun run typecheck
6+
bun run check
7+
bun run test
8+
bun run knip
9+
10+
bun run hooks:plugin-list-sync
11+
bunx oxfmt AGENTS.md .claude-plugin/marketplace.json
12+
13+
if [ -n "$(git status --porcelain -- AGENTS.md .claude-plugin/marketplace.json)" ]; then
14+
git add AGENTS.md .claude-plugin/marketplace.json
15+
16+
if [ -n "$(git diff --cached --name-only -- AGENTS.md .claude-plugin/marketplace.json)" ]; then
17+
git commit -m "chore: auto-sync plugin list"
18+
fi
19+
fi
20+
21+
bun run docs
22+
bunx oxfmt docs/api/
23+
24+
if [ -n "$(git status --porcelain -- docs/api)" ]; then
25+
git add docs/api
26+
27+
if [ -n "$(git diff --cached --name-only -- docs/api)" ]; then
28+
git commit -m "docs: auto-sync API reference"
29+
fi
30+
fi

.prettierignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
.claude-plugin/marketplace.json

AGENTS.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,6 @@ Claude Codeプラグインのマーケットプレイスリポジトリ。全プ
5252

5353
## 開発
5454

55-
コマンド: [docs/dev-commands.md](docs/dev-commands.md) / Git Hooks: lefthook(`brew install lefthook && lefthook install`
55+
コマンド: [docs/dev-commands.md](docs/dev-commands.md) / Git Hooks: husky + lint-staged(`bun install` で自動設定
5656

5757
公式ドキュメント: [plugins](https://code.claude.com/docs/en/plugins) | [hooks](https://code.claude.com/docs/en/hooks) | [skills](https://code.claude.com/docs/en/skills) | [sub-agents](https://code.claude.com/docs/en/sub-agents)

0 commit comments

Comments
 (0)