ferrous-forge 1.9.6

System-wide Rust development standards enforcer
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179

//! Git hooks installation and removal logic for mandatory safety pipeline
//!
//! @task T017
//! @epic T014

use super::scripts::{COMMIT_MSG_HOOK, PRE_COMMIT_HOOK, PRE_PUSH_HOOK};
use crate::{Error, Result};
use std::path::Path;
use tokio::fs;

/// Install mandatory blocking git hooks for a project
///
/// These hooks BLOCK commits/pushes when safety checks fail.
/// Bypass is available via: ferrous-forge safety bypass --stage=...
///
/// # Errors
///
/// Returns [`Error::Validation`] if the path is not a git repository.
/// Returns [`Error::Process`] if hook files cannot be written.
pub async fn install_git_hooks(project_path: &Path) -> Result<()> {
    // Check if we're in a git repository
    let git_dir = project_path.join(".git");
    if !git_dir.exists() {
        return Err(Error::validation(
            "Not a git repository. Run 'git init' first.".to_string(),
        ));
    }

    // Ensure hooks directory exists
    let hooks_dir = git_dir.join("hooks");
    if !hooks_dir.exists() {
        fs::create_dir_all(&hooks_dir)
            .await
            .map_err(|e| Error::process(format!("Failed to create hooks directory: {}", e)))?;
    }

    println!("🔒 Installing mandatory safety hooks...");

    // Install pre-commit hook (blocking)
    install_hook(&hooks_dir, "pre-commit", PRE_COMMIT_HOOK).await?;
    println!("  ✅ Installed blocking pre-commit hook");

    // Install pre-push hook (blocking)
    install_hook(&hooks_dir, "pre-push", PRE_PUSH_HOOK).await?;
    println!("  ✅ Installed blocking pre-push hook");

    // Install commit-msg hook (non-blocking, format check)
    install_hook(&hooks_dir, "commit-msg", COMMIT_MSG_HOOK).await?;
    println!("  ✅ Installed commit-msg hook");

    println!();
    println!("🛡️  Mandatory safety hooks installed!");
    println!();
    println!("These hooks will BLOCK commits/pushes that fail checks.");
    println!("To bypass temporarily: ferrous-forge safety bypass --stage=...");

    Ok(())
}

/// Install a single hook
async fn install_hook(hooks_dir: &Path, name: &str, content: &str) -> Result<()> {
    let hook_path = hooks_dir.join(name);

    // Check if hook already exists
    if hook_path.exists() {
        let existing = fs::read_to_string(&hook_path)
            .await
            .map_err(|e| Error::process(format!("Failed to read existing hook: {}", e)))?;

        if existing.contains("Ferrous Forge") {
            // Our hook is already installed - check if it's the new blocking version
            if existing.contains("🛡️  FERROUS FORGE BLOCKED") {
                // Already has the blocking version
                return Ok(());
            }
            // Has old version, needs upgrade
            println!("  🔄 Upgrading {} hook to blocking version", name);
        } else {
            // Backup existing hook
            let backup_path = hooks_dir.join(format!("{}.backup", name));
            fs::rename(&hook_path, &backup_path)
                .await
                .map_err(|e| Error::process(format!("Failed to backup existing hook: {}", e)))?;

            println!(
                "  ⚠️  Backed up existing {} hook to {}",
                name,
                backup_path.display()
            );
        }
    }

    // Write hook content
    fs::write(&hook_path, content)
        .await
        .map_err(|e| Error::process(format!("Failed to write hook: {}", e)))?;

    // Make executable on Unix
    #[cfg(unix)]
    {
        use std::os::unix::fs::PermissionsExt;
        let mut perms = fs::metadata(&hook_path)
            .await
            .map_err(|e| Error::process(format!("Failed to get hook metadata: {}", e)))?
            .permissions();
        perms.set_mode(0o755);
        fs::set_permissions(&hook_path, perms)
            .await
            .map_err(|e| Error::process(format!("Failed to set hook permissions: {}", e)))?;
    }

    Ok(())
}

/// Remove git hooks from a project
///
/// # Errors
///
/// Returns [`Error::Process`] if hook files cannot be removed or backups cannot be restored.
pub async fn uninstall_git_hooks(project_path: &Path) -> Result<()> {
    let git_dir = project_path.join(".git");
    if !git_dir.exists() {
        return Ok(()); // No git repo, nothing to uninstall
    }

    let hooks_dir = git_dir.join("hooks");

    println!("🗑️  Removing safety hooks...");

    // Remove our hooks
    for hook_name in &["pre-commit", "pre-push", "commit-msg"] {
        let hook_path = hooks_dir.join(hook_name);
        if hook_path.exists() {
            let content = fs::read_to_string(&hook_path).await.unwrap_or_default();

            if content.contains("Ferrous Forge") {
                fs::remove_file(&hook_path)
                    .await
                    .map_err(|e| Error::process(format!("Failed to remove hook: {}", e)))?;
                println!("  ✅ Removed {} hook", hook_name);

                // Restore backup if exists
                let backup_path = hooks_dir.join(format!("{}.backup", hook_name));
                if backup_path.exists() {
                    fs::rename(&backup_path, &hook_path)
                        .await
                        .map_err(|e| Error::process(format!("Failed to restore backup: {}", e)))?;
                    println!("  ✅ Restored original {} hook", hook_name);
                }
            }
        }
    }

    println!("🎉 Safety hooks removed successfully!");
    Ok(())
}

/// Check if mandatory safety hooks are installed
///
/// Returns a tuple of (`pre_commit_installed`, `pre_push_installed`)
pub fn check_hooks_status(project_path: &Path) -> (bool, bool) {
    let hooks_dir = project_path.join(".git").join("hooks");

    let pre_commit_installed =
        if let Ok(content) = std::fs::read_to_string(hooks_dir.join("pre-commit")) {
            content.contains("Ferrous Forge") && content.contains("🛡️  FERROUS FORGE BLOCKED")
        } else {
            false
        };

    let pre_push_installed =
        if let Ok(content) = std::fs::read_to_string(hooks_dir.join("pre-push")) {
            content.contains("Ferrous Forge") && content.contains("🛡️  FERROUS FORGE BLOCKED")
        } else {
            false
        };

    (pre_commit_installed, pre_push_installed)
}