guardy 0.2.4

Fast, secure git hooks in Rust with secret scanning and protected file synchronization
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

//! Git hooks management module
//!
//! This module provides functionality for managing and executing git hooks with
//! both built-in actions and custom commands. It features intelligent parallel
//! execution with workload profiling and comprehensive file filtering capabilities.
//!
//! ## Built-in Actions
//!
//! - `scan_secrets` - Scans staged files for secrets and sensitive data
//! - `conventional_commits` - Validates commit messages using conventional commits format
//!
//! ## Custom Commands
//!
//! Hooks can execute any shell command with advanced configuration options:
//!
//! ```yaml
//! hooks:
//!   pre-commit:
//!     enabled: true
//!     parallel: true  # Default: true - intelligent parallel execution
//!     builtin: ["scan_secrets"]
//!     custom:
//!       - command: "cargo fmt --check"
//!         description: "Check formatting"
//!         fail_on_error: true
//!         glob: ["*.rs"]  # Only run on Rust files
//!       - command: "eslint {files} --fix"
//!         description: "Fix linting issues"
//!         all_files: true  # Run on all files, not just staged
//!         glob: ["*.js", "*.jsx"]
//!         stage_fixed: true  # Auto-stage fixed files
//! ```
//!
//! ## Advanced Features
//!
//! ### Intelligent Parallel Execution
//! - **Workload Profiling**: Automatically determines optimal concurrency based on:
//!   - Number of commands to execute
//!   - Available system resources (CPU cores)
//!   - Hook-specific characteristics (I/O vs CPU-bound)
//! - **Adaptive Scaling**:
//!   - Small workloads (≤3 commands): Sequential execution
//!   - Medium workloads (4-5 commands): Conservative parallelism
//!   - Large workloads (6+ commands): Full parallelism (capped at 8)
//! - **System-Aware**: Respects CPU core count and user-configured limits
//!
//! ### File Processing
//! - **Glob Filtering**: Use `glob` patterns to target specific file types
//! - **All Files Mode**: Set `all_files: true` to process all matching files in repository
//! - **Stage Integration**: Use `stage_fixed: true` to automatically stage modified files
//! - **File Substitution**: Use `{files}` placeholder for command file arguments
//!
//! ### Conventional Commits Validation
//! - Full specification compliance using `git-conventional` library
//! - Helpful error messages with format examples
//! - Comment filtering and scope validation
//! - Supports all conventional commit types (feat, fix, docs, chore, etc.)
//!
//! ## Integration with Sync
//!
//! Hooks can be used to automatically sync protected files:
//!
//! ```yaml
//! hooks:
//!   pre-push:
//!     enabled: true
//!     custom:
//!       - command: "guardy sync update --force --config ./guardy.yaml"
//!         description: "Sync protected files before push"
//!         fail_on_error: true
//! ```
//!
//! This ensures that protected configuration files are always synchronized
//! with their upstream sources before pushing changes.

pub mod cache;
pub mod conditions;
pub mod dump;
mod executor;
pub mod file_discovery;
pub mod filters;
pub mod install;
pub mod status;
pub mod uninstall;
pub mod validate;

pub use executor::HookExecutor;