Dependency Update Checker

{
  "hookConfig": {
    "hooks": {
      "postToolUse": {
        "script": "./.claude/hooks/dependency-update-checker.sh",
        "matchers": [
          "write",
          "edit"
        ]
      }
    }
  },
  "scriptContent": "#!/usr/bin/env bash\n\n# Read the tool input from stdin\nINPUT=$(cat)\nTOOL_NAME=$(echo \"$INPUT\" | jq -r '.tool_name')\nFILE_PATH=$(echo \"$INPUT\" | jq -r '.tool_input.file_path // .tool_input.path // \"\"')\n\nif [ -z \"$FILE_PATH\" ]; then\n  exit 0\nfi\n\n# Check if it's a dependency file\nif [[ \"$FILE_PATH\" == *package.json ]] || [[ \"$FILE_PATH\" == *requirements.txt ]] || [[ \"$FILE_PATH\" == *Gemfile ]] || [[ \"$FILE_PATH\" == *go.mod ]] || [[ \"$FILE_PATH\" == *Cargo.toml ]]; then\n  echo \"📦 Dependency file detected: $FILE_PATH\" >&2\n  \n  # Node.js projects\n  if [[ \"$FILE_PATH\" == *package.json ]]; then\n    echo \"🟢 Node.js project detected - checking dependencies...\" >&2\n    \n    if command -v npm &> /dev/null; then\n      echo \"🔍 Running npm outdated check...\" >&2\n      OUTDATED_OUTPUT=$(npm outdated --depth=0 2>/dev/null || echo \"No outdated packages\")\n      \n      if [ \"$OUTDATED_OUTPUT\" = \"No outdated packages\" ]; then\n        echo \"✅ All npm packages are up to date\" >&2\n      else\n        echo \"📊 Found outdated npm packages:\" >&2\n        echo \"$OUTDATED_OUTPUT\" | head -10 >&2\n        \n        OUTDATED_COUNT=$(echo \"$OUTDATED_OUTPUT\" | wc -l)\n        echo \"📈 Total outdated packages: $OUTDATED_COUNT\" >&2\n      fi\n      \n      # Check for security vulnerabilities\n      echo \"🔒 Checking for security vulnerabilities...\" >&2\n      AUDIT_OUTPUT=$(npm audit --audit-level=moderate 2>&1)\n      \n      if echo \"$AUDIT_OUTPUT\" | grep -q \"found 0 vulnerabilities\"; then\n        echo \"✅ No security vulnerabilities found\" >&2\n      else\n        VULN_COUNT=$(echo \"$AUDIT_OUTPUT\" | grep -o '[0-9]\\+ vulnerabilities' | head -1 || echo \"unknown vulnerabilities\")\n        echo \"⚠️ Security audit found: $VULN_COUNT\" >&2\n        echo \"💡 Run 'npm audit fix' to automatically fix vulnerabilities\" >&2\n      fi\n      \n      # Check for npm-check-updates availability\n      if command -v npx &> /dev/null && npx ncu --version &> /dev/null 2>&1; then\n        echo \"🔧 Running npm-check-updates for detailed analysis...\" >&2\n        NCU_OUTPUT=$(npx ncu 2>/dev/null | head -5)\n        echo \"$NCU_OUTPUT\" >&2\n      else\n        echo \"💡 Install npm-check-updates for better dependency analysis: npm install -g npm-check-updates\" >&2\n      fi\n    else\n      echo \"⚠️ npm command not available\" >&2\n    fi\n    \n  # Python projects\n  elif [[ \"$FILE_PATH\" == *requirements.txt ]] || [[ \"$FILE_PATH\" == *pyproject.toml ]]; then\n    echo \"🐍 Python project detected - checking dependencies...\" >&2\n    \n    if command -v pip &> /dev/null; then\n      echo \"🔍 Checking for outdated Python packages...\" >&2\n      PIP_OUTDATED=$(pip list --outdated 2>/dev/null || echo \"Unable to check outdated packages\")\n      \n      if [ \"$PIP_OUTDATED\" = \"Unable to check outdated packages\" ]; then\n        echo \"⚠️ Unable to check pip packages\" >&2\n      else\n        OUTDATED_COUNT=$(echo \"$PIP_OUTDATED\" | wc -l)\n        if [ \"$OUTDATED_COUNT\" -gt 1 ]; then\n          echo \"📊 Found $OUTDATED_COUNT outdated Python packages\" >&2\n          echo \"$PIP_OUTDATED\" | head -5 >&2\n        else\n          echo \"✅ All Python packages are up to date\" >&2\n        fi\n      fi\n      \n      # Check for security issues with safety\n      if command -v safety &> /dev/null; then\n        echo \"🔒 Running Safety security check...\" >&2\n        SAFETY_OUTPUT=$(safety check --json 2>/dev/null || safety check 2>/dev/null || echo \"Safety check completed\")\n        \n        if echo \"$SAFETY_OUTPUT\" | grep -q \"No known security vulnerabilities\"; then\n          echo \"✅ No known security vulnerabilities in Python dependencies\" >&2\n        else\n          echo \"⚠️ Safety scan found potential security issues\" >&2\n        fi\n      else\n        echo \"💡 Install Safety for Python security scanning: pip install safety\" >&2\n      fi\n    else\n      echo \"⚠️ pip command not available\" >&2\n    fi\n    \n  # Ruby projects\n  elif [[ \"$FILE_PATH\" == *Gemfile ]]; then\n    echo \"💎 Ruby project detected - checking dependencies...\" >&2\n    \n    if command -v bundle &> /dev/null; then\n      echo \"🔍 Checking for outdated Ruby gems...\" >&2\n      BUNDLE_OUTDATED=$(bundle outdated 2>/dev/null | head -10 || echo \"Unable to check outdated gems\")\n      echo \"$BUNDLE_OUTDATED\" >&2\n      \n      # Check for security issues\n      if bundle exec bundler-audit --version &> /dev/null; then\n        echo \"🔒 Running bundler-audit security check...\" >&2\n        BUNDLE_AUDIT=$(bundle exec bundler-audit check 2>&1 || echo \"Bundle audit completed\")\n        \n        if echo \"$BUNDLE_AUDIT\" | grep -q \"No vulnerabilities found\"; then\n          echo \"✅ No vulnerabilities found in Ruby gems\" >&2\n        else\n          echo \"⚠️ Bundle audit found potential issues\" >&2\n        fi\n      else\n        echo \"💡 Install bundler-audit: gem install bundler-audit\" >&2\n      fi\n    else\n      echo \"⚠️ bundle command not available\" >&2\n    fi\n    \n  # Go projects\n  elif [[ \"$FILE_PATH\" == *go.mod ]]; then\n    echo \"🐹 Go project detected - checking dependencies...\" >&2\n    \n    if command -v go &> /dev/null; then\n      echo \"🔍 Checking Go module dependencies...\" >&2\n      \n      # List modules\n      GO_LIST=$(go list -m -u all 2>/dev/null | head -10 || echo \"Unable to list Go modules\")\n      echo \"$GO_LIST\" >&2\n      \n      # Check for available updates\n      OUTDATED_MODULES=$(echo \"$GO_LIST\" | grep -c '\\[' 2>/dev/null || echo \"0\")\n      if [ \"$OUTDATED_MODULES\" -gt 0 ]; then\n        echo \"📊 Found $OUTDATED_MODULES Go modules with available updates\" >&2\n        echo \"💡 Run 'go get -u ./...' to update dependencies\" >&2\n      else\n        echo \"✅ All Go modules are up to date\" >&2\n      fi\n    else\n      echo \"⚠️ go command not available\" >&2\n    fi\n    \n  # Rust projects\n  elif [[ \"$FILE_PATH\" == *Cargo.toml ]]; then\n    echo \"🦀 Rust project detected - checking dependencies...\" >&2\n    \n    if command -v cargo &> /dev/null; then\n      # Check for outdated crates\n      if cargo outdated --version &> /dev/null; then\n        echo \"🔍 Checking for outdated Rust crates...\" >&2\n        CARGO_OUTDATED=$(cargo outdated 2>/dev/null | head -10 || echo \"Unable to check outdated crates\")\n        echo \"$CARGO_OUTDATED\" >&2\n      else\n        echo \"💡 Install cargo-outdated: cargo install cargo-outdated\" >&2\n      fi\n      \n      # Security audit\n      if cargo audit --version &> /dev/null; then\n        echo \"🔒 Running Rust security audit...\" >&2\n        CARGO_AUDIT=$(cargo audit 2>&1 || echo \"Audit completed\")\n        \n        if echo \"$CARGO_AUDIT\" | grep -q \"Success No vulnerable packages found\"; then\n          echo \"✅ No vulnerable crates found\" >&2\n        else\n          echo \"⚠️ Cargo audit found potential issues\" >&2\n        fi\n      else\n        echo \"💡 Install cargo-audit: cargo install cargo-audit\" >&2\n      fi\n    else\n      echo \"⚠️ cargo command not available\" >&2\n    fi\n  fi\n  \n  # General recommendations\n  echo \"\" >&2\n  echo \"📋 Dependency Update Best Practices:\" >&2\n  echo \"   • Review changelogs before major version updates\" >&2\n  echo \"   • Test thoroughly after dependency updates\" >&2\n  echo \"   • Update security-critical packages immediately\" >&2\n  echo \"   • Use lockfiles for reproducible builds\" >&2\n  \nelse\n  echo \"File $FILE_PATH is not a recognized dependency file, skipping analysis\" >&2\nfi\n\nexit 0"
}