feat: make becwright dead-simple to adopt (demo command, 1-line install, visual README)#35
Conversation
demo runs in-process (works with the npm standalone binary too), needs no git and touches nothing: it shows becwright blocking a sample commit that hardcodes a secret and calls eval — the fastest way to see the value before installing. init now prints a numbered 1-2-3 of what to do next. Tests added for both.
README (EN+ES): a self-contained terminal-card SVG showing a blocked commit up top, a 'see it in 5 seconds' becwright demo callout, the install reduced to one recommended line (others folded into a details block), a copy-paste gallery of ready-made rules to import, and the demo command added to the command tables.
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (7)
📝 WalkthroughWalkthroughAdds a new ChangesDemo Command and Documentation
Sequence Diagram(s)sequenceDiagram
participant User
participant CLI as cli._cmd_demo
participant Checks as dangerous_eval/hardcoded_secrets
participant TempDir as Temp file
User->>CLI: becwright demo
CLI->>TempDir: create sample file with secret and eval
CLI->>Checks: run dangerous_eval(temp file)
CLI->>Checks: run hardcoded_secrets(temp file)
Checks-->>CLI: Result objects (passed=False)
CLI->>User: print rule results and guidance message
CLI->>TempDir: delete temp directory
Estimated code review effort🎯 2 (Simple) | ⏱️ ~15 minutes Possibly related PRs
Poem
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Lower the friction of the first 60 seconds so becwright is easy for anyone, not just experts. Five polish items:
1.
becwright demo— the instant "aha" (new command)See becwright block a sample bad commit (a hardcoded secret + an
eval) with zero setup, no git, nothing on your machine touched. Runs fully in-process, so it works with the npm standalone binary too. The "try before you install" path.2. Visual README — a terminal-card SVG
assets/becwright-demo.svgshows a blocked commit (redBLOCK, the why) at the top of the README. Self-contained, inline presentation attributes only (renders reliably on GitHub, npm, PyPI). Plus a "see it in 5 seconds" callout.3. One-line install
Reduced to a single recommended line (
npm install -g becwright); pnpm/pip/project-local + the platform note folded into a<details>block.4. Clearer
becwright initEnds with a numbered 1-2-3 of exactly what to do next instead of one sentence.
5. Ready-made rules gallery
A copy-paste section of
becwright import <url>one-liners (Python, JS/TS, any-language) so people import a proven rule instead of writing one.Notes
demoadded to the command tables and--help; status lines updated. EN + ES in sync.eval(...)line carries abecwright: ignoremarker so the repo's own dogfooding rules stay green.hardcoded_secretscheck without tripping GitHub push protection.Test plan
becwright demoblocks both sample rules and cleans up its sandbox (no git, no cwd writes) — new tests.initprints next steps — new test.check --allis green.Summary by CodeRabbit
New Features
Documentation