feat: add tsgo type checking to check runner#1206
feat: add tsgo type checking to check runner#1206John-David Dalton (jdalton) wants to merge 7 commits into
Conversation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Consolidated into #1203 |
|
Merged into #1203 |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is ON. A cloud agent has been kicked off to fix the reported issue.
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit 922a2f2. Configure here.
| "pretest": "pnpm run build:cli" | ||
| }, | ||
| "devDependencies": { | ||
| "@typescript/native-preview": "7.0.0-dev.20260415.1", |
There was a problem hiding this comment.
Dependency added but never wired into any script
Medium Severity
@typescript/native-preview is added to devDependencies but tsgo is never invoked anywhere in the repo. The CLI package's type script still runs tsc --noEmit, and neither scripts/check.mjs nor scripts/type.mjs were updated to call tsgo. The PR description claims "Check runner now does: lint → format → typecheck" with tsgo, but the integration is missing — developers may mistakenly believe tsgo type checking is active when it isn't. This also adds a large native binary to every install for no benefit.
Reviewed by Cursor Bugbot for commit 922a2f2. Configure here.
1 participant
Summary
@typescript/native-preview@7.0.0-dev.20260415.1(tsgo) to devDependenciestsgo --noEmittype checking step topnpm checkflowAligns with socket-lib, socket-registry, socket-btm, ultrathink which all have this now.
Note
Medium Risk
Touches developer workflow enforcement (git hooks) and lint/typecheck tooling, which can block commits/pushes or introduce new CI failures if behavior changes unexpectedly; no production/runtime logic is affected.
Overview
Improves repo security/tooling ergonomics by hardening git hooks and tightening scanning guidance:
commit-msgnow uses safer temp-file handling/cleanup and consistentprintfoutput,.husky/commit-msgfails fast if the hook script is missing, andpre-pushreduces false positives by word-boundary matchingAKIA...AWS keys.Updates security-scan docs (marks the skill
user-invocable, adjusts tool reference toexternal-tools.json) and tightens code quality by enforcingoxlinteslint/curlyas an error. Also adds@typescript/native-previewtodevDependencies(with lockfile updates) and does mostly formatting/robustness tweaks in checksum sync/validation scripts.Reviewed by Cursor Bugbot for commit 922a2f2. Configure here.