JSPM

@git-stunts/plumbing

2.7.0
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 166
  • Score
    100M100P100Q100126F
  • License Apache-2.0

Robust async, stream-first Git plumbing for Node, Bun, and Deno.

Package Exports

  • @git-stunts/plumbing
  • @git-stunts/plumbing/ShellRunner
  • @git-stunts/plumbing/errors
  • @git-stunts/plumbing/mode
  • @git-stunts/plumbing/ref
  • @git-stunts/plumbing/sha
  • @git-stunts/plumbing/signature

Readme

@git-stunts/plumbing

A low-level, robust, and environment-agnostic Git plumbing library for the modern JavaScript ecosystem. Built with Hexagonal Architecture and Domain-Driven Design (DDD), it provides a secure, streaming-first, and type-safe interface for Git operations across Node.js, Bun, and Deno.

πŸš€ Key Features

  • Streaming-First Architecture: Unified "Streaming Only" pattern across all runtimes for consistent, memory-efficient data handling.
  • Multi-Runtime Support: Native adapters for Node.js, Bun, and Deno with automatic environment detection.
  • Robust Schema Validation: Powered by Zod, ensuring every Entity and Value Object is valid before use.
  • Hexagonal Architecture: Strict separation between core domain logic and infrastructure adapters.
  • Dependency Injection: Core services like CommandSanitizer and ExecutionOrchestrator are injectable for maximum testability.
  • Hardened Security: Integrated CommandSanitizer and EnvironmentPolicy to prevent argument injection and environment leakage.
  • OOM Protection: Integrated safety buffering (GitStream.collect) with configurable byte limits.
  • Dockerized CI: Parallel test execution across all runtimes using isolated containers.

πŸ—οΈ Design Principles

  1. Git as a Subsystem: Git is treated as an external, untrusted dependency. Every command and environment variable is sanitized.
  2. Streaming-First: Buffering is a choice, not a requirement. All data flows through streams to ensure scalability.
  3. Domain Purity: Core logic is 100% environment-agnostic. Runtimes are handled by decoupled adapters.
  4. Security by Default: Prohibits dangerous global flags and restricts the environment to minimize the attack surface.

πŸ“‹ Prerequisites & Compatibility

  • System Git: Requires Git >= 2.30.0.
  • Runtimes:
    • Node.js: >= 22.0.0
    • Bun: >= 1.3.5
    • Deno: >= 2.0.0

πŸ“¦ Installation

npm install @git-stunts/plumbing

πŸ› οΈ Usage

Zero-Config Initialization

import GitPlumbing from '@git-stunts/plumbing';

// Get a high-level service in one line
// GitRepositoryService is a convenience facade built on plumbing primitives.
const git = GitPlumbing.createRepository({ cwd: './my-repo' });

⚑ Killer Example: Atomic Commit from Scratch

Orchestrate a full commit sequenceβ€”from hashing blobs to updating referencesβ€”with built-in concurrency protection.

import GitPlumbing, { GitSha } from '@git-stunts/plumbing';

const git = GitPlumbing.createRepository({ cwd: './my-repo' });

const commitSha = await git.createCommitFromFiles({
  branch: 'refs/heads/main',
  message: 'Feat: atomic plumbing commit',
  author: { name: 'James Ross', email: 'james@flyingrobots.dev' },
  committer: { name: 'James Ross', email: 'james@flyingrobots.dev' },
  parents: [GitSha.from(await git.revParse({ revision: 'HEAD' }))],
  files: [
    { path: 'hello.txt', content: 'Hello World' },
    { path: 'script.sh', content: '#!/bin/sh\necho hi', mode: '100755' }
  ],
  concurrency: 10 // Parallelize blob creation safely
});

Core Entities

import { GitSha } from '@git-stunts/plumbing/sha';
import { GitRef } from '@git-stunts/plumbing/ref';
import { GitSignature } from '@git-stunts/plumbing/signature';

// Validate and normalize (throws ValidationError if invalid)
const sha = GitSha.from('a1b2c3d4...');
const mainBranch = GitRef.branch('main');

πŸ“– Documentation

πŸ§ͺ Testing

npm test          # Multi-runtime Docker tests
npm run test:local # Local vitest run

πŸ“„ License

Apache-2.0