fulll
diff --git a/‎CODE_OF_CONDUCT.md‎
Lines changed: 132 additions & 0 deletions b/‎CODE_OF_CONDUCT.md‎
Lines changed: 132 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 72 additions & 0 deletions b/‎README.md‎
Lines changed: 72 additions & 0 deletions
diff --git a/‎SECURITY.md‎
Lines changed: 34 additions & 0 deletions b/‎SECURITY.md‎
Lines changed: 34 additions & 0 deletions
diff --git a/‎demo/README.md‎
Lines changed: 27 additions & 0 deletions b/‎demo/README.md‎
Lines changed: 27 additions & 0 deletions
diff --git a/‎demo/demo.gif‎
438 KB b/‎demo/demo.gif‎
438 KB
diff --git a/‎demo/demo.tape‎
Lines changed: 70 additions & 0 deletions b/‎demo/demo.tape‎
Lines changed: 70 additions & 0 deletions
@@ -0,0 +1,132 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+- Demonstrating empathy and kindness toward other people
+- Being respectful of differing opinions, viewpoints, and experiences
+- Giving and gracefully accepting constructive feedback
+- Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+- Focusing on what is best not just for us as individuals, but for the overall
+  community
+
+Examples of unacceptable behavior include:
+
+- The use of sexualized language or imagery, and sexual attention or advances of
+  any kind
+- Trolling, insulting or derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or email address,
+  without their explicit permission
+- Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official email address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+[admin@fulll.fr](mailto:admin@fulll.fr).
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series of
+actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or permanent
+ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior, harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the
+community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+
+For answers to common questions about this code of conduct, see the FAQ at
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations
@@ -10,10 +10,82 @@ keyboard-driven TUI, fine-grained extract selection, markdown/JSON output.
 
 → **Full documentation: https://fulll.github.io/github-code-search/**
 
+![Demo](demo/demo.gif)
+
 ## Quick start
 
 ```bash
 export GITHUB_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxx
 curl -fsSL https://raw.githubusercontent.com/fulll/github-code-search/main/install.sh | bash
 github-code-search query "TODO" --org my-org
 ```
+
+## Features
+
+- **Org-wide search** — queries all repositories in a GitHub organisation in one command, with automatic pagination up to 1 000 results
+- **Per-repository aggregation** — results grouped by repo, not as a flat list; fold/unfold each repo to focus on what matters
+- **Keyboard-driven TUI** — navigate with arrow keys, toggle selections, filter by file path, confirm with Enter — without leaving the terminal
+- **Fine-grained selection** — pick exactly the repos and extracts you want; deselected items are recorded as exclusions in the replay command
+- **Structured output** — clean Markdown lists with GitHub links, or machine-readable JSON — ready to paste into docs, issues or scripts
+- **Team-prefix grouping** — group results by team prefix (e.g. `platform/`, `data/`) using `--group-by-team-prefix`
+- **Replay command** — every session produces a one-liner you can run in CI to reproduce the exact same selection without the UI
+- **Syntax highlighting** — code fragments rendered with language-aware coloring (TypeScript, Python, Go, Rust, YAML, JSON and more)
+
+## Use cases
+
+**Audit a dependency across the org**
+
+```bash
+github-code-search query "from 'lodash'" --org my-org
+```
+
+Instantly see every repo still importing lodash, select the ones to migrate, and get a Markdown checklist to paste in your migration issue.
+
+**Hunt down TODOs before a release**
+
+```bash
+github-code-search query "TODO" --org my-org --exclude-repositories sandbox,archived-repo
+```
+
+Surfaces all in-code TODOs, lets you triage interactively, and outputs a linked list for your release notes.
+
+**Verify a breaking-change rollout**
+
+```bash
+github-code-search query "oldApiClient" --org my-org --output-type repo-only --format json
+```
+
+Use JSON output in a CI script to assert that no repository still references the deprecated client after your migration deadline.
+
+**Security sweep — find hardcoded secrets patterns**
+
+```bash
+github-code-search query "process.env.SECRET" --org my-org
+```
+
+Cross-repo scan for risky patterns; export results to Markdown to attach to a security audit report.
+
+**Onboarding — understand how an internal library is used**
+
+```bash
+github-code-search query "useFeatureFlag" --org my-org --group-by-team-prefix platform/
+```
+
+Get a team-scoped view of every usage site before refactoring a shared hook or utility.
+
+## Why not `gh search code`?
+
+The official [`gh` CLI](https://cli.github.com/) does support `gh search code`, but it returns a **flat paginated list** — one result per line, no grouping, no interactive selection, no structured output.
+
+|                                            | `gh search code` | `github-code-search` |
+| ------------------------------------------ | ---------------- | -------------------- |
+| Results grouped by repo                    | ✗                | ✓                    |
+| Interactive TUI (navigate, select, filter) | ✗                | ✓                    |
+| Fine-grained extract selection             | ✗                | ✓                    |
+| Markdown / JSON output                     | ✗                | ✓                    |
+| Replay / CI command                        | ✗                | ✓                    |
+| Team-prefix grouping                       | ✗                | ✓                    |
+| Syntax highlighting in terminal            | ✗                | ✓                    |
+| Pagination (up to 1 000 results)           | ✓                | ✓                    |
+
+`github-code-search` is purpose-built for **org-wide code audits and interactive triage** — not just a search wrapper.
@@ -0,0 +1,34 @@
+## Security
+
+We take the security of our software products and components seriously, which includes all source code repositories managed through our [Fulll's GitHub organization](https://github.com/fulll).
+
+If you believe you have found a security vulnerability in any Fulll's repository that meets Wikipedia's definition of a security vulnerability ([English version](<https://en.wikipedia.org/wiki/Vulnerability_(computing)>), [French version](<https://fr.wikipedia.org/wiki/Vuln%C3%A9rabilit%C3%A9_(informatique)>)), please report it to us as described below.
+
+## Reporting security vulnerability Issues
+
+:warning: **Please do not report security vulnerabilities through public GitHub issues.**
+
+Instead, **please report them by email** to [rssi@fulll.fr](mailto:rssi@fulll.fr).
+
+You should receive a response as soon as possible. If for some reason you do not, please follow up via email to our [Administrator Team](mailto:admin@fulll.fr) to ensure we received your original message.
+
+For private repositories, you can also send an email or directly use the dedicated issue template for security vulnerability.
+
+:bulb: In any ways, please include the requested information listed below (**as much as you can provide**) to help us better understand the nature and scope of the possible issue:
+
+- Type of issue (e.g. Denial of service, Elevation of privilege, Information disclosure, Remote Code Execution, Security feature bypass, buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Step-by-step instructions to reproduce the issue, including any special configuration required to reproduce
+- (if possible) Proof-of-concept or exploit code
+- Description and Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+## Preferred Languages
+
+We prefer all communications to be in English, but if you are not comfortable, French is acceptable too.
+
+## Policy
+
+Fulll follows the principle of [Microsoft's Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
@@ -0,0 +1,27 @@
+# Demo
+
+This directory contains the [VHS](https://github.com/charmbracelet/vhs) tape used to generate
+the animated demo (`demo.gif`) embedded in the root README.
+
+## Regenerate the animation
+
+1. Install VHS:
+
+   ```bash
+   brew install vhs
+   ```
+
+2. Build the binary:
+
+   ```bash
+   bun run build.ts
+   ```
+
+3. Export your GitHub token and record:
+
+   ```bash
+   export GITHUB_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxx
+   vhs demo.tape        # writes demo.gif
+   ```
+
+The GIF is committed alongside this file and referenced from the root README as `![Demo](demo/demo.gif)`.
@@ -0,0 +1,70 @@
+# VHS tape — terminal demo for README
+# Usage:
+#   1. Install VHS:           brew install vhs
+#   2. Build the binary:      bun run build.ts
+#   3. Export your token:     export GITHUB_TOKEN=ghp_...
+#   4. Record:                vhs demo/demo.tape
+#
+# The GIF is written to demo/demo.gif — add it to README.md with:
+#   ![demo](demo/demo.gif)
+
+Output demo/demo.gif
+
+Require github-code-search
+
+Set Shell "bash"
+Set FontSize 15
+Set Width 1200
+Set Height 600
+Set Theme "Catppuccin Mocha"
+Set Padding 24
+Set TypingSpeed 60ms
+
+# ── Show the prompt ────────────────────────────────────────────────────────────
+Hide
+Type "export GITHUB_TOKEN=$GITHUB_TOKEN"
+Enter
+Show
+
+Sleep 500ms
+
+# ── Type the command ──────────────────────────────────────────────────────────
+Type 'github-code-search query "@actions/cache" --org actions'
+Sleep 800ms
+Enter
+
+# Wait for results to load (API call + TUI render)
+Sleep 4s
+
+# ── Navigate down a few rows ──────────────────────────────────────────────────
+Down
+Sleep 300ms
+Down
+Sleep 300ms
+Down
+Sleep 300ms
+
+# ── Toggle selection off on current extract ───────────────────────────────────
+Space
+Sleep 400ms
+
+# ── Enter filter mode to exclude .ts files ────────────────────────────────────
+Type "f"
+Sleep 300ms
+Type ".yml"
+Sleep 600ms
+Enter
+Sleep 500ms
+
+# ── Select all visible (filtered) rows ────────────────────────────────────────
+Type "a"
+Sleep 500ms
+
+# ── Reset filter ──────────────────────────────────────────────────────────────
+Type "r"
+Sleep 600ms
+
+# ── Confirm and print output ──────────────────────────────────────────────────
+Enter
+
+Sleep 2s