#!/bin/sh
# Pre-commit hook that:
# 1. Updates version.py with correct version info
# 2. Prevents committing private content to public branches

# Get current branch name
current_branch=$(git rev-parse --abbrev-ref HEAD 2>/dev/null || echo "unknown")

# Get the repository root
REPO_ROOT="$(git rev-parse --show-toplevel 2>/dev/null || pwd)"

# CRITICAL: Change to repository root before calling update script
cd "$REPO_ROOT" 2>/dev/null || true

# PART 1: Update version.py
# -------------------------
UPDATE_SCRIPT="$REPO_ROOT/scripts/update-version.sh"
if [ -f "$UPDATE_SCRIPT" ]; then
    # Run in auto mode to update version before commit
    # Capture output to check if it's just "already up to date"
    UPDATE_OUTPUT=$("$UPDATE_SCRIPT" --auto 2>&1)
    UPDATE_EXIT=$?
    
    if [ $UPDATE_EXIT -eq 0 ]; then
        # Success - always stage version.py to ensure it's included in this commit
        git add version.py
        echo "✓ Version updated and staged for commit"
    else
        # Real error occurred
        echo "⚠ Warning: Version update failed but continuing"
    fi
fi

# PART 2: Check for private content (from RepoKit)
# -------------------------------------------------
# Define private branches where private content is allowed
case "$current_branch" in
    local|private|feature/*|feat/*|prototype/*|experiment/*|spike/*)
        echo "Checking for private content on branch: $current_branch"
        exit 0
        ;;
    main|dev|live|test|production|staging|prod|master)
        echo "🔍 RepoKit Pre-Commit Check"
        echo "   Branch: $current_branch (public)"
        ;;
    *)
        echo "🔍 RepoKit Pre-Commit Check"
        echo "   Branch: $current_branch (public)"
        ;;
esac

# Check for private content using BranchContext patterns
has_private_content=0
for file in $(git diff --cached --name-only); do
    # Check against all private content patterns from BranchContext
    if echo "$file" | grep -q -E "^.*.*/__private__.*|^.*.*/private_.*|^.*..*~|^.*\.backup$|^.*\.bak$|^.*\.log$|^.*\.tmp$|^.*~$|^.env.*|^.env.local$|^.env.private$|^.repokit.json$|^CLAUDE.md$|^Clipboard Text.*|^convos/|^credentials/|^logs/|^logs/.*|^logs/.*.*/.*|^nul$|^private/|^private/claude/|^private/docs/|^private/notes/|^private/temp/|^revisions/|^revisions/.*|^revisions/.*.*/.*|^secrets/|^test-runs/|^test_runs/"; then
        if [ $has_private_content -eq 0 ]; then
            echo ""
            echo "❌ COMMIT BLOCKED - Private Content Protection"
            echo ""
            echo "ERROR: Attempting to commit private files to public branch '$current_branch':"
            echo ""
            has_private_content=1
        fi
        echo "  - $file"
    fi
done

if [ $has_private_content -eq 1 ]; then
    echo ""
    echo "These files should only exist in private branches."
    echo "To fix this:"
    echo "  1. Switch to private branch: git checkout private"
    echo "  2. Or unstage these files: git reset HEAD <file>"
    echo "  3. Or remove from working directory: rm <file>"
    echo ""
    exit 1
fi

# Check for large files (>10MB)
for file in $(git diff --cached --name-only); do
    if [ -f "$file" ]; then
        size=$(du -k "$file" | awk '{print $1}')
        if [ "$size" -gt 10240 ]; then
            echo "ERROR: File $file is too large ($size KB)"
            echo "Consider using Git LFS or add to .gitignore"
            exit 1
        fi
    fi
done

exit 0