package main

import (
	"bufio"
	"fmt"
	"os"
	"os/exec"
	"strings"
)

func commandExists(cmd string) bool {
	_, err := exec.LookPath(cmd)
	return err == nil
}

func checkDependencies() error {
	requiredTools := []string{"git", "find", "grep"}
	optionalTools := []string{"gitleaks"}
	var missing []string

	log("Checking dependencies...")

	for _, tool := range requiredTools {
		if !commandExists(tool) {
			missing = append(missing, tool)
		}
	}

	for _, tool := range optionalTools {
		if !commandExists(tool) {
			warn("Optional tool missing: %s (recommended for security scanning)", tool)
		} else {
			log("✓ Found: %s", tool)
		}
	}

	if len(missing) > 0 {
		errorLog("Missing required tools: %s", strings.Join(missing, ", "))
		errorLog("Please install missing dependencies")
		return fmt.Errorf("missing dependencies")
	}

	log("✓ All required dependencies found")
	return nil
}

func runSecurityScan() error {
	log("Running security scan...")

	if !commandExists("gitleaks") {
		warn("GitLeaks not installed - skipping security scan")
		warn("Install with: paru -S gitleaks")
		fmt.Println()

		fmt.Print("Continue without security scan? (y/N): ")
		reader := bufio.NewReader(os.Stdin)
		answer, _ := reader.ReadString('\n')
		answer = strings.TrimSpace(strings.ToLower(answer))

		if answer != "y" && answer != "yes" {
			errorLog("Push cancelled for security")
			return fmt.Errorf("security scan cancelled")
		}
		return nil
	}

	log("Using GitLeaks for secret detection...")
	cmd := exec.Command("gitleaks", "detect", "--verbose", "--exit-code", "1")

	if err := cmd.Run(); err != nil {
		errorLog("❌ Secrets detected! Review before pushing.")
		return fmt.Errorf("secrets detected")
	}

	log("✅ No secrets detected")
	return nil
}