npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

react-readonly-guard

v1.0.0

Published

Protect critical files by marking them @readonly. Prevent commits unless files are unlocked with @unlock.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

nueladeyeminueladeyemi

Keywords

reactreadonlyguardunlockhuskycommit-protectioncode-safetyfile-protectionpre-commit

Readme

react-readonly-guard

react-readonly-guard is a lightweight Git-aware tool that prevents accidental edits to critical files in your codebase. By adding simple markers like /** @readonly */ and /** @unlock */, developers get intentional, safe editing workflows — all enforced automatically through Git hooks.

This helps teams avoid breaking core components, shared UI libraries, configs, theme files, or system logic that must not be changed without careful intention.

Protect important files with comments. Enforce commit-time readonly rules automatically.

Features

  • Blocks commits that modify existing files which are marked @readonly unless @unlock is present.
  • Allows creating new files that contain @readonly (so you can add markers in a migration commit).
  • Allows adding @unlock to make edits, and allows removing @unlock in the next commit.
  • Auto-installs Husky if missing and injects the hook into .husky/pre-commit.
  • Written in TypeScript, ships compiled CommonJS runtime in lib/ for zero-config usage.

🔒 Readonly mode — prevent accidental edits

🔓 Unlock mode — allow intentional editing

🆕 Supports new files — readonly on new files still commits

🎯 Works everywhere — CLI, VSCode Source Control, JetBrains, GitKraken

⚙️ Automatic setup — Husky pre-commit hook installs automatically

📦 Zero configuration — works out of the box

🧩 TypeScript code, Node-compatible CLI

🛡 Safeguards your codebase with minimal developer friction

Install

# npm
npm install --save-dev react-readonly-guard
# pnpm
pnpm add -D react-readonly-guard
# yarn
yarn add -D react-readonly-guard

The package runs a postinstall-style installer that will ensure Husky is installed (if Husky isn’t installed) in your project and will inject a pre-commit hook that runs the readonly check. PS: No manual setup required.

Behavior

The guard enforces these rules for existing files (files that exist in HEAD):

  • If the file had @readonly in HEAD and the staged version still has @readonly but no @unlock, the commit is blocked.
  • If the staged version contains @unlock, the commit is allowed.
  • If the old version had @unlock and the staged does not, the commit is allowed (you can remove unlock after changes).
  • New files (not present in HEAD) are allowed even if they contain @readonly.

Usage

After install, the hook is injected automatically. Then include any of the below in your component

LOCKING:

/**
*@readonly
*/

or /** @readonly */

You can automatically add it using CLI with:

npx react-readonly-guard lock path/example-file.tsx

UNLOCKING:

/**
*@unlock
*/

or /** @unlock */

You can automatically add it using CLI with:

npx react-readonly-guard unlock path/example-file.tsx

Commit as usual:

git add <files>
git commit -m "Your message"

Result: If you edit a readonly file without unlocking, the commit will fail:

❌ Cannot commit changes to readonly files (add @unlock to modify):
- src/components/Button.tsx

To bypass for a one-off commit (not recommended), use:

git commit -m "..." --no-verify

License

MIT