fix(hooks): replace echo with printf for consistent output

Replaced all echo statements with printf in git hooks for better
cross-platform compatibility and consistent output formatting.

Author: jdalton

.git-hooks/commit-msg

@@ -15,7 +15,7 @@ ALLOWED_PUBLIC_KEY="sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo_api"
 ERRORS=0
 
 # Get files in this commit (for security checks).
-COMMITTED_FILES=$(git diff --cached --name-only --diff-filter=ACM 2>/dev/null || echo "")
+COMMITTED_FILES=$(git diff --cached --name-only --diff-filter=ACM 2>/dev/null || printf "\n")
 
 # Quick checks for critical issues in committed files.
 if [ -n "$COMMITTED_FILES" ]; then
@@ -24,7 +24,7 @@ if [ -n "$COMMITTED_FILES" ]; then
       # Check for Socket API keys (except allowed).
       if grep -E 'sktsec_[a-zA-Z0-9_-]+' "$file" 2>/dev/null | grep -v "$ALLOWED_PUBLIC_KEY" | grep -v 'your_api_key_here' | grep -v 'fake-token' | grep -v 'test-token' | grep -v '\.example' | grep -q .; then
         echo "${RED}✗ SECURITY: Potential API key detected in commit!${NC}"
-        echo "File: $file"
+        printf "File: %s\n" "$file"
         ERRORS=$((ERRORS + 1))
       fi
 

.git-hooks/pre-commit

@@ -26,32 +26,32 @@ fi
 ERRORS=0
 
 # Check for .DS_Store files.
-echo "Checking for .DS_Store files..."
+printf "Checking for .DS_Store files...\n"
 if echo "$STAGED_FILES" | grep -q '\.DS_Store'; then
   echo "${RED}✗ ERROR: .DS_Store file detected!${NC}"
   echo "$STAGED_FILES" | grep '\.DS_Store'
   ERRORS=$((ERRORS + 1))
 fi
 
 # Check for log files.
-echo "Checking for log files..."
+printf "Checking for log files...\n"
 if echo "$STAGED_FILES" | grep -E '\.log$' | grep -v 'test.*\.log'; then
   echo "${RED}✗ ERROR: Log file detected!${NC}"
   echo "$STAGED_FILES" | grep -E '\.log$' | grep -v 'test.*\.log'
   ERRORS=$((ERRORS + 1))
 fi
 
 # Check for .env files.
-echo "Checking for .env files..."
+printf "Checking for .env files...\n"
 if echo "$STAGED_FILES" | grep -E '^\.env(\.local)?$'; then
   echo "${RED}✗ ERROR: .env or .env.local file detected!${NC}"
   echo "$STAGED_FILES" | grep -E '^\.env(\.local)?$'
-  echo "These files should never be committed. Use .env.example instead."
+  printf "These files should never be committed. Use .env.example instead.\n"
   ERRORS=$((ERRORS + 1))
 fi
 
 # Check for hardcoded user paths (generic detection).
-echo "Checking for hardcoded personal paths..."
+printf "Checking for hardcoded personal paths...\n"
 for file in $STAGED_FILES; do
   if [ -f "$file" ]; then
     # Skip test files and hook scripts.
@@ -63,26 +63,26 @@ for file in $STAGED_FILES; do
     if grep -E '(/Users/[^/\s]+/|/home/[^/\s]+/|C:\\Users\\[^\\]+\\)' "$file" 2>/dev/null | grep -q .; then
       echo "${RED}✗ ERROR: Hardcoded personal path found in: $file${NC}"
       grep -n -E '(/Users/[^/\s]+/|/home/[^/\s]+/|C:\\Users\\[^\\]+\\)' "$file" | head -3
-      echo "Replace with relative paths or environment variables."
+      printf "Replace with relative paths or environment variables.\n"
       ERRORS=$((ERRORS + 1))
     fi
   fi
 done
 
 # Check for Socket API keys.
-echo "Checking for API keys..."
+printf "Checking for API keys...\n"
 for file in $STAGED_FILES; do
   if [ -f "$file" ]; then
     if grep -E 'sktsec_[a-zA-Z0-9_-]+' "$file" 2>/dev/null | grep -v "$ALLOWED_PUBLIC_KEY" | grep -v 'your_api_key_here' | grep -v 'SOCKET_SECURITY_API_KEY=' | grep -v 'fake-token' | grep -v 'test-token' | grep -q .; then
       echo "${YELLOW}⚠ WARNING: Potential API key found in: $file${NC}"
       grep -n 'sktsec_' "$file" | grep -v "$ALLOWED_PUBLIC_KEY" | grep -v 'your_api_key_here' | grep -v 'fake-token' | grep -v 'test-token' | head -3
-      echo "If this is a real API key, DO NOT COMMIT IT."
+      printf "If this is a real API key, DO NOT COMMIT IT.\n"
     fi
   fi
 done
 
 # Check for common secret patterns.
-echo "Checking for potential secrets..."
+printf "Checking for potential secrets...\n"
 for file in $STAGED_FILES; do
   if [ -f "$file" ]; then
     # Skip test files, example files, and hook scripts.
@@ -113,9 +113,9 @@ for file in $STAGED_FILES; do
 done
 
 if [ $ERRORS -gt 0 ]; then
-  echo ""
+  printf "\n"
   echo "${RED}✗ Security check failed with $ERRORS error(s).${NC}"
-  echo "Fix the issues above and try again."
+  printf "Fix the issues above and try again.\n"
   exit 1
 fi
 

.git-hooks/pre-push

@@ -71,7 +71,7 @@ while read local_ref local_sha remote_ref remote_sha; do
   printf "Checking files for security issues...\n"
 
   # Get all files changed in these commits.
-  CHANGED_FILES=$(git diff --name-only "$range" 2>/dev/null || echo "")
+  CHANGED_FILES=$(git diff --name-only "$range" 2>/dev/null || printf "\n")
 
   if [ -n "$CHANGED_FILES" ]; then
     # Check for sensitive files.

.husky/pre-commit

@@ -4,11 +4,11 @@
 if [ -z "${DISABLE_PRECOMMIT_LINT}" ]; then
   pnpm lint --staged
 else
-  echo "Skipping lint due to DISABLE_PRECOMMIT_LINT env var"
+  printf "Skipping lint due to DISABLE_PRECOMMIT_LINT env var\n"
 fi
 
 if [ -z "${DISABLE_PRECOMMIT_TEST}" ]; then
   dotenvx -q run -f .env.precommit -- pnpm test --staged
 else
-  echo "Skipping testing due to DISABLE_PRECOMMIT_TEST env var"
+  printf "Skipping testing due to DISABLE_PRECOMMIT_TEST env var\n"
 fi