Tighten default cleanup directories

Author: zxch3n

README.md

@@ -104,7 +104,6 @@ These directory names are treated as candidates (they are only counted/deleted i
 - `dist`
 - `build`
 - `out`
-- `bin`
 - `obj`
 - `Debug`
 - `Release`
@@ -117,10 +116,7 @@ These directory names are treated as candidates (they are only counted/deleted i
 - `.astro`
 - `storybook-static`
 - `_site`
-- `public`
-- `.vercel`
 - `.turbo`
-- `.cache`
 - `.parcel-cache`
 - `.vite`
 - `.angular`
@@ -132,9 +128,6 @@ These directory names are treated as candidates (they are only counted/deleted i
 - `.nox`
 - `.venv`
 - `venv`
-- `env`
-- `ENV`
-- `.direnv`
 - `.ipynb_checkpoints`
 - `htmlcov`
 - `.pyre`
@@ -143,7 +136,6 @@ These directory names are treated as candidates (they are only counted/deleted i
 - `dist-newstyle`
 - `.stack-work`
 - `.vs`
-- `packages`
 - `CMakeFiles`
 - `cmake-build-debug`
 - `cmake-build-release`
@@ -155,16 +147,13 @@ These directory names are treated as candidates (they are only counted/deleted i
 - `.build`
 - `DerivedData`
 - `.dart_tool`
-- `.serverless`
 - `coverage`
-- `tmp`
-- `temp`
 
 ## Notes
 
 - Size is computed as the sum of file sizes (not disk blocks like `du`).
 - Requires `git` on `PATH` and follows Git ignore rules (`.gitignore`, `.git/info/exclude`, global excludes).
 - Git worktree and other multi-level layouts are supported; when a directory is not a repo, scan probes 1-2 levels below for nested git repos.
 - Linux prebuilt releases (`x86_64-unknown-linux-gnu`) are CI-checked to require at most `GLIBC_2.36`.
-- The built-in list intentionally does not include some stateful directories (e.g. `.terraform`, `.pulumi`, `.vagrant`). Add them explicitly via `--artifact` if you really want to clean them.
+- The built-in list is intentionally conservative. It excludes stateful or user-managed directories that may contain secrets, deployment metadata, uploads, or local state (e.g. `.terraform`, `.direnv`, `.vercel`, `.serverless`, `public`, `packages`, `bin`, `tmp`, `.pulumi`, `.vagrant`). Add them explicitly via `--artifact` only if you are sure they are safe to remove.
 - The TUI is built with `ratatui` + `crossterm`. If keybindings/rendering are odd, check your terminal settings and input method conflicts.

npm/README.md

@@ -46,7 +46,7 @@ clean-my-code --no-default-artifacts --artifact target --artifact node_modules
 
 Run `clean-my-code --help` for the full CLI reference.
 
-Stateful infrastructure directories such as `.terraform` are intentionally excluded from the built-in artifact list. Add them explicitly via `--artifact` only if you are sure they are safe to remove.
+The built-in artifact list is intentionally conservative. It excludes stateful or user-managed directories that may contain secrets, deployment metadata, uploads, or local state, such as `.terraform`, `.direnv`, `.vercel`, `.serverless`, `public`, `packages`, `bin`, and `tmp`. Add them explicitly via `--artifact` only if you are sure they are safe to remove.
 
 ## TUI keybindings
 

src/cli.rs

@@ -5,13 +5,12 @@ use clap::{Args, Parser, Subcommand};
 
 use crate::{report::collect_reports, report::print_scan_report, tui::TuiOptions};
 
-const DEFAULT_ARTIFACT_DIR_NAMES: [&str; 59] = [
+const DEFAULT_ARTIFACT_DIR_NAMES: &[&str] = &[
     // General build outputs.
     "target",
     "dist",
     "build",
     "out",
-    "bin",
     "obj",
     "Debug",
     "Release",
@@ -25,10 +24,7 @@ const DEFAULT_ARTIFACT_DIR_NAMES: [&str; 59] = [
     ".astro",
     "storybook-static",
     "_site",
-    "public",
-    ".vercel",
     ".turbo",
-    ".cache",
     ".parcel-cache",
     ".vite",
     ".angular",
@@ -41,9 +37,6 @@ const DEFAULT_ARTIFACT_DIR_NAMES: [&str; 59] = [
     ".nox",
     ".venv",
     "venv",
-    "env",
-    "ENV",
-    ".direnv",
     ".ipynb_checkpoints",
     "htmlcov",
     ".pyre",
@@ -54,7 +47,6 @@ const DEFAULT_ARTIFACT_DIR_NAMES: [&str; 59] = [
     ".stack-work",
     // .NET / Visual Studio.
     ".vs",
-    "packages",
     // CMake (CLion).
     "CMakeFiles",
     "cmake-build-debug",
@@ -69,12 +61,8 @@ const DEFAULT_ARTIFACT_DIR_NAMES: [&str; 59] = [
     "DerivedData",
     // Mobile / Flutter.
     ".dart_tool",
-    // Infra / DevOps.
-    ".serverless",
     // Misc.
     "coverage",
-    "tmp",
-    "temp",
 ];
 
 #[derive(Parser, Debug)]
@@ -187,7 +175,12 @@ fn run_with_cli(cli: Cli) -> Result<()> {
 
     let mut artifact_dir_names: HashSet<OsString> = HashSet::new();
     if !cli.common.no_default_artifacts {
-        artifact_dir_names.extend(DEFAULT_ARTIFACT_DIR_NAMES.map(OsString::from));
+        artifact_dir_names.extend(
+            DEFAULT_ARTIFACT_DIR_NAMES
+                .iter()
+                .copied()
+                .map(OsString::from),
+        );
     }
     artifact_dir_names.extend(cli.common.artifacts.into_iter().map(OsString::from));
 
@@ -238,10 +231,25 @@ mod tests {
     use super::DEFAULT_ARTIFACT_DIR_NAMES;
 
     #[test]
-    fn default_artifacts_do_not_include_terraform_state_dirs() {
-        assert!(
-            !DEFAULT_ARTIFACT_DIR_NAMES.contains(&".terraform"),
-            "default artifacts must not include .terraform because it can contain state"
-        );
+    fn default_artifacts_exclude_stateful_or_user_managed_dirs() {
+        for name in [
+            ".terraform",
+            ".direnv",
+            ".vercel",
+            ".serverless",
+            ".cache",
+            "public",
+            "packages",
+            "bin",
+            "env",
+            "ENV",
+            "tmp",
+            "temp",
+        ] {
+            assert!(
+                !DEFAULT_ARTIFACT_DIR_NAMES.contains(&name),
+                "default artifacts must not include {name} because it may contain local state, secrets, or user-managed data"
+            );
+        }
     }
 }