fix: Replace parse-git-config with ini + fs

[kantivekariya]

Fixes #1482

✨ Summary

This PR replaces parse-git-config with a combination of Node's fs module and the ini library for reading Git configuration, due to lack of support and known security vulnerabilities in the original library.

---

📦 Changes Made

• Replaced usage of parse-git-config with ini + fs
• Updated logic in get-repo-slug.ts to manually read and parse .git/config
• Removed module declaration for parse-git-config in ambient.d.ts
• Updated package.json:
  • Removed: parse-git-config
  • Added: ini

---

🔒 Why this is needed

• parse-git-config is unmaintained and has known security issues
• Using ini + fs gives better control and ensures future compatibility without relying on unmaintained dependencies

---

🧪 Testing

• Verified .git/config is correctly read and parsed
• Confirmed correct repository slug is extracted from the origin URL
• Ensured all tests pass
• Confirmed no regressions in related functionality

---

📁 Affected Files

• get-repo-slug.ts
• ambient.d.ts
• package.json

---

✅ Checklist

• Code is clean and commented
• Dependencies updated
• Functionality tested manually
• CI checks pass
• Ready for review

[kantivekariya]

@orta Can you please review this and approve it as soon as possible?

[fbartho]

I’m positively disposed to this solution!

• The dependency it adds, ini, was already in our yarn.lock and is maintained by npm.
• The code it adds is targeted and relatively straight-forward to read
• Note: I haven’t run this PR on my own system, but it looks good to me.

Thanks!

Aside: Seems like there’s a bit of faffing around with pre-commit/pre-push scripts, but I don’t use those, and the changes don’t look wrong, so that just looks irrelevant/fine.

[orta]

You should remove the AI cruft before submitting this sort of thing.

We don't need a comment on every line and the lint staging changes don't make sense. Otherwise, I think this is pretty reasonable, have you tested the command works locally?

[kantivekariya]

Thanks for the feedback! I've removed the excessive comments, and I’ve confirmed that npx lint-stage is working fine for me locally.

[orta]

I mean danger init which was the code which you changed, have you verified that runs in a git repo and when not in a git repo?

The lint staging changes shouldn't be there in this PR either - you're undoing a PR which was just merged #1483

[kantivekariya]

@orta Yes, I tested it, and the updated danger init logic works as expected both inside a Git repo and when run outside of one. I’ve also reverted the Husky related changes I had made earlier.

[orta]

Ace, thanks

[kantivekariya]

@orta Thanks for the approval! can we release a new version for this?