Complete overhaul, removing all wled code

.githooks/README.md

@@ -0,0 +1,40 @@
+# Git Hooks Directory
+
+This directory contains Git hooks that are automatically configured when you clone or checkout this repository.
+
+## Automatic Setup
+
+The `post-checkout` hook automatically:
+1. Configures `core.hooksPath` to `.githooks`
+2. Makes all hooks executable
+3. Runs on every `git clone` and `git checkout`
+
+## Available Hooks
+
+- **pre-commit**: Checks for secrets before committing
+- **pre-push**: Checks for secrets before pushing
+- **post-checkout**: Auto-configures hooks on clone/checkout
+
+## Manual Installation
+
+If automatic setup doesn't work:
+
+```bash
+git config core.hooksPath .githooks
+chmod +x .githooks/*
+```
+
+## Bypassing Hooks
+
+⚠️ **You can bypass hooks, but DON'T!**
+
+```bash
+git commit --no-verify    # Bypasses pre-commit
+git push --no-verify      # Bypasses pre-push
+```
+
+**Why this is dangerous:**
+- Secrets in Git history are permanent
+- They're visible to anyone with repo access
+- **Always rotate exposed secrets immediately!**
+

.githooks/post-checkout

@@ -0,0 +1,51 @@
+#!/bin/bash
+# Post-checkout hook that auto-configures Git hooks
+# This runs automatically after clone/checkout and sets up hooksPath
+# Users can still disable it, but it prevents accidents
+
+# Colors for output
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+# Get the repository root
+REPO_ROOT=$(git rev-parse --show-toplevel 2>/dev/null)
+
+if [ -z "$REPO_ROOT" ]; then
+    # Not in a git repo, exit silently
+    exit 0
+fi
+
+cd "$REPO_ROOT"
+
+# Check if core.hooksPath is already configured
+CURRENT_HOOKS_PATH=$(git config core.hooksPath 2>/dev/null)
+
+if [ "$CURRENT_HOOKS_PATH" != ".githooks" ] && [ -d ".githooks" ]; then
+    # Configure hooksPath if not already set
+    git config core.hooksPath .githooks
+
+    # Make sure all hooks are executable
+    find .githooks -type f -name "*" ! -name "*.md" ! -name "*.txt" -exec chmod +x {} \; 2>/dev/null || true
+
+    echo -e "${GREEN}✅ Git hooks automatically configured!${NC}"
+    echo -e "${BLUE}   Hooks directory: .githooks${NC}"
+    echo -e "${YELLOW}   Note: You can still bypass with --no-verify, but please don't!${NC}"
+fi
+
+# If this is the first checkout (clone), show a message
+if [ "$1" = "0" ] || [ -z "$1" ]; then
+    # This might be a clone or first checkout
+    if [ ! -f ".git/hooks/post-checkout" ] || [ -L ".git/hooks/post-checkout" ]; then
+        # Create a symlink or copy to ensure this runs on future checkouts
+        # (This is a one-time bootstrap)
+        if [ -f ".githooks/post-checkout" ]; then
+            # Try to create a symlink (if supported)
+            ln -sf "../../.githooks/post-checkout" ".git/hooks/post-checkout" 2>/dev/null || true
+        fi
+    fi
+fi
+
+exit 0
+

.githooks/pre-commit

@@ -0,0 +1,50 @@
+#!/bin/bash
+# Pre-commit hook example
+# This will run automatically if core.hooksPath is set to .githooks
+# Users can still bypass with: git commit --no-verify
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+
+echo -e "${YELLOW}Running pre-commit checks...${NC}"
+
+# Check for common secret patterns
+PATTERNS=(
+    "password\s*[:=]\s*['\"]?[^'\"]+['\"]?"
+    "api[_-]?key\s*[:=]\s*['\"]?[^'\"]+['\"]?"
+    "secret\s*[:=]\s*['\"]?[^'\"]+['\"]?"
+    "token\s*[:=]\s*['\"]?[^'\"]+['\"]?"
+)
+
+ERRORS=0
+FILES_TO_CHECK=$(git diff --cached --name-only)
+
+for file in $FILES_TO_CHECK; do
+    # Skip if file doesn't exist or is binary
+    [ ! -f "$file" ] && continue
+
+    # Check each pattern
+    for pattern in "${PATTERNS[@]}"; do
+        if git diff --cached "$file" | grep -iE "$pattern" > /dev/null 2>&1; then
+            echo -e "${RED}ERROR: Potential secret detected in $file${NC}"
+            echo -e "${RED}Pattern: $pattern${NC}"
+            ERRORS=$((ERRORS + 1))
+        fi
+    done
+done
+
+if [ $ERRORS -gt 0 ]; then
+    echo ""
+    echo -e "${RED}❌ Pre-commit checks failed!${NC}"
+    echo -e "${RED}Please remove sensitive information before committing.${NC}"
+    echo ""
+    echo -e "${YELLOW}Note: You can bypass this check with --no-verify, but DON'T!${NC}"
+    exit 1
+fi
+
+echo -e "${GREEN}✅ Pre-commit checks passed${NC}"
+exit 0
+

.githooks/pre-push

@@ -0,0 +1,55 @@
+#!/bin/bash
+# Pre-push hook example
+# This will run automatically if core.hooksPath is set to .githooks
+# Users can still bypass with: git push --no-verify
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+
+echo -e "${YELLOW}Running pre-push checks...${NC}"
+
+# Check for common secret patterns
+PATTERNS=(
+    "password\s*[:=]\s*['\"]?[^'\"]+['\"]?"
+    "api[_-]?key\s*[:=]\s*['\"]?[^'\"]+['\"]?"
+    "secret\s*[:=]\s*['\"]?[^'\"]+['\"]?"
+    "token\s*[:=]\s*['\"]?[^'\"]+['\"]?"
+)
+
+ERRORS=0
+FILES_TO_CHECK=$(git diff --name-only origin/$(git rev-parse --abbrev-ref HEAD) 2>/dev/null || git diff --name-only HEAD@{upstream} 2>/dev/null || echo "")
+
+if [ -z "$FILES_TO_CHECK" ]; then
+    # If we can't determine upstream, check all staged files
+    FILES_TO_CHECK=$(git diff --cached --name-only)
+fi
+
+for file in $FILES_TO_CHECK; do
+    # Skip if file doesn't exist or is binary
+    [ ! -f "$file" ] && continue
+
+    # Check each pattern
+    for pattern in "${PATTERNS[@]}"; do
+        if git diff --cached "$file" 2>/dev/null | grep -iE "$pattern" > /dev/null 2>&1; then
+            echo -e "${RED}ERROR: Potential secret detected in $file${NC}"
+            echo -e "${RED}Pattern: $pattern${NC}"
+            ERRORS=$((ERRORS + 1))
+        fi
+    done
+done
+
+if [ $ERRORS -gt 0 ]; then
+    echo ""
+    echo -e "${RED}❌ Pre-push checks failed!${NC}"
+    echo -e "${RED}Please remove sensitive information before pushing.${NC}"
+    echo ""
+    echo -e "${YELLOW}Note: You can bypass this check with --no-verify, but DON'T!${NC}"
+    exit 1
+fi
+
+echo -e "${GREEN}✅ Pre-push checks passed${NC}"
+exit 0
+

.github/workflows/release.yml

@@ -1,35 +1,28 @@
-name: WLED Release CI
+name: Release
 
 on:
   push:
-    tags:
-      - '*'
+    branches:
+      - main
+      - dev
 
 jobs:
-
-  wled_build:
-    uses: ./.github/workflows/build.yml
-
   release:
-    name: Create Release
+    name: Semantic Release
     runs-on: ubuntu-latest
-    needs: wled_build
     steps:
-    - uses: actions/download-artifact@v4
-      with:
-        merge-multiple: true
-    - name: "✏️ Generate release changelog"
-      id: changelog
-      uses: janheinrichmerker/action-github-changelog-generator@v2.3
-      with:
-          token: ${{ secrets.GITHUB_TOKEN }} 
-          sinceTag: v0.15.0        
-    - name: Create draft release
-      uses: softprops/action-gh-release@v1
-      with:
-        body: ${{ steps.changelog.outputs.changelog }}
-        draft: True
-        files: |
-          *.bin
-          *.bin.gz
+      - name: Checkout repo
+        uses: actions/checkout@v4
 
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 18
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run semantic-release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: npx semantic-release

.gitignore

@@ -1,25 +1,20 @@
-.cache
-.clang-format
-.direnv
-.DS_Store
-.idea
-.pio
-.pioenvs
-.piolibdeps
-.vscode
+# Build outputs
+.pio/
+.pioenvs/
+.piolibdeps/
+
+# IDE files
+.vscode/
+.idea/
 
-esp01-update.sh
-platformio_override.ini
-replace_fs.py
-wled-update.sh
+# OS files
+.DS_Store
+Thumbs.db
 
-/build_output/
-/node_modules/
-/logs/
+# Temporary files
+*.tmp
+*.log
 
-/wled00/extLibs
-/wled00/LittleFS
-/wled00/my_config.h
-/wled00/Release
-/wled00/wled00.ino.cpp
-/wled00/html_*.h
+# Keep legacy folder clean but don't ignore it
+!legacy/
+!legacy/**