Skip to content

pre-commit.md

Latest commit

 

History

History
143 lines (92 loc) · 2.95 KB

pre-commit.md

File metadata and controls

143 lines (92 loc) · 2.95 KB
Raw

Pre-commit

pre-commit manages automated checks that run before a Git commit is created.

It helps detect problems early and keeps repository checks consistent across development environments.

The tool is installed through Homebrew and declared in the project Brewfile.

Installation

It is part of the curated Homebrew environment; see Homebrew setup to install everything at once.

Verify the installation:

pre-commit --version

Repository configuration

The hooks used by this repository are declared in:

.pre-commit-config.yaml

Install the Git hooks locally after cloning the repository:

pre-commit install

The configuration declares default_install_hook_types, so a plain pre-commit install wires up both hook types at once:

.git/hooks/pre-commit     # quality checks (shellcheck, gitleaks, …)
.git/hooks/commit-msg     # commit-msg-lint (gitmoji + Conventional Commits)

The generated Git hooks are local to the repository and are not committed.

Running the checks

Run the hooks against staged files:

pre-commit run

Run all hooks against every tracked file:

pre-commit run --all-files

pre-commit hooks passing locally

Validate the configuration file:

pre-commit validate-config

Update hook revisions:

pre-commit autoupdate

Any revision update must be reviewed and tested before being committed.

Gitleaks

Gitleaks is enabled as the first repository hook.

It scans committed content for secrets such as:

  • API keys;
  • access tokens;
  • passwords;
  • private credentials.

Run only the Gitleaks hook:

pre-commit run gitleaks --all-files

Gitleaks is an additional safety layer. Secrets must still never be deliberately added to the repository.

Additional hooks

Beyond the built-in hooks, the configuration runs ShellCheck (shell scripts), markdownlint-cli2 (Markdown), lychee (link checking), editorconfig-checker, and Actionlint (GitHub Actions workflows). Gitleaks runs as a secret scanner.

On the commit-msg stage, the scripts/lint-commit-msg.sh shell linter validates the commit message against the gitmoji + Conventional Commits format (see docs/git/gitmoji.md).

Hadolint (Dockerfiles) is intentionally not enabled yet: the repository has no Dockerfiles for it to validate. Hooks are only added once relevant files exist.

Troubleshooting

Reinstall the local Git hook:

pre-commit uninstall
pre-commit install

Clear cached hook environments:

pre-commit clean

Run hooks with verbose output:

pre-commit run --all-files --verbose

Rollback

Remove the local Git hook:

pre-commit uninstall

Restore the committed configuration if needed:

git restore .pre-commit-config.yaml

← Docs index · Project README