rob
/
CascadingDev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
CascadingDev/assets/hooks/pre-commit

91 lines
2.8 KiB
Bash
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/env bash
# Safety settings: exit on errors, treat unset variables as errors, and catch pipeline failures
set -euo pipefail
# Find and navigate to the git repo root (or current dir if not in a repo) so file paths work correctly regardless of where the commit command is run
ROOT="$(git rev-parse --show-toplevel 2>/dev/null || echo ".")"
cd "$ROOT"
# -------- collect staged files ----------
# Get list of staged added/modified files into STAGED array, exit early if none found
mapfile -t STAGED < <(git diff --cached --name-only --diff-filter=AM || true)
[ "${#STAGED[@]}" -eq 0 ] && exit 0
# -------- tiny secret scan (fast, regex only) ----------
# Abort commit if staged changes contain potential secrets (api keys, tokens, etc.) matching common patterns
DIFF="$(git diff --cached)"
if echo "$DIFF" | grep -Eqi '(api[_-]?key|secret|access[_-]?token|private[_-]?key)[:=]\s*[A-Za-z0-9_\-]{12,}'; then
echo >&2 "[pre-commit] Possible secret detected in staged changes."
echo >&2 " If false positive, commit with --no-verify and add an allowlist later."
exit 11
fi
# -------- ensure discussion summaries exist (companion files) ----------
# Create and auto-stage a summary template file for any discussion file that doesn't already have one
ensure_summary() {
local disc="$1"
local dir; dir="$(dirname "$disc")"
local sum="$dir/$(basename "$disc" .md).sum.md"
if [ ! -f "$sum" ]; then
cat > "$sum" <<'EOF'
# Summary — <Stage Title>
<!-- SUMMARY:DECISIONS START -->
## Decisions (ADR-style)
- (none yet)
<!-- SUMMARY:DECISIONS END -->
<!-- SUMMARY:OPEN_QUESTIONS START -->
## Open Questions
- (none yet)
<!-- SUMMARY:OPEN_QUESTIONS END -->
<!-- SUMMARY:AWAITING START -->
## Awaiting Replies
- (none yet)
<!-- SUMMARY:AWAITING END -->
<!-- SUMMARY:ACTION_ITEMS START -->
## Action Items
- (none yet)
<!-- SUMMARY:ACTION_ITEMS END -->
<!-- SUMMARY:VOTES START -->
## Votes (latest per participant)
READY: 0 • CHANGES: 0 • REJECT: 0
- (no votes yet)
<!-- SUMMARY:VOTES END -->
<!-- SUMMARY:TIMELINE START -->
## Timeline (most recent first)
- <YYYY-MM-DD HH:MM> <name>: <one-liner>
<!-- SUMMARY:TIMELINE END -->
<!-- SUMMARY:LINKS START -->
## Links
- Related PRs:
- Commits:
- Design/Plan: ../design/design.md
<!-- SUMMARY:LINKS END -->
EOF
git add "$sum"
fi
}
# Process each staged discussion file and ensure it has a summary
for f in "${STAGED[@]}"; do
case "$f" in
Docs/features/*/discussions/*.discussion.md) ensure_summary "$f";;
esac
done
# -------- orchestration (non-blocking status) ----------
# NOTE: automation/workflow.py provides non-blocking vote status reporting.
# It parses VOTE: lines from staged discussion files and prints a summary.
# Run workflow status check if available, but don't block commit if it fails.
if [ -x "automation/workflow.py" ]; then
python3 automation/workflow.py --status || true
fi
exit 0
Reference in New Issue View Git Blame Copy Permalink