Skip to content

chore(commitlint): add commit-msg hook and workflow validation#143

Open
DurgaPrasad-54 wants to merge 2 commits intoPSMRI:mainfrom
DurgaPrasad-54:feat/commitlint-setup
Open

chore(commitlint): add commit-msg hook and workflow validation#143
DurgaPrasad-54 wants to merge 2 commits intoPSMRI:mainfrom
DurgaPrasad-54:feat/commitlint-setup

Conversation

@DurgaPrasad-54
Copy link
Contributor

@DurgaPrasad-54 DurgaPrasad-54 commented Mar 7, 2026
edited by coderabbitai bot
Loading

📋 Description

JIRA ID:

Add the commit message validation setup by defining the commit rules directly in commitlint.config.js instead of extending @commitlint/config-conventional.

✅ Type of Change

  • 🐞 Bug fix (non-breaking change which resolves an issue)
  • New feature (non-breaking change which adds functionality)
  • 🔥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • 🛠 Refactor (change that is neither a fix nor a new feature)
  • ⚙️ Config change (configuration file or build script updates)
  • 📚 Documentation (updates to docs or readme)
  • 🧪 Tests (adding new or updating existing tests)
  • 🎨 UI/UX (changes that affect the user interface)
  • 🚀 Performance (improves performance)
  • 🧹 Chore (miscellaneous changes that don't modify src or test files)

Summary by CodeRabbit

  • Documentation

    • Simplified project setup instructions and streamlined onboarding steps.

  • Chores

    • Reorganized git hook workflow for commit message validation.
    • Enhanced CI checks to validate commit messages across pull requests and updated runtime configuration.
    • Removed the local package manifest and simplified commitlint configuration.

@coderabbitai
Copy link

coderabbitai bot commented Mar 7, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1257ac38-d446-44c7-a760-e3002877d214

📥 Commits

Reviewing files that changed from the base of the PR and between e3d6649 and 313829c.

📒 Files selected for processing (1)
  • .git-hooks/commit-msg
🚧 Files skipped from review as they are similar to previous changes (1)
  • .git-hooks/commit-msg
📝 Walkthrough

Walkthrough

Migrates commit validation from Husky to a custom .git-hooks/commit-msg script using Commitlint, deletes package.json, removes Husky hook, updates GitHub Actions workflow to Node.js 20 with per-commit validation logic, and simplifies README setup instructions.

Changes

Cohort / File(s) Summary
Git hooks
\.git-hooks/commit-msg, \.husky/commit-msg		 Adds a POSIX .git-hooks/commit-msg that runs npx @commitlint/cli@20.4.3 --edit "$1"; removes the Husky commit-msg hook.
CI workflow
\.github/workflows/commitlint.yml		 Renames job to commit-check, upgrades Node to v20, removes npm ci, and replaces single-step lint with a script that iterates PR commits (excluding merges), writes each message to a temp file, runs commitlint against it, and cleans up.
Commitlint config
commitlint.config.js		 Removes extends: ["@commitlint/config-conventional"]; retains explicit rules (minor formatting adjustments).
Project manifest & docs
package.json, README.md		 Deletes package.json; README setup steps simplified to instruct setting core.hooksPath .git-hooks and removal of prior Node/npm/dependency/hook verification instructions.

Sequence Diagram(s)

sequenceDiagram
  participant Dev as Developer (local)
  participant Git as Git
  participant Hook as .git-hooks/commit-msg
  participant CL as Commitlint (npx)

  Dev->>Git: git commit
  Git->>Hook: invoke commit-msg hook with $1
  Hook->>CL: npx --yes `@commitlint/cli`@20.4.3 --edit "$1"
  CL-->>Hook: exit status
  Hook-->>Git: allow/deny commit
  Git-->>Dev: success or abort
Loading 
sequenceDiagram
  participant PR as Pull Request (GitHub)
  participant Actions as GitHub Actions (commit-check)
  participant Repo as Repository (commits)
  participant CL as Commitlint (npx)

  PR->>Actions: trigger workflow
  Actions->>Repo: fetch commits between base..head
  loop for each non-merge commit
    Actions->>Actions: write commit message to temp file
    Actions->>CL: npx --yes `@commitlint/cli`@20.4.3 --config ... --edit temp_file
    CL-->>Actions: result
    Actions->>Actions: delete temp file
  end
  Actions-->>PR: pass/fail status
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 I hopped from Husky to a simpler nook,
A tiny hook now guards each commit's look,
CI reads each message, one by one,
Node twenty hums — the checks are done,
A carrot for tidy history, neatly shook 🥕

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The PR title accurately describes the main changes: adding a commit-msg hook and workflow validation for commitlint configuration.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Mar 7, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🧹 Nitpick comments (2)
.github/workflows/commitlint.yml (1)

23-24: Handle case when PR has no commits in the range.

If github.event.pull_request.base.sha equals head.sha or the range is invalid (e.g., force-push scenarios), $commits may be empty. With an empty variable, the for loop is skipped silently, which is acceptable, but git log could fail with an error if the base SHA is unavailable (e.g., shallow clone edge cases despite fetch-depth: 0).

Consider adding a guard:

🛡️ Optional: add a commits check 
         commits=$(git log --no-merges --pretty=format:"%H" "${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }}")
+        if [ -z "$commits" ]; then
+          echo "No commits to validate"
+          exit 0
+        fi
         for sha in $commits; do
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/commitlint.yml around lines 23 - 24, The script currently
runs git log into the commits variable and then iterates with for sha in
$commits, but git log can fail or produce an empty string when the PR range is
invalid or base/head SHAs are unavailable; add a guard around the git log and
the for loop: first validate the PR SHAs (github.event.pull_request.base.sha and
head.sha) and/or protect the git log call (e.g., test git rev-parse for the base
SHA or capture git log exit status) and if git log fails or returns empty set
commits to an empty value, then check if commits is non-empty before entering
the for sha in $commits loop so the script handles shallow/invalid-range cases
gracefully.
README.md (1)

47-49: Consider updating Node.js version requirement.

The prerequisites list Node.js v14, but v14 reached end-of-life in April 2023. The CI workflow uses Node.js 20. Consider updating the minimum version to align with the CI environment and current LTS versions.

📝 Suggested update 
 ### Prerequisites
-- Node.js (v14 or later)
+- Node.js (v20 or later recommended)
 - npm (comes with Node.js)
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@README.md` around lines 47 - 49, Update the "Prerequisites" section in
README.md where it currently lists "Node.js (v14 or later)" to a modern minimum
that matches CI and current LTS (e.g. "Node.js (v18 or later)" or "Node.js (v20
or later)"); change the bullet "Node.js (v14 or later)" to the chosen newer
minimum and optionally note the CI uses Node.js 20 to keep docs aligned with the
workflow.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.git-hooks/commit-msg:
- Around line 1-4: The commit-msg hook script contains a valid shell shebang but
lacks the executable bit, so make the hook executable (e.g., run chmod +x on the
commit-msg hook file) so Git can invoke the script that runs the npx --yes
`@commitlint/cli`@20.4.3 --edit "$1" command; ensure the file retains the
#!/bin/sh shebang and execute permission.

In @.github/workflows/commitlint.yml:
- Around line 22-29: The temp file may remain if commitlint fails because the
script exits before rm "$tmp"; add a cleanup function and trap to always remove
the temp file: define a cleanup() that tests [ -n "$tmp" ] && rm -f "$tmp" and
register it with trap 'cleanup INT TERM EXIT' before creating tmp (or at top of
the loop), then proceed to create tmp, run npx --yes `@commitlint/cli`@20.4.3
--edit "$tmp", and after successful removal unset tmp (tmp=) so the trap won’t
try to delete an already-removed file; reference variables/commands commits,
tmp, npx --yes `@commitlint/cli`@20.4.3 --edit and the for sha loop when making
the change.

---

Nitpick comments:
In @.github/workflows/commitlint.yml:
- Around line 23-24: The script currently runs git log into the commits variable
and then iterates with for sha in $commits, but git log can fail or produce an
empty string when the PR range is invalid or base/head SHAs are unavailable; add
a guard around the git log and the for loop: first validate the PR SHAs
(github.event.pull_request.base.sha and head.sha) and/or protect the git log
call (e.g., test git rev-parse for the base SHA or capture git log exit status)
and if git log fails or returns empty set commits to an empty value, then check
if commits is non-empty before entering the for sha in $commits loop so the
script handles shallow/invalid-range cases gracefully.

In `@README.md`:
- Around line 47-49: Update the "Prerequisites" section in README.md where it
currently lists "Node.js (v14 or later)" to a modern minimum that matches CI and
current LTS (e.g. "Node.js (v18 or later)" or "Node.js (v20 or later)"); change
the bullet "Node.js (v14 or later)" to the chosen newer minimum and optionally
note the CI uses Node.js 20 to keep docs aligned with the workflow.
ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 4ff6e00e-ebac-4c22-8c00-938d9ecc6888

📥 Commits

Reviewing files that changed from the base of the PR and between 2ed618d and e3d6649.

⛔ Files ignored due to path filters (1)
  • package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (6)
  • .git-hooks/commit-msg
  • .github/workflows/commitlint.yml
  • .husky/commit-msg
  • README.md
  • commitlint.config.js
  • package.json
💤 Files with no reviewable changes (2)
  • .husky/commit-msg
  • package.json

@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 7, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@DurgaPrasad-54