Conversation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move commit-msg and pre-push hooks from lefthook.yml into prek.toml as local shell hooks. Build prek from source in flake.nix instead of using nixpkgs. Remove lefthook from dev shell.
Add GitHub Actions workflow using Determinate Nix to run prek checks on push/PR. Document nix develop commands in README.md and AGENTS.md.
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 490e726df8
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| { id = "capitalized-subject", name = "Capitalized subject", language = "system", entry = "sh -c 'head -1 \"$1\" | grep -q \"^[A-Z]\" || { echo \"Commit subject must start with a capital letter\"; exit 1; }' --", stages = ["commit-msg"] }, | ||
| { id = "subject-max-length", name = "Subject max 50 chars", language = "system", entry = "sh -c 'len=$(head -1 \"$1\" | wc -m); [ \"$len\" -le 51 ] || { echo \"Commit subject too long ($len chars, max 50)\"; exit 1; }' --", stages = ["commit-msg"] }, | ||
| { id = "body-max-length", name = "Body lines max 72 chars", language = "system", entry = "sh -c 'grep -v \"^#\" \"$1\" | tail -n +3 | awk \"length > 72 { print NR\\\": \\\"\\$0; found=1 } END { if (found) { print \\\"Body lines must be 72 chars or less\\\"; exit 1 } }\"' --", stages = ["commit-msg"] }, | ||
| { id = "no-trailing-period", name = "No trailing period", language = "system", entry = "sh -c 'head -1 \"$1\" | grep -q \"\\\\.$\" && { echo \"Commit subject must not end with a period\"; exit 1; } || true' --", stages = ["commit-msg"] }, |
There was a problem hiding this comment.
The no-trailing-period commit-msg hook always exits successfully because the command ends with || true, which overrides the exit 1 in the failure branch; as a result, subjects that end in . are accepted even though this hook claims to enforce the opposite. This silently disables one of the new policy checks for every local commit.
Useful? React with 👍 / 👎.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Auto-fixed by prek builtin hooks (trailing-whitespace, end-of-file-fixer). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: a741d981c6
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| - uses: DeterminateSystems/nix-installer-action@main | ||
| - uses: DeterminateSystems/magic-nix-cache-action@main | ||
| - name: Run prek checks | ||
| run: nix develop --command prek run --all-files |
There was a problem hiding this comment.
In .github/workflows/prek.yml, the prek job runs nix develop, but this repository’s flake uses a private SSH input (prompts from ssh://git@github.com/fuww/prompts.git in flake.nix), and this workflow does not configure any SSH key/agent before invoking Nix. On a standard GitHub-hosted runner this causes flake input fetch to fail, so the new check workflow will fail before running any hooks.
Useful? React with 👍 / 👎.
| { id = "body-max-length", name = "Body lines max 72 chars", language = "system", entry = "sh -c 'grep -v \"^#\" \"$1\" | tail -n +3 | awk \"length > 72 { print NR\\\": \\\"\\$0; found=1 } END { if (found) { print \\\"Body lines must be 72 chars or less\\\"; exit 1 } }\"' --", stages = ["commit-msg"] }, | ||
| { id = "no-trailing-period", name = "No trailing period", language = "system", entry = "sh -c 'head -1 \"$1\" | grep -q \"\\\\.$\" && { echo \"Commit subject must not end with a period\"; exit 1; } || true' --", stages = ["commit-msg"] }, | ||
| { id = "github-issue-ref", name = "GitHub issue reference", language = "system", entry = "sh -c 'head -1 \"$1\" | grep -q \"#[0-9]\" || { echo \"Commit subject must reference a GitHub issue (e.g. #123)\"; exit 1; }' --", stages = ["commit-msg"] }, | ||
| { id = "max-message-length", name = "Max 500 chars total", language = "system", entry = "sh -c 'chars=$(wc -c < \"$1\"); [ \"$chars\" -le 500 ] || { echo \"Commit message too long ($chars chars, max 500)\"; exit 1; }' --", stages = ["commit-msg"] }, |
There was a problem hiding this comment.
The max-message-length commit-msg hook counts raw bytes with wc -c < "$1", which includes Git’s commented template/status lines when users compose commits in an editor. That means short commit messages can be rejected simply because many files are staged (the comment block gets large), so this rule enforces repository state size rather than actual message length.
Useful? React with 👍 / 👎.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 7f772d5bf0
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| { id = "no-trailing-period", name = "No trailing period", language = "system", entry = "sh -c 'head -1 \"$1\" | grep -q \"\\\\.$\" && { echo \"Commit subject must not end with a period\"; exit 1; } || true' --", stages = ["commit-msg"] }, | ||
| { id = "github-issue-ref", name = "GitHub issue reference", language = "system", entry = "sh -c 'head -1 \"$1\" | grep -q \"#[0-9]\" || { echo \"Commit subject must reference a GitHub issue (e.g. #123)\"; exit 1; }' --", stages = ["commit-msg"] }, | ||
| { id = "max-message-length", name = "Max 500 chars total", language = "system", entry = "sh -c 'chars=$(wc -c < \"$1\"); [ \"$chars\" -le 500 ] || { echo \"Commit message too long ($chars chars, max 500)\"; exit 1; }' --", stages = ["commit-msg"] }, | ||
| { id = "no-branch-push", name = "No push to main/master", language = "system", entry = "sh -c 'branch=$(git symbolic-ref --short HEAD 2>/dev/null); case \"$branch\" in main|master|development) echo \"Direct push to $branch is not allowed\"; exit 1;; esac' --", stages = ["pre-push"] }, |
There was a problem hiding this comment.
The no-branch-push check only inspects git symbolic-ref --short HEAD, so it blocks pushes based on the current local branch name rather than the branch being updated on the remote. In practice, a developer on feature/* can still push directly to main (for example with git push origin HEAD:main) because the hook never reads the pre-push ref updates from stdin. This leaves the new direct-push protection unenforced in a common push path.
Useful? React with 👍 / 👎.
1 participant
Summary
prekto nix dev shell packagesprek installto shellHook to set up git hooks onnix develop🤖 Generated with Claude Code