Skip to content

fix #28 - feat: Create a pre-commit hook to force signed commits#29

Merged
ricardozanini merged 1 commit into
serverlessworkflow:mainfrom
fantonangeli:issue-28-feat-Create-a-pre-commit-hook-to-force-signed-commits
Mar 12, 2026
Merged

fix #28 - feat: Create a pre-commit hook to force signed commits#29
ricardozanini merged 1 commit into
serverlessworkflow:mainfrom
fantonangeli:issue-28-feat-Create-a-pre-commit-hook-to-force-signed-commits

Conversation

@fantonangeli
Copy link
Copy Markdown
Member

@fantonangeli fantonangeli commented Mar 10, 2026

Closes #28

Description

Create a pre-commit hook to check if the commit is correctly signed, and if not, reject the local commit with a clear message.

Motivation

Developers can forget to sign their commits, or a new contributor may not be aware of this mandatory setting.
When we create a PR with a non-signed commit, the DCO CI will fail, and we need to rebase all the commits, resign them and force-push, which is a bit time-consuming.

Proposed Implementation

Create a pre-commit hook to check the current commit when git commit ... is executed

Definition of Done

  • Implementation: Fully implemented according to the Serverless Workflow spec.
  • Unit Tests: Comprehensive unit tests are included and passing.
  • Integration Tests: Verified within the monorepo and target environments (Web/VS Code).
  • Documentation: Updated README.md, ADRs, or official docs.
  • Performance: No significant regression in editor responsiveness.
  • Accessibility: UI changes comply with accessibility standards.

Steps to test:

  • Create a file
  • run:
git add .
git commit -m "test"
  • The commit is rejected with a clear message

@fantonangeli
package.json and Hook creation
007ab06 
Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
Copilot AI reviewed Mar 10, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses issue #28 by introducing an automated Git commit-msg hook (via Husky) that rejects commits locally if they are missing a DCO Signed-off-by: line. This prevents the common workflow pain point of pushing unsigned commits and having the CI DCO check fail, requiring an interactive rebase.

Changes:

  • Adds husky as a dev dependency with a prepare script to auto-install hooks on npm install.
  • Creates .husky/commit-msg hook that validates the presence of a Signed-off-by: Name <email> line in every commit message.
  • Adds package-lock.json capturing the resolved husky@9.1.7 dependency.

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated 3 comments.

File Description
package.json Adds husky ^9.1.7 devDependency and prepare: husky script to auto-install hooks
package-lock.json Lock file entry for resolved husky@9.1.7
.husky/commit-msg New Git commit-msg hook that enforces DCO sign-off via a Signed-off-by: regex check

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

Comment thread .husky/commit-msg
Comment thread .husky/commit-msg
Comment thread package.json
fantonangeli
fantonangeli commented Mar 10, 2026
View reviewed changes
Comment thread package.json
Copy link
Copy Markdown
Member Author

@fantonangeli fantonangeli Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: I needed to create an initial package.json configuration to install and setup husky to execute the hook.
I created it in a simple way that let us merge easily when we have the real editor in this repo

@fantonangeli fantonangeli requested a review from Copilot March 10, 2026 17:01
Copilot AI reviewed Mar 10, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 3 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

lornakelly
lornakelly approved these changes Mar 12, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@lornakelly lornakelly left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ricardozanini ricardozanini merged commit 468b1ad into serverlessworkflow:main Mar 12, 2026
8 of 10 checks passed
@fantonangeli fantonangeli deleted the issue-28-feat-Create-a-pre-commit-hook-to-force-signed-commits branch April 1, 2026 12:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@ricardozanini ricardozanini ricardozanini approved these changes

@handreyrc handreyrc Awaiting requested review from handreyrc

+1 more reviewer

@lornakelly lornakelly lornakelly approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat: Create a pre-commit hook to force signed commits

4 participants

@fantonangeli @ricardozanini @lornakelly