mirror of
https://github.com/SuperClaude-Org/SuperClaude_Framework.git
synced 2025-12-29 16:16:08 +00:00
chore: add PR template and pre-commit config
- Add structured PR template with Git workflow checklist - Add pre-commit hooks for secret detection and Conventional Commits - Enforce code quality gates (YAML/JSON/Markdown lint, shellcheck) NOTE: Execute pre-commit inside Docker container to avoid host pollution: docker compose exec workspace uv tool install pre-commit docker compose exec workspace pre-commit run --all-files 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
kazuki
52
.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
52
.github/PULL_REQUEST_TEMPLATE.md
vendored
Normal file
@@ -0,0 +1,52 @@
|
|||||||
|
# Pull Request
|
||||||
|
|
||||||
|
## 概要
|
||||||
|
|
||||||
|
<!-- このPRの目的を簡潔に説明 -->
|
||||||
|
|
||||||
|
## 変更内容
|
||||||
|
|
||||||
|
<!-- 主な変更点をリストアップ -->
|
||||||
|
-
|
||||||
|
|
||||||
|
## 関連Issue
|
||||||
|
|
||||||
|
<!-- 関連するIssue番号があれば記載 -->
|
||||||
|
Closes #
|
||||||
|
|
||||||
|
## チェックリスト
|
||||||
|
|
||||||
|
### Git Workflow
|
||||||
|
- [ ] 外部貢献の場合: Fork → topic branch → upstream PR の流れに従った
|
||||||
|
- [ ] コラボレーターの場合: topic branch使用(main直コミットしていない)
|
||||||
|
- [ ] `git rebase upstream/main` 済み(コンフリクトなし)
|
||||||
|
- [ ] コミットメッセージは Conventional Commits に準拠(`feat:`, `fix:`, `docs:` など)
|
||||||
|
|
||||||
|
### Code Quality
|
||||||
|
- [ ] 変更は1目的に限定(巨大PRでない、目安: ~200行差分以内)
|
||||||
|
- [ ] 既存のコード規約・パターンに従っている
|
||||||
|
- [ ] 新機能/修正には適切なテストを追加
|
||||||
|
- [ ] Lint/Format/Typecheck すべてパス
|
||||||
|
- [ ] CI/CD パイプライン成功(グリーン状態)
|
||||||
|
|
||||||
|
### Security
|
||||||
|
- [ ] シークレット・認証情報をコミットしていない
|
||||||
|
- [ ] `.gitignore` で必要なファイルを除外済み
|
||||||
|
- [ ] 破壊的変更なし/ある場合は `!` 付きコミット + MIGRATION.md 記載
|
||||||
|
|
||||||
|
### Documentation
|
||||||
|
- [ ] 必要に応じてドキュメントを更新(README, CLAUDE.md, docs/など)
|
||||||
|
- [ ] 複雑なロジックにコメント追加
|
||||||
|
- [ ] APIの変更がある場合は適切に文書化
|
||||||
|
|
||||||
|
## テスト方法
|
||||||
|
|
||||||
|
<!-- このPRの動作確認方法 -->
|
||||||
|
|
||||||
|
## スクリーンショット(該当する場合)
|
||||||
|
|
||||||
|
<!-- UIの変更がある場合はスクリーンショットを添付 -->
|
||||||
|
|
||||||
|
## 備考
|
||||||
|
|
||||||
|
<!-- レビュワーに伝えたいこと、技術的な判断の背景など -->
|
||||||
93
.pre-commit-config.yaml
Normal file
93
.pre-commit-config.yaml
Normal file
@@ -0,0 +1,93 @@
|
|||||||
|
# SuperClaude Framework - Pre-commit Hooks
|
||||||
|
# See https://pre-commit.com for more information
|
||||||
|
|
||||||
|
repos:
|
||||||
|
# Basic file checks
|
||||||
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||||
|
rev: v4.5.0
|
||||||
|
hooks:
|
||||||
|
- id: trailing-whitespace
|
||||||
|
exclude: '\.md$'
|
||||||
|
- id: end-of-file-fixer
|
||||||
|
- id: check-yaml
|
||||||
|
args: ['--unsafe'] # Allow custom YAML tags
|
||||||
|
- id: check-json
|
||||||
|
- id: check-toml
|
||||||
|
- id: check-added-large-files
|
||||||
|
args: ['--maxkb=1000']
|
||||||
|
- id: check-merge-conflict
|
||||||
|
- id: check-case-conflict
|
||||||
|
- id: mixed-line-ending
|
||||||
|
args: ['--fix=lf']
|
||||||
|
|
||||||
|
# Secret detection (critical for security)
|
||||||
|
- repo: https://github.com/Yelp/detect-secrets
|
||||||
|
rev: v1.4.0
|
||||||
|
hooks:
|
||||||
|
- id: detect-secrets
|
||||||
|
args:
|
||||||
|
- '--baseline'
|
||||||
|
- '.secrets.baseline'
|
||||||
|
exclude: |
|
||||||
|
(?x)^(
|
||||||
|
.*\.lock$|
|
||||||
|
.*package-lock\.json$|
|
||||||
|
.*pnpm-lock\.yaml$|
|
||||||
|
.*\.min\.js$|
|
||||||
|
.*\.min\.css$
|
||||||
|
)$
|
||||||
|
|
||||||
|
# Additional secret patterns (from CLAUDE.md)
|
||||||
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||||
|
rev: v4.5.0
|
||||||
|
hooks:
|
||||||
|
- id: detect-private-key
|
||||||
|
- id: check-yaml
|
||||||
|
name: Check for hardcoded secrets
|
||||||
|
entry: |
|
||||||
|
bash -c '
|
||||||
|
if grep -rE "(sk_live_[a-zA-Z0-9]{24,}|pk_live_[a-zA-Z0-9]{24,}|sk_test_[a-zA-Z0-9]{24,}|pk_test_[a-zA-Z0-9]{24,}|SUPABASE_SERVICE_ROLE_KEY\s*=\s*['\''\"']eyJ|SUPABASE_ANON_KEY\s*=\s*['\''\"']eyJ|NEXT_PUBLIC_SUPABASE_ANON_KEY\s*=\s*['\''\"']eyJ|OPENAI_API_KEY\s*=\s*['\''\"']sk-|TWILIO_AUTH_TOKEN\s*=\s*['\''\"'][a-f0-9]{32}|INFISICAL_TOKEN\s*=\s*['\''\"']st\.|DATABASE_URL\s*=\s*['\''\"']postgres.*@.*:.*/.*(password|passwd))" "$@" 2>/dev/null; then
|
||||||
|
echo "🚨 BLOCKED: Hardcoded secrets detected!"
|
||||||
|
echo "Replace with placeholders: your_token_here, \${VAR_NAME}, etc."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
'
|
||||||
|
|
||||||
|
# Conventional Commits validation
|
||||||
|
- repo: https://github.com/compilerla/conventional-pre-commit
|
||||||
|
rev: v3.0.0
|
||||||
|
hooks:
|
||||||
|
- id: conventional-pre-commit
|
||||||
|
stages: [commit-msg]
|
||||||
|
args: []
|
||||||
|
|
||||||
|
# Markdown linting
|
||||||
|
- repo: https://github.com/igorshubovych/markdownlint-cli
|
||||||
|
rev: v0.38.0
|
||||||
|
hooks:
|
||||||
|
- id: markdownlint
|
||||||
|
args: ['--fix']
|
||||||
|
exclude: |
|
||||||
|
(?x)^(
|
||||||
|
CHANGELOG\.md|
|
||||||
|
.*node_modules.*|
|
||||||
|
.*\.min\.md$
|
||||||
|
)$
|
||||||
|
|
||||||
|
# YAML linting
|
||||||
|
- repo: https://github.com/adrienverge/yamllint
|
||||||
|
rev: v1.33.0
|
||||||
|
hooks:
|
||||||
|
- id: yamllint
|
||||||
|
args: ['-d', '{extends: default, rules: {line-length: {max: 120}, document-start: disable}}']
|
||||||
|
|
||||||
|
# Shell script linting
|
||||||
|
- repo: https://github.com/shellcheck-py/shellcheck-py
|
||||||
|
rev: v0.9.0.6
|
||||||
|
hooks:
|
||||||
|
- id: shellcheck
|
||||||
|
args: ['--severity=warning']
|
||||||
|
|
||||||
|
# Global settings
|
||||||
|
default_stages: [commit]
|
||||||
|
fail_fast: false
|
||||||
Reference in New Issue
Block a user