Git hook Policy

Git hook Policy

Code QualityNetspective Unified Process
 


All the Software developers working on behalf of Netspective Communications LLC across all the projects must have Githooks scripts that are executed by Git before or after certain Git events, such as committing or merging code.

Controls

All are required to adhere to the formatting githooks tool that aligns with their development or runtime technology listed below.

Runtime LanguageFormatting ToolRemarks
Node.jsHuskyThe same can be used for Node.js, TypeScript, React, Angular, Astro Projects
Pythonpre-commitpre-commit as a git hooks tool for Python Projects

Node.js

  • All Node.js projects must use Husky to manage Git hooks. [FII-CQI-006-GHP-01]

  • Ensure to execute the below command in the CLI to install husky. [FII-CQI-006-GHP-02]

    npm install --save-dev husky

  • Ensure to execute the below command in the CLI to configure husky and creating .husky folder in project root folder. [FII-CQI-006-GHP-03]

    npx husky install

  • The following Git hooks must be configured for all Node.js projects:

    • pre-commit: to run linting and automated tests before code is committed.
    • commit-msg: to run commit message linting and validating commit message before commit.

  • Ensure to setup lint-staged to the project for linting staged changes only as the pre-commit hook. [FII-CQI-006-GHP-04]

    • Ensure to execute the following command for installing lint-staged. [FII-CQI-006-GHP-04.01]

      npm install --save-dev lint-staged

    • Ensure to add the below provided content to package.json to lint-staged the project using the ‘npm run lint-staged’ command. [FII-CQI-006-GHP-04.02]

      "scripts": {
  "lint-staged": "eslint \"src/**/*.{js,jsx,ts,tsx,astro,md}\" --quiet --fix && prettier \"src/**/*.{cjs,js,jsx,ts,tsx}\" --write",
},

    • Ensure to add the below provided content to package.json to add command need to be execute when npx lint-staged is executed. [FII-CQI-006-GHP-04.03]

      ...
"scripts": {...},
"lint-staged": {
    "src/**/*.{js,jsx,ts,tsx}": [
        "eslint --quiet --fix",
        "prettier --write"
    ]
},
...

  • Ensure to setup commitlint to the project for linting commit message as the commit-msg hook. [FII-CQI-006-GHP-05]

    • Ensure to execute the following command for installing commitlint. [FII-CQI-006-GHP-05.01]

      npm install @commitlint/cli @commitlint/config-conventional --save-dev

    • Ensure to add and modify the configuration file .commitlintrc.cjs and ensure rules must matches the following configuration. [FII-CQI-006-GHP-05.02]

      module.exports = {
  extends: ["@commitlint/config-conventional"],
  parserPreset: {
    parserOpts: {
      issuePrefixes: ["#"],
    },
  },
  rules: {
    "references-empty": [2, "never"],
  },
};

  • Ensure to execute the husky add command for adding hooks. [FII-CQI-006-GHP-06]

    • Ensure to execute the following command to add a pre-commit hook. [FII-CQI-006-GHP-06.01]

      npx husky add .husky/pre-commit "npx lint-staged || exit 1"

    • Ensure to execute the following command to add a commit-msg hook. [FII-CQI-006-GHP-06.01]

      npx husky add .husky/commit-msg "npx commitlint --edit"

Evidence

  1. A quality resource will run a JQ query on each developer’s CLI every week to ensure that all of the queries return a true result.

Node.js

[FII-CQI-006-GHP-02] Execute the below command in a CLI to check whether husky is installed.

duckdb -s  "(SELECT devDependencies.husky FROM read_json_auto('package.json'));"

[FII-CQI-006-GHP-03] Execute the below command in a CLI to check whether husky is enabled and configured as git hooks.

duckdb -s "SELECT '$(git config core.hookspath)' as 'Husky Enabled?' ;"
  • if the command print .husky in the terminal, It means husky is enabled and configured.

[FII-CQI-006-GHP-04]

  • [FII-CQI-006-GHP-04.01] Execute the below command in a CLI to check whether lint-staged is installed.
duckdb -s  "(SELECT devDependencies.lint-staged FROM read_json_auto('package.json'));"
  • [FII-CQI-006-GHP-04.02] Execute the below duckdb query in a CLI to verify package.json contains lint-staged command in scripts.
 duckdb -s  "(SELECT scripts['lint-staged'] as 'lint-staged' FROM read_json_auto('package.json'));"
  • make sure the output is eslint \"src/**/*.{js,jsx,ts,tsx,astro,md}\" --quiet --fix && prettier \"src/**/*.{cjs,js,jsx,ts,tsx,astro,md}\" --write"

[FII-CQI-006-GHP-05]

  • [FII-CQI-006-GHP-05.01] Execute the below duckdb command in a CLI to check whether commitlint packages are installed.
duckdb -s "SELECT devDependencies['@commitlint/cli'] as '@commitlint/cli',  devDependencies['@commitlint/config-conventional'] as '@commitlint/config-conventional' FROM read
  _json_auto('package.json');"
Approved by
Abdul Razak |
Last Updated by
Abdul Razak PM on September 20, 2023