diff --git a/.githooks/pre-commit b/.githooks/pre-commit new file mode 100755 index 0000000..0ddeefc --- /dev/null +++ b/.githooks/pre-commit @@ -0,0 +1,23 @@ +#!/bin/sh +# gitflow pre-commit — generated by gitflow_init. Do not hand-edit. +# Mirrors gitflow_protected_base (lib/gitflow.sh). Drift caught by T10. +gd=$(git rev-parse --git-dir) +br=$(git symbolic-ref --short -q HEAD 2>/dev/null) + +git rev-parse --verify -q HEAD >/dev/null 2>&1 || exit 0 # root commit — allow +[ -f "$gd/MERGE_HEAD" ] && exit 0 # merge in progress — allow + +case "$br" in + main|develop) ;; # protected — keep checking + *) exit 0 ;; # working branch — allow +esac + +# whitelist: all-staged-under-.claude/ (memory/doc/deploy helpers) — allow +if [ -z "$(git diff --cached --name-only | grep -v '^\.claude/' | head -1)" ]; then + exit 0 +fi + +echo "gitflow pre-commit: BLOCKED — direct commit on '$br'." >&2 +echo " Branch from the right base (feature/bugfix->develop, hotfix->main), or merge." >&2 +echo " (.claude/** memory commits are exempt; --no-verify bypasses locally.)" >&2 +exit 1 diff --git a/.gitignore b/.gitignore index eb4b530..1be270c 100644 --- a/.gitignore +++ b/.gitignore @@ -136,3 +136,7 @@ skills-external/frontend-design/ # deploy: transient per-deploy state (the runbook/ledger/oracle ARE committed) .claude/deploy/NEXT.sh .claude/deploy/PENDING.json + +# ── gitflow standard socle (added by gitflow_init; additive, safe to edit) ── +*.log +!.claude/deploy/