Skip to content

Add Go pre-commit hook #55

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
haasonsaas merged 1 commit into from
Apr 15, 2026
Merged

Add Go pre-commit hook #55

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,14 @@ GOSEC ?= $(GOBIN)/gosec
OPA ?= opa
export PATH := $(GOBIN):$(PATH)

.PHONY: all tidy build test lint format lint-go lint-python format-go format-python docker-up docker-down docker-logs db-migrate opa-test cert-refresh setup-venv security
.PHONY: all tidy build test lint format lint-go lint-python format-go format-python docker-up docker-down docker-logs db-migrate opa-test cert-refresh setup-venv security install-hooks

all: build

install-hooks:
mkdir -p .git/hooks
install -m 0755 scripts/pre-commit .git/hooks/pre-commit

tidy:
go mod tidy

Expand Down
39 changes: 39 additions & 0 deletions scripts/pre-commit
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
#!/usr/bin/env bash

set -euo pipefail

repo_root=$(git rev-parse --show-toplevel)
cd "$repo_root"

mapfile -t staged_go_files < <(git diff --cached --name-only --diff-filter=ACM -- "*.go")
Copy link
Copy Markdown

@cursor cursor bot Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hook fails on macOS default bash lacking mapfile

Medium Severity

mapfile is a bash 4.0+ built-in, but macOS ships bash 3.2 (Apple won't update past GPLv2). Running this hook with /usr/bin/env bash on a stock Mac resolves to /bin/bash (3.2), causing an immediate mapfile: command not found error that blocks every Go commit. This is a frequently reported issue in other projects. A while IFS= read -r loop achieves the same result portably.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit c81d805. Configure here.

if [ ${#staged_go_files[@]} -eq 0 ]; then
exit 0
fi

stashed=0
cleanup() {
if [ "$stashed" -eq 1 ]; then
git stash pop -q >/dev/null 2>&1 || true
fi
}
trap cleanup EXIT

if ! git diff --quiet -- . || [ -n "$(git ls-files --others --exclude-standard)" ]; then
git stash push -q --keep-index --include-untracked -m "pre-commit-$(date +%s)"
stashed=1
fi

echo "Running gofmt on staged files..."
gofmt -w "${staged_go_files[@]}"
git add -- "${staged_go_files[@]}"

if ! command -v golangci-lint >/dev/null 2>&1; then
echo "golangci-lint is required for this repo. Install it and retry." >&2
exit 1
fi
Copy link
Copy Markdown

@cursor cursor bot Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tool check runs after index is already modified

Low Severity

The golangci-lint availability check on line 30 runs after gofmt -w and git add have already mutated the working tree and index on lines 27–28. If the tool is missing, the hook exits with an error, but the developer's staged content has been silently reformatted. The pre-flight tool check needs to happen before any index/worktree modifications (i.e., before the gofmt -w / git add block).

Additional Locations (1)
Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit c81d805. Configure here.


echo "Running golangci-lint..."
golangci-lint run ./...

echo "Running go test..."
go test ./...
Loading