lefthook.yml

# Lefthook git hooks — fast gate strategy
# Pre-commit: format + lint (~2s)
# Post-merge: regenerate types after pull (catches upstream drift at source)
# Pre-push: Rust quality + supply chain + workspace test (full safety net)
# Release time: ci-local.sh runs ALL 10 gates via release.sh

pre-commit:
  parallel: true
  commands:
    biome-format:
      glob: "*.{js,ts,jsx,tsx,json}"
      run: bunx biome format --write --no-errors-on-unmatched {staged_files} && git add {staged_files}
    biome-lint:
      glob: "*.{js,ts,jsx,tsx,json}"
      run: bunx biome lint --no-errors-on-unmatched {staged_files}
    typecheck:
      glob: "*.{ts,tsx}"
      run: bunx turbo typecheck
    cargo-fmt:
      glob: "*.rs"
      run: rustfmt {staged_files} && git add {staged_files}
    ts-safety-check:
      glob: "*.{ts,tsx}"
      exclude: "*.test.{ts,tsx}"
      run: bash scripts/ts-safety-check.sh {staged_files}
    skill-sync:
      glob: "{claude-view/**,packages/plugin/src/tools/**,plugin.json,marketplace.json}"
      run: bash test/skill-sync.sh
    actionlint:
      glob: ".github/workflows/*.yml"
      run: actionlint {staged_files}

# Catch upstream type drift at point of introduction, not on next push.
# Runs after `git pull` / `git merge`. If upstream changed any .rs file,
# regenerate types and warn if they drifted. User commits the regenerated
# files as a follow-up, rather than discovering drift when they try to push.
post-merge:
  commands:
    regen-drifted-types:
      run: bash scripts/ci/post-merge-regen-types.sh

pre-push:
  parallel: true
  commands:
    clippy:
      # -D deprecated is explicit (in addition to -D warnings which already
      # catches deprecated by default) so any new caller of a legacy writer
      # fails the gate immediately.
      #
      # `scripts/cq` pins clippy to rust-toolchain.toml (Homebrew otherwise
      # shadows rustup and runs a newer clippy whose extra style lints would
      # false-fail this gate). So the FULL -D warnings runs under the pinned
      # 1.94.1 — no per-lint allowances needed (root cause fixed, not masked).
      run: ./scripts/cq clippy --workspace -- -D warnings -D deprecated
    # NOTE: generated-types moved to post-merge. Drift is now caught at pull
    # time (when it's upstream-owned) instead of push time (when it's the
    # next pusher's problem). Keep this commented reminder for future eng.
    # generated-types:
    #   run: bash scripts/ci/check-generated-types.sh
    openapi-drift:
      run: bash scripts/ci/check-openapi-drift.sh
    cargo-deny:
      run: |
        # Self-healing: if advisory DB is corrupted (untracked files from
        # project contamination), nuke it and let cargo-deny reclone fresh.
        DB_DIR="$HOME/.cargo/advisory-dbs"
        if [ -d "$DB_DIR" ]; then
          for db in "$DB_DIR"/advisory-db-*/; do
            [ -d "$db" ] || continue
            if (cd "$db" && git status --porcelain 2>/dev/null | grep -q '^??'); then
              echo "cargo-deny: advisory DB has untracked files, resetting..."
              rm -rf "$DB_DIR"
              break
            fi
          done
        fi
        cargo deny check
    rust-test:
      # Unset GIT_* vars that `git push` exports to its hooks. Many tests
      # in this workspace shell out to git (crates/db/src/git_correlation/*,
      # crates/core/src/discovery/git.rs) and construct synthetic git repos
      # in tempdirs. When GIT_DIR / GIT_WORK_TREE / GIT_COMMON_DIR /
      # GIT_INDEX_FILE are inherited from `git push`, those tests' git
      # subprocesses see the parent repo instead of the tempdir, and the
      # assertions flake. Each call site should also scrub these (we do in
      # resolve_git_root as of 2026-04-17), but scrubbing at the hook level
      # is the belt-and-braces default — tests added tomorrow won't have
      # to remember.
      run: |
        unset GIT_DIR GIT_WORK_TREE GIT_COMMON_DIR GIT_INDEX_FILE
        ./scripts/cq test --workspace
    cq-nextest-routing:
      run: bash test/cq-nextest-routing.sh