Fix: Harden commit-msg hook (trap cleanup, pattern, blank line)#18
Conversation
Add trap 'rm -f "$TEMP_FILE"' EXIT after mktemp so the temp file is removed on any exit path, including early exit under set -euo pipefail. The explicit rm at the end is now redundant and removed. Mirrors the fix applied to the replicated copy in kagenti/agent-skills (PR kagenti#14) to keep the hook in sync across repos. Assisted-By: Claude (Anthropic AI) <noreply@anthropic.com> Signed-off-by: Gloire Rubambiza <gloire@ibm.com>
- Drop redundant `cursor` alternate; `grep -i` already matches it case-insensitively in the `(Claude|Cursor|anthropic)` pattern - Only prepend a blank line before the Assisted-By trailer when the message does not already end with one, avoiding a double blank Assisted-By: Claude (Anthropic AI) <noreply@anthropic.com> Signed-off-by: Gloire Rubambiza <gloire@ibm.com>
clawgenti
left a comment
There was a problem hiding this comment.
This PR cleanly hardens the commit-msg hook with three well-scoped fixes. All checks pass. Ready for human review.
Reviewed by clawgenti using github:pr-review
mrsabath
left a comment
There was a problem hiding this comment.
Summary
Clean, correct hardening of the commit-msg hook. I verified all three fixes by running the reconstructed hook against representative messages:
- trap cleanup —
trap 'rm -f "$TEMP_FILE"' EXITreplaces the trailingrm, so the temp file is removed on every exit path underset -euo pipefail(including an early exit betweenmktempand the oldrm).$TEMP_FILEis set before the trap and properly quoted. ✓ - simplified strip pattern — dropping the redundant
|cursoris safe:grep -ialready matches lowercasecursorviaCursor. Confirmed directly — no behavior change. ✓ - double-blank guard — exactly one blank line precedes the
Assisted-Bytrailer. Verified the three cases:Co-authored-by: Claude→ single-blank-separatedAssisted-By; no-AI-trailer message left untouched; body already ending in a blank line does not produce a double blank. ✓
Properly quoted, idiomatic, and consistent with the file's style; the inline comment explaining the guard is helpful. All checks pass (DCO, PR title, add-to-project). The clawgenti bot already completed its automated pass — this adds the human-review approval.
Areas reviewed: Shell, Security, Commit conventions
Author: rubambiza (MEMBER)
Commits: 2, signed-off (DCO ✓)
CI: passing
Summary
Hardens
scripts/hooks/commit-msg, mirroring fixes reviewed on the ported copy inkagenti/agent-skills#14:trap 'rm -f "$TEMP_FILE"' EXITso the temp file is removed on any exit path (including early exit underset -euo pipefail).cursoralternate;grep -ialready matchesCursorcase-insensitively in(Claude|Cursor|anthropic).Assisted-Bytrailer when the message does not already end with one.Verified: a message containing
Co-authored-by: Claudeconverts to a single-blank-separatedAssisted-Bytrailer; a message with no AI trailer is left untouched.Fixes #17
Assisted-By: Claude Code