fix(api): ensure commits are linted/formatted before commit

[IgorHorta]

Context

The pre-commit hook's lint-staged configuration was not working correctly due to two issues:

1. Incorrect glob pattern: The pattern ./{frontend/backend}/**/* used a slash instead of a comma, which meant it was looking for a literal directory named frontend/backend instead of matching both frontend/ and backend/ directories.

2. ESLint config mismatch: When eslint --fix ran from the root directory, it couldn't find the correct ESLint configuration files because:

   • Frontend uses the new flat config format (eslint.config.js), which requires running from within the frontend directory
   • Backend uses the legacy format (.eslintrc.js) which needs to be explicitly specified via --config

Changes made:

• Split lint-staged into separate entries for frontend and backend
• Frontend: runs ESLint from within the frontend/ directory to properly detect the flat config
• Backend: explicitly specifies the config file path with --config backend/.eslintrc.js
• Added helpful comments to the pre-commit hook
• Fixed typo: "comitting" → "committing"

Screenshots

Steps to verify the change

1. Stage a file in the frontend/ directory
2. Run git commit - ESLint should run successfully without "Parsing error: The keyword 'import' is reserved"
3. Stage a file in the backend/ directory
4. Run git commit - ESLint should run successfully with the correct backend rules
5. Stage files in both directories and verify both linters run

Type

• Fix
• Feature
• Improvement
• Breaking
• Docs
• Chore

Checklist

• Title follows the conventional commit format: type(scope): short description
• Tested locally
• Updated docs (if needed)
• Read the contributing guide

[maidul98]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[greptile-apps]

Greptile Overview

Greptile Summary

This PR attempts to fix the pre-commit linting by restructuring how ESLint runs for frontend and backend. However, there are critical issues:

Major concerns:

• Security vulnerability: The pre-commit hook containing infisical scan git-changes --staged was deleted, removing the automated secrets detection that prevents developers from committing credentials
• lint-staged configuration broken: The bash parameter expansion pattern ${@#frontend/} and ${@#backend/} won't correctly strip the ./ prefix from paths that lint-staged passes (e.g., ./frontend/src/App.tsx), causing ESLint to receive incorrect file paths
• Verification steps don't match implementation: The PR description claims lint-staged runs on commit, but the pre-commit hook was deleted - linting only happens at push time now

Changes made:

• Deleted .husky/pre-commit hook (removed lint-staged and infisical scan)
• Added new .husky/pre-push hook with manual linting logic
• Split lint-staged config into separate frontend/backend entries with cd commands
• Added --max-warnings 0 flag to all lint scripts
• Fixed eslint-disable comments in backend files to be more specific

Recommendations:

• Restore the infisical scan in a git hook (either pre-commit or pre-push)
• Fix the parameter expansion in lint-staged to handle ./ prefixed paths correctly
• Test that lint-staged actually works with the current configuration

Confidence Score: 1/5

• This PR has critical security and functionality issues that must be addressed before merging
• Score reflects the removal of security scanning (infisical scan) and broken lint-staged configuration with incorrect parameter expansion that won't work as intended
• .husky/pre-commit (deleted - needs to be restored with security scan), package.json (lint-staged config has broken path handling)

Important Files Changed

Filename	Overview
.husky/pre-commit	Deleted pre-commit hook that ran lint-staged and infisical scan
.husky/pre-push	Added new pre-push hook with manual linting logic for frontend and backend
package.json	Fixed lint-staged configuration to run ESLint correctly for frontend and backend

[greptile-apps]

_{2 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[victorvhs017]

@greptileai re-review and update the summary

[scott-ray-wilson]

Works well overall! two comments

[IgorHorta]

@greptileai re-review and update the summary re-review and update the summary

[greptile-apps]

_{3 files reviewed, 4 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Additional Comments (2)

.husky/pre-commit
Deleting pre-commit hook removes critical security scan (infisical scan git-changes --staged) that prevents committing secrets. This creates a major vulnerability - developers can now commit credentials without detection.

---

.husky/pre-commit
lint-staged is no longer running at commit time - only at push time. This means uncommitted linting errors will accumulate, and the PR description's verification steps won't work as described.

[scott-ray-wilson]

Works great, nice work!