feat(hook): add fail_on_fix option

[jdx]

Summary

• Adds fail_on_fix boolean option to hooks that causes the hook to fail when fix commands modify files
• Useful with stage = false in pre-commit hooks: fixes are applied but the commit is blocked so users can review changes before staging manually
• Defaults to false to preserve existing behavior

Closes #723

Test plan

• New bats tests: fail_on_fix=true fails on modified files, passes when nothing changes, default behavior unchanged
• Existing stage_setting and stage_default tests still pass

🤖 Generated with Claude Code

---

Note

Medium Risk
Adds new hook execution behavior that can force fix runs to error based on file content changes, which may impact workflows when enabled and introduces extra file I/O/hashing during fix runs.

Overview
Adds a new hook config flag, fail_on_fix (default false), to make fix hooks fail if any files were actually modified by fix commands—useful for stage = false workflows where users want fixes applied but commits blocked until manual review.

Implements this by snapshotting pre-run file content hashes for the hook’s file set and comparing after step groups complete in RunType::Fix, then returning an error and logging the modified file list when changes are detected. Adds Bats coverage for failing/passing cases and for ignoring pre-existing unrelated unstaged changes.

^{Written by Cursor Bugbot for commit c4803c4. This will update automatically on new commits. Configure here.}

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a new fail_on_fix configuration option for hooks, providing greater control over the behavior of fix commands. This feature allows developers to configure hooks to automatically apply fixes while preventing the commit from proceeding until the user has explicitly reviewed and staged the changes. This improves the developer experience by ensuring that automated fixes are always acknowledged before being committed, especially in pre-commit scenarios.

Highlights

• New fail_on_fix option: Introduced a boolean option for hooks that, when true, causes the hook to fail if fix commands modify files.
• Enhanced pre-commit workflow: This option is particularly useful in pre-commit hooks with stage = false, allowing fixes to be applied but blocking the commit until the user manually reviews and stages the changes.
• Default behavior preserved: The fail_on_fix option defaults to false, ensuring existing hook configurations continue to function as before.

Changelog

• pkl/Config.pkl
  • Added the fail_on_fix option with its documentation.
• src/hook.rs
  • Implemented the fail_on_fix logic, including adding the field to the Hook struct and the conditional failure check.
• test/fail_on_fix.bats
  • Added new tests to cover the fail_on_fix functionality.

Activity

• The author, jdx, created this pull request to add the fail_on_fix option.
• The pull request description provides a detailed summary, explains the option's utility, and outlines the test plan.
• The changes address and close issue `fix=true` and `stage=false` in pre-commit hook not working as expected #723.
• The PR was generated with Claude Code.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a fail_on_fix option for hooks, a valuable feature for workflows where developers wish to review automatic fixes before committing. The implementation is clean and effective, adding a new field to the configuration and the Hook struct, with the primary logic in the hook's run method. This logic correctly identifies unstaged files after a fix run and fails the hook when fail_on_fix is active. The feature is also well-supported by new bats tests that cover the essential scenarios. I have one minor suggestion to enhance code conciseness.

[gemini-code-assist]

For improved conciseness and readability, you can directly use join from the itertools trait (which is already imported in this file) on the iterator. This avoids the intermediate collection into a Vec.

[greptile-apps]

Greptile Summary

This PR adds a fail_on_fix boolean option to hooks that causes the hook to exit with a non-zero status when fix commands leave files in a modified (unstaged) state, making it easy to apply auto-fixes while still blocking a commit so the user can review the changes before re-staging. The feature is implemented cleanly across the PKL schema, the Rust Hook struct, and is covered by three new bats tests.

Key changes:

• pkl/Config.pkl – new fail_on_fix: Boolean = false property with documentation and a usage example.
• src/hook.rs – new pub fail_on_fix: bool field (serde default); post-step-group check that reads repo.status() and returns an error when unstaged files are found (gated on RunType::Fix).
• test/fail_on_fix.bats – three scenarios: fixer modifies files → failure; no-op fixer → success; default (no fail_on_fix) with fixer → success.

Issue found:
The fail_on_fix check inspects all unstaged files after the fixers run rather than only files that were changed by the fixers. When stage = false (the recommended pairing), stash_method defaults to StashMethod::None, so pre-existing unstaged changes in the working tree are never stashed. This means any user who has unrelated unstaged edits will see a spurious failure and a misleading warning even when the fixers made no modifications at all — contradicting the documented behaviour ("fail when fix commands modify files").

Confidence Score: 3/5

• Safe to merge for clean worktrees, but can produce false-positive failures for users who regularly have unrelated unstaged changes alongside stage = false.
• The implementation logic for the common case (fixer modifies files → fail) is correct and well-tested. However, the post-fix status check does not filter out pre-existing unstaged files, leading to false positives that contradict the documented behaviour. This is a correctness gap in a common real-world workflow (partial staging), not merely a style concern.
• Pay close attention to src/hook.rs lines 677–693 (the fail_on_fix check) and the missing test case in test/fail_on_fix.bats.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[hk run hook] --> B{RunType is Fix?}
    B -- No --> C[Run step groups in Check mode]
    B -- Yes --> D{stash_method not None?}
    D -- Yes --> E[Stash pre-existing unstaged changes]
    D -- No --> F[Pre-existing unstaged changes remain]
    E --> G[Run step groups - fixers execute]
    F --> G
    G --> H{result ok AND fail_on_fix true?}
    H -- No --> I[Skip fail_on_fix check]
    H -- Yes --> J[repo.status after fix]
    J --> K{unstaged_files empty?}
    K -- Yes --> L[result stays Ok]
    K -- No --> M[warn and result set to Err\nNOTE: includes pre-existing\nunstaged files if stash is None]
    L --> N[pop_stash if applicable]
    M --> N
    I --> N
    C --> O[Return result]
    N --> O

Loading

_{Last reviewed commit: 4e0e6b0}

[greptile-apps]

False positive when pre-existing unstaged files exist

The fail_on_fix check reads all unstaged files from the repository after the fixers run, but it does not distinguish between files that were modified by the fixers and files that were already unstaged before the hook ran.

When stage = false (the primary documented use-case), stash_method defaults to StashMethod::None (line 355), so pre-existing unstaged changes are never stashed (line 637-657 skips stashing when method is None). If the user has any unrelated unstaged changes in the working tree, status.unstaged_files will be non-empty even when the fixers made zero modifications — causing the hook to fail when the documented behaviour ("fail when fix commands modify files") says it should pass.

The test "fail_on_fix=true passes when no files are modified" only covers a clean working tree; it does not exercise the case where pre-existing unstaged files coexist with a no-op fixer.

A more accurate implementation would capture the set of unstaged files before the step groups run, then compare against the post-fix set, failing only when there is a meaningful delta:

// Before running groups, snapshot pre-existing unstaged files
let pre_unstaged: BTreeSet<_> = repo.lock().await.status(None)?
    .unstaged_files.into_iter().collect();

// ... run groups ...

// fail_on_fix: only fail when fixers actually changed something
if result.is_ok() && self.fail_on_fix && matches!(run_type, RunType::Fix) {
    let status = repo.lock().await.status(None)?;
    let newly_modified: Vec<_> = status.unstaged_files.iter()
        .filter(|p| !pre_unstaged.contains(*p))
        .collect();
    // Also check files that existed before but now have different content
    // (e.g. via git diff --name-only pre_unstaged ∩ post_unstaged)
    if !newly_modified.is_empty() {
        ...
        result = Err(eyre::eyre!("fail_on_fix: files were modified by fix commands"));
    }
}

Without this guard, any user who runs hk with fail_on_fix = true while their worktree contains unrelated unstaged edits will see a spurious failure and a misleading "Files were fixed but not staged" warning even though the fixers touched nothing.

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}