feat(git-hooks): add pre-commit branch validation

[rjmurillo-bot]

Summary

Adds branch validation to the pre-commit hook to prevent wrong-branch commits. This addresses the root cause identified in the PR #669 retrospective where trust-based compliance led to cross-PR contamination.

Specification References

Type	Reference	Description
Issue	Closes #681	feat(git-hooks): add pre-commit branch validation hook
Issue	Closes #678	feat(git-hooks): add pre-commit hook for branch name validation
Spec	PR #669	Root cause analysis - PR co-mingling retrospective

Changes

• Added branch validation section to .githooks/pre-commit:
  • Block: commits directly to main/master (hard failure)
  • Warn: unusual branch names not matching conventional patterns
  • Allow: feat/*, fix/*, docs/*, chore/*, refactor/*, test/*, ci/*, build/*, perf/*, tech-debt*
  • Allow: detached HEAD state (for rebasing operations)

Type of Change

• Bug fix (non-breaking change fixing an issue)
• New feature (non-breaking change adding functionality)
• Breaking change (fix or feature causing existing functionality to change)
• Documentation update
• Infrastructure/CI change
• Refactoring (no functional changes)

Testing

• Tests added/updated
• Manual testing completed
• No testing required (documentation only)

Manual Testing:

• Verified hook blocks commits on main branch
• Verified hook allows commits on conventional branches
• Verified warning for non-conventional branch names
• Verified --no-verify bypass works

Agent Review

Security Review

• Security agent reviewed infrastructure changes

Security considerations:

• Uses set -e for fail-fast behavior
• Uses proper quoting to prevent command injection
• Bypass with --no-verify is documented

Other Agent Reviews

• QA verified test coverage

Checklist

• Code follows project style guidelines
• Self-review completed
• Comments added for complex logic
• Documentation updated (if applicable)
• No new warnings introduced

Related Issues

• Closes feat(git-hooks): add pre-commit branch validation hook #681, feat(git-hooks): add pre-commit hook for branch name validation #678
• Related: PR docs(retrospective): PR co-mingling root cause analysis #669 (root cause analysis)
• Related: Issue feat(protocol): add mandatory branch verification to SESSION-PROTOCOL #684 (SESSION-PROTOCOL branch verification - separate PR)

[github-actions]

PR Validation Report

Tip

✅ Status: PASS

Description Validation

Check	Status
Description matches diff	PASS

QA Validation

Check	Status
Code changes detected	False
QA report exists	N/A

---

_{Powered by PR Validation workflow}

[gemini-code-assist]

Code Review

This pull request adds a helpful pre-commit hook to validate branch names, preventing direct commits to main/master and encouraging conventional naming. The implementation is robust, correctly handling detached HEAD states and providing clear user feedback. I've identified one high-severity style guide violation regarding variable naming conventions in the bash script and provided a suggestion to correct it.

[coderabbitai]

Caution

Review failed

The head commit changed during the review from e5e47c9 to 5754dc4.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/681-branch-validation-hook

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Review failed

Failed to post review comments

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

📝 Walkthrough

Walkthrough

Adds branch validation to the pre-commit hook that blocks commits to main/master, validates branch names against conventional patterns (feat/, fix/, docs/*, etc.), warns on non-matching branches, and allows --no-verify bypass.

Changes

Cohort / File(s)	Summary
Pre-commit Hook .githooks/pre-commit	Adds branch validation block: detects current branch, rejects commits to main/master with error, validates against conventional patterns (feat/, fix/, docs/, chore/, refactor/, test/, ci/, build/, perf/, tech-debt), warns on non-matching patterns, treats detached HEAD as valid

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested labels

area-workflows

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	Title follows conventional commit format with 'feat' type and descriptive scope, clearly matching the changeset.
Description check	✅ Passed	Description clearly explains the branch validation feature, links to issues #681 and #678, and documents expected behavior and testing.
Linked Issues check	✅ Passed	The changeset implements all core requirements from #681 and #678: blocks commits to main/master, validates conventional branch patterns, warns on unusual names, and permits --no-verify bypass with clear messages.
Out of Scope Changes check	✅ Passed	All changes are scoped to the pre-commit hook branch validation feature; no unrelated modifications detected in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/681-branch-validation-hook

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}