From 92dfc355d2292c6d6c17a51cf2f83b8ba033596a Mon Sep 17 00:00:00 2001 From: Craig Jennings Date: Sun, 28 Jun 2026 12:24:59 -0400 Subject: feat(hooks): block bundled test+commit, require full suite before commit I tightened the before-committing rule in verification.md and commits.md from "run tests" to "run the full suite as its own step and commit only on zero failures." A PreToolUse hook now backs it: it denies a test runner chained into git commit through an ungated connector, and lets the gated && form pass. I added a respond_deny helper. Tests cover the connector cases. --- claude-rules/verification.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'claude-rules/verification.md') diff --git a/claude-rules/verification.md b/claude-rules/verification.md index 1bbd8dd..388e0b5 100644 --- a/claude-rules/verification.md +++ b/claude-rules/verification.md @@ -92,7 +92,7 @@ Use this whenever the verification gap from "When You Cannot Verify" above is a ## Before Committing Before any commit: -1. Run the test suite — confirm all tests pass +1. Run the full test suite as its own command, read the result, and commit only when failures are zero — never bundle the run with the commit (e.g. `make test; git commit`), where a red suite can't stop the commit. Run the whole suite, not just the touched file: a change can break a test elsewhere. If the suite can't run, that's "unable to verify" (see When You Cannot Verify above) — surface it, don't commit silently. 2. Run the linter — confirm no new warnings 3. Run the type checker — confirm no new errors 4. Review the diff — confirm only intended changes are staged -- cgit v1.2.3