Context
Smart commit workflow that scans for secrets before staging, generates a conventional commit message based on the changes, commits, and pushes to the remote branch.
Inputs
$ARGUMENTS - Optional: specific files to commit, or commit message hint
Steps
1. Analyze Changes
- •Run
git statusto see modified/untracked files - •Run
git difffor unstaged changes andgit diff --cachedfor staged changes - •Run
git log --oneline -5to see recent commit message style
2. Determine What to Stage
- •If $ARGUMENTS specifies files, stage those files
- •Otherwise, identify logically related changes that form one atomic commit
- •NEVER stage:
.env,*.key,*.pem,credentials.*,*secret*files - •Prefer specific
git add <file>overgit add -A
3. Stage Files
- •Stage the identified files with
git add <file>
4. Secret Scanning (handled by pre-commit hook)
Secret scanning is handled automatically by the git pre-commit hook (gitleaks). No manual scan step is needed here. If secrets are detected, the commit will be blocked.
5. Generate Commit Message
Follow Conventional Commits format:
code
<type>[optional scope]: <description>
Types: feat, fix, docs, style, refactor, test, chore, ci
Keep the description under 72 characters. Use imperative mood ("add" not "added").
6. Create Commit
- •Create the commit with the generated message
7. Push to Remote
- •Determine current branch:
git branch --show-current - •Push with tracking:
git push -u origin <branch> - •If push fails due to upstream changes, inform the user and suggest
git pull --rebase
8. Verify
- •Run
git statusto confirm state - •Run
git log --oneline -1to confirm the commit message - •Confirm push succeeded
Verification
- •No secrets in the committed changes
- •Commit message follows conventional format
- •Only related changes are in the commit (atomic)
- •Changes are pushed to remote