Pre-Commit Checks Failure Analysis¶
Workflow Run: 18598728416 Job: 53031646052 (Pre-commit Checks) Branch: audit-gates-final/20251017 PR: #16 Date: 2025-10-17
Executive Summary¶
The pre-commit checks workflow is failing due to 4 categories of issues:
- JSON Formatting (16 files) - FIXED automatically but requires commit
- YAML Indentation Errors (1 file) - CRITICAL, requires manual fix
- Markdown Style Issues (2 files) - Auto-fixable
- ESLint JavaScript/TypeScript Errors (5 files) - Test template files with globals
Status: ❌ BLOCKING - Manual fixes required before merge
Detailed Findings¶
1. JSON Formatting Issues (16 Files)¶
Status: ✅ FIXED by pre-commit hook (but not committed)
The pretty-format-json hook auto-fixed these files with proper indentation:
reports/generated/standards-inventory.json
reports/generated/structure-audit.json
reports/generated/script-coverage.json
skills/cloud-native/aws-advanced/templates/lambda-layer-structure/nodejs/package.json
skills/cloud-native/aws-advanced/templates/step-functions-state-machine.json
skills/cloud-native/aws-advanced/templates/eventbridge-patterns.json
skills/coding-standards/javascript/resources/configs/jest.config.json
skills/coding-standards/javascript/resources/configs/package.json
skills/compliance/healthtech/templates/fhir-resources.json
skills/compliance/fintech/templates/compliance-dashboard.json
skills/security/authorization/templates/abac-policy.json
skills/security/security-operations/templates/security-metrics-dashboard.json
skills/devops/monitoring-observability/templates/grafana-dashboard.json
skills/database/advanced-optimization/templates/monitoring-dashboard.json
skills/testing/performance-testing/templates/grafana-dashboard.json
examples/nist-templates/quickstart/structure-audit.json
Action Required: Commit the auto-formatted files
2. YAML Indentation Errors (CRITICAL)¶
File: skills/security/zero-trust/templates/network-policy.yaml
Status: ❌ CRITICAL - 44 indentation errors
Root Cause: Kubernetes NetworkPolicy YAML uses 2-space indentation for list items under keys, but yamllint expects 4-space indentation based on .yamllint.yaml config.
Errors Summary:
- Line 14: Expected 4 spaces, found 2 (policyTypes list)
- Lines 27-37: Multiple indentation errors in
egresssection - Lines 55-206: Repeated pattern throughout all NetworkPolicy resources
Example of Current (Incorrect) Format:
Correct Format (Per yamllint config):
Options to Fix:
Option A: Fix the YAML file (Recommended)
# Re-indent the entire file with 4-space list indentation
sed -i 's/^ - / - /g' skills/security/zero-trust/templates/network-policy.yaml
Option B: Exclude this file from yamllint Add to .yamllint.yaml ignore list:
ignore: |
skills/cloud-native/service-mesh/templates/istio-installation.yaml
skills/cloud-native/serverless/templates/sam-template.yaml
skills/cloud-native/aws-advanced/templates/*.yaml
skills/security/api-security/templates/openapi-security.yaml
skills/security/zero-trust/templates/network-policy.yaml # Add this line
Recommendation: Use Option A - Fix the file to maintain consistency with project standards.
3. Markdown Style Issues¶
Files:
docs/migration/phase1-gate-checklist.md(3 errors)docs/migration/phase1-progress-tracker.md(18 errors)
Status: ⚠️ AUTO-FIXABLE - markdownlint fixed these but requires commit
Error Types:
A. Horizontal Rule Style (MD035)¶
Issue: Using underscores instead of dashes
Current:
Fixed to:
Affected:
phase1-gate-checklist.md: Lines 408, 409, 410phase1-progress-tracker.md: Lines 478, 479
B. Strong Style (MD050)¶
Issue: Using underscore-based bold instead of asterisk-based bold
Current:
Fixed to:
Affected: Multiple lines in phase1-progress-tracker.md
Action Required: Commit the auto-fixed files
4. ESLint JavaScript/TypeScript Errors¶
Status: ❌ REQUIRES CONFIGURATION CHANGES
Files Affected (5 total):
File 1: skills/coding-standards/javascript/config/eslint.config.js¶
- Errors: 8 errors (no-undef for ESLint globals)
- Cause: ESLint config file not recognizing its own globals
File 2: skills/testing/integration-testing/templates/api-test-template.js¶
- Errors: 21 errors (no-undef for test globals)
- Cause: Missing Jest/testing environment in ESLint config
File 3: skills/testing/performance-testing/templates/k6-stress-test.js¶
- Errors: 7 errors/warnings
- Cause: Missing k6 globals (__ENV, __VU, __ITER)
File 4: skills/testing/unit-testing/templates/test-template-jest.js¶
- Errors: 31 errors (no-undef for Jest globals)
- Cause: Missing Jest environment in ESLint config
File 5: Various config files¶
- Warning: Files ignored by pattern but still scanned
Root Cause Analysis:
The .pre-commit-config.yaml already excludes test files:
- id: eslint
exclude: |
(?x)^(
node_modules/|
.*\.min\.js$|
dist/|
build/|
tests/|
.*\.test\.(js|ts|jsx|tsx)$|
.*\.spec\.(js|ts|jsx|tsx)$
)$
However, it does NOT exclude:
- Template files in
skills/*/templates/directories - Config files in
skills/*/config/directories
Recommended Fixes:
Option A: Expand ESLint Exclusions (Recommended) Update .pre-commit-config.yaml line 278:
- id: eslint
name: JavaScript/TypeScript linting
files: \.(js|ts|jsx|tsx)$
exclude: |
(?x)^(
node_modules/|
.*\.min\.js$|
dist/|
build/|
tests/|
.*\.test\.(js|ts|jsx|tsx)$|
.*\.spec\.(js|ts|jsx|tsx)$|
skills/.*/templates/.*\.(js|ts)$| # Add: Exclude skill templates
skills/.*/config/.*\.(js|ts)$ # Add: Exclude skill configs
)$
Option B: Add ESLint Comments to Templates Add to top of each template file:
Option C: Create Separate ESLint Config for Templates Create skills/.eslintrc.js:
module.exports = {
env: {
jest: true,
node: true,
},
globals: {
__ENV: 'readonly',
__VU: 'readonly',
__ITER: 'readonly',
},
};
Recommendation: Use Option A - Simplest and most maintainable solution.
Summary of Required Actions¶
Immediate Actions (To Fix CI)¶
- Commit Auto-Fixed Files:
git add reports/generated/*.json
git add skills/**/*.json
git add examples/nist-templates/quickstart/structure-audit.json
git add docs/migration/phase1-*.md
git commit -m "fix: apply pre-commit auto-fixes for JSON and Markdown"
- Fix YAML Indentation:
# Option A: Fix the file
python3 << 'EOF'
import re
with open('skills/security/zero-trust/templates/network-policy.yaml', 'r') as f:
content = f.read()
# Fix list indentation from 2 to 4 spaces
lines = content.split('\n')
fixed_lines = []
for line in lines:
if re.match(r'^ - ', line):
fixed_lines.append(' ' + line) # Add 2 more spaces
else:
fixed_lines.append(line)
with open('skills/security/zero-trust/templates/network-policy.yaml', 'w') as f:
f.write('\n'.join(fixed_lines))
EOF
git add skills/security/zero-trust/templates/network-policy.yaml
git commit -m "fix: correct YAML indentation in network-policy template"
- Update ESLint Exclusions:
# Edit .pre-commit-config.yaml
# Add the two lines to the eslint exclude pattern (lines shown above)
git add .pre-commit-config.yaml
git commit -m "fix: exclude skill templates and configs from ESLint"
- Push Changes:
Verification¶
After applying fixes, verify locally:
# Install pre-commit if not already installed
pip install pre-commit
# Run all hooks
pre-commit run --all-files
# Should see:
# - All JSON files: ✓ Passed
# - All YAML files: ✓ Passed
# - All Markdown files: ✓ Passed
# - ESLint: ✓ Passed (or files properly excluded)
Prevention Measures¶
1. Add to Pre-Commit Documentation¶
Create docs/guides/PRE_COMMIT_GUIDE.md with:
- Common failure patterns
- How to test locally before pushing
- How to interpret pre-commit errors
2. Update CONTRIBUTING.md¶
Add section on running pre-commit:
## Pre-Commit Checks
Before committing, run:
\`\`\`bash
pre-commit run --all-files
\`\`\`
To install pre-commit hooks:
\`\`\`bash
pre-commit install
\`\`\`
3. Consider Pre-Push Hook¶
Add to .pre-commit-config.yaml:
This catches issues before CI runs.
Technical Details¶
Pre-Commit Hook Execution Order¶
The workflow executes hooks in this order:
- Security checks (gitleaks)
- File integrity checks
- Formatting (JSON, whitespace) ← Auto-fixes here
- Syntax validation (YAML, JSON)
- Markdown linting ← Auto-fixes here
- Code quality (shellcheck, black, isort, ruff)
- ESLint ← Errors here
- Branch protection
- Final validation
Workflow Configuration¶
- File:
.github/workflows/lint-and-validate.yml - Job: Pre-commit Checks
- Python Version: 3.11
- Cache: Pre-commit cache enabled (147 MB)
- Fail Fast: Disabled (runs all hooks even if one fails)
Pre-Commit Version¶
- Installed Version: 4.3.0
- Minimum Required: 3.6.0
- Configuration:
.pre-commit-config.yaml(v2.0.0)
Files Reference¶
Configuration Files Examined¶
/home/william/git/standards/.pre-commit-config.yaml(347 lines)/home/william/git/standards/.yamllint.yaml(51 lines)/home/william/git/standards/.markdownlint.yaml(107 lines)
Log Sources¶
- GitHub Actions Workflow Run: 18598728416
- Job ID: 53031646052
- Full logs available via:
gh run view 18598728416 --log
Contact & Support¶
- Issue Tracker: https://github.com/williamzujkowski/standards/issues
- PR: #16
- Branch: audit-gates-final/20251017
Appendix: Complete Error List¶
JSON Files (16 - Auto-Fixed)¶
All fixed with --indent=2 formatting.
YAML Indentation (44 Errors in 1 File)¶
All in skills/security/zero-trust/templates/network-policy.yaml - Lines: 14, 27, 29, 30, 37, 55, 59, 60, 67, 71, 72, 76, 80, 85, 89, 93, 109, 113, 114, 119, 123, 128, 132, 133, 137, 141, 146, 150, 155, 159, 162, 164, 180, 184, 185, 190, 194, 201, 205, 206...
Markdown Violations (21 Total)¶
- MD035 (Horizontal rule style): 5 instances
- MD050 (Strong style): 16 instances
ESLint Errors (69 Total)¶
- Configuration files: 8 errors
- Test templates: 61 errors
Report Generated: 2025-10-17 Analysis Tool: Claude Code Research Agent Report Version: 1.0