feat(completion-integrity): add git pre-commit hook for bypass mode

[ANcpLua]

Summary

• Add install-git-hook.sh that installs a native git pre-commit hook
• Works with --dangerously-skip-permissions mode (Claude hooks don't)
• Update README with bypass mode compatibility matrix

Changes

• scripts/install-git-hook.sh: Standalone installer for git pre-commit hook
• README.md: Document which features work in which mode
• Remove unused variables (SCRIPT_DIR, INTEGRITY_SCRIPT)

Bypass Mode Compatibility

Feature	Normal Mode	--dangerously-skip-permissions
Git pre-commit hook	✅ Works	✅ Works
PreToolUse hook	✅ Works	❌ Bypassed
Stop hook	✅ Works	✅ Works (informational)

Test plan

• Run bash scripts/install-git-hook.sh in a git repo
• Stage a file with #pragma warning disable and try to commit
• Verify commit is blocked

🤖 Generated with Claude Code

Summary by CodeRabbit

• New Features

  • Git pre-commit hook installation script for enforcing code integrity checks during commits
  • Claude Plugin Hooks for monitoring completion integrity
  • New ancplua-docs-librarian plugin with documentation librarian features

• Documentation

  • Updated enforcement mechanism documentation with bypass mode compatibility guide
  • Expanded installation instructions with git hook setup steps

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Caution

Review failed

Failed to post review comments

📝 Walkthrough

Walkthrough

Updates documentation for pre-commit and phase-end checks, replacing entries with Git pre-commit hook and Claude plugin hooks. Adds entry for ancplua-docs-librarian plugin. Introduces new shell script to install and enforce git pre-commit hook with integrity rule validation.

Changes

Cohort / File(s)	Summary
Documentation & Changelog CHANGELOG.md, plugins/completion-integrity/README.md	Updated changelog entries replacing pre-commit gate and phase-end checks with Git pre-commit hook and Claude plugin hooks details; added ancplua-docs-librarian plugin entry. Restructured README with new "Two enforcement mechanisms" section, added "Bypass Mode Compatibility" table, and expanded installation instructions.
Installation Script plugins/completion-integrity/scripts/install-git-hook.sh	New shell script that installs a Git pre-commit hook enforcing code integrity checks. Detects staging violations (suppressions, commented tests, deleted assertions, deleted test files), blocks commits if violations found, and provides installation/bypass instructions.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat(completion-integrity): add git pre-commit hook for bypass mode' accurately describes the main change: adding a git pre-commit hook installer script that works in bypass mode, which is the primary focus of the PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/completion-integrity-git-hook

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @ANcpLua, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the completion-integrity plugin by introducing a native Git pre-commit hook. This change ensures that critical code integrity checks are consistently applied at the commit stage, regardless of whether the Claude plugin is operating in a normal or bypass mode. By moving these checks directly into the Git workflow, the system gains greater robustness and reliability in preventing common code quality regressions.

Highlights

• New Git Pre-Commit Hook: A new script, install-git-hook.sh, has been added to install a native Git pre-commit hook directly into the repository's .git/hooks directory.
• Bypass Mode Compatibility: This newly introduced pre-commit hook functions independently of Claude's permission system, ensuring integrity checks are enforced even when the --dangerously-skip-permissions mode is active, unlike the existing Claude-specific PreToolUse hook.
• Enhanced Integrity Checks: The pre-commit hook actively blocks commits containing common integrity violations, such as C#, JS/TS, and Python warning suppressions, commented-out tests, deletion of more than two assertions, and deletion of test files.
• Documentation Updates: The CHANGELOG.md and plugins/completion-integrity/README.md files have been updated to clearly document the new Git pre-commit hook, its installation process, and a compatibility matrix detailing its behavior across different operational modes.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a native git pre-commit hook for the completion-integrity plugin, which is a valuable addition as it functions even when Claude's permission system is bypassed. The implementation is solid, with updates to the README and CHANGELOG to reflect the new functionality. I've identified a significant logical issue in the new hook script where it incorrectly excludes test files from analysis, thereby disabling some of its own checks. Additionally, I've provided a few minor suggestions to enhance code clarity and the robustness of the installer script. Overall, great work on improving the integrity checks.

[gemini-code-assist]

The git diff command is configured to exclude test files (e.g., **/*.test.*, **/*.spec.*) from the diff analysis. However, RULE 2 of this script is specifically designed to detect commented-out tests, which are typically found only in these files. By excluding them, the check for commented-out tests is rendered ineffective. To ensure the hook functions as intended, these exclusion patterns for test files should be removed.

Suggested change

	STAGED_DIFF=$(git diff --cached --unified=0 -- \
	':(exclude)*.md' \
	':(exclude)**/hooks/scripts/*.sh' \
	':(exclude)**/scripts/*.sh' \
	':(exclude)**/*.test.*' \
	':(exclude)**/*.spec.*' \
	':(exclude)**/test-fixtures/**' \
	2>/dev/null || echo "")
	STAGED_DIFF=$(git diff --cached --unified=0 -- \
	':(exclude)*.md' \
	':(exclude)**/hooks/scripts/*.sh' \
	':(exclude)**/scripts/*.sh' \
	':(exclude)**/test-fixtures/**' \
	2>/dev/null || echo "")

[gemini-code-assist]

The current backup mechanism for an existing pre-commit hook overwrites pre-commit.backup on each run. This means if you run the installer multiple times, you will lose older backups. To prevent data loss, consider using a timestamp in the backup filename to make it unique.

Suggested change

	echo "Backing up to ${PRE_COMMIT_HOOK}.backup"
	cp "${PRE_COMMIT_HOOK}" "${PRE_COMMIT_HOOK}.backup"
	BACKUP_FILE="${PRE_COMMIT_HOOK}.backup.$(date +%s)"
	echo "Backing up to ${BACKUP_FILE}"
	cp "${PRE_COMMIT_HOOK}" "${BACKUP_FILE}"

[gemini-code-assist]

The WARNINGS array is initialized but never used within the script. It seems to be a remnant from another script. Removing it will make the code cleaner and easier to understand.

[gemini-code-assist]

The new compatibility table's columns are not aligned in the raw markdown source. To improve readability and adhere to the repository's style guide, please add padding to the table cells.

Suggested change

	| Feature | Normal Mode | `--dangerously-skip-permissions` |
	|---------|-------------|----------------------------------|
	| Git pre-commit hook | ✅ Works | ✅ Works |
	| PreToolUse hook | ✅ Works | ❌ Bypassed |
	| Stop hook | ✅ Works | ✅ Works (informational) |
	| Feature | Normal Mode | `--dangerously-skip-permissions` |
	|---------------------|-------------|----------------------------------|
	| Git pre-commit hook | ✅ Works | ✅ Works |
	| PreToolUse hook | ✅ Works | ❌ Bypassed |
	| Stop hook | ✅ Works | ✅ Works (informational) |

References

1. Repository style guide line 79 requires that markdown tables must be padded. ^(link)

[Copilot]

Pull request overview

This PR adds a native git pre-commit hook installer for the completion-integrity plugin to ensure integrity checks work in bypass mode (--dangerously-skip-permissions). The existing Claude plugin hooks are bypassed in this mode, so a native git hook provides enforcement regardless of Claude's permission settings.

Key Changes:

• Adds install-git-hook.sh script that installs a native git pre-commit hook with integrity checks
• Updates README with compatibility matrix explaining which features work in bypass mode vs normal mode
• Updates CHANGELOG to document the new git hook mechanism

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 7 comments.

File	Description
plugins/completion-integrity/scripts/install-git-hook.sh	New installer script that creates a git pre-commit hook embedding integrity checks for warning suppressions, commented tests, deleted assertions, and deleted test files
plugins/completion-integrity/README.md	Documents the two enforcement mechanisms (git hook vs Claude hooks) and adds compatibility matrix showing git hook works in all modes
CHANGELOG.md	Updates completion-integrity plugin entry to describe the new git hook option and bypass mode compatibility

[Copilot]

The JS/TS suppression pattern is incomplete compared to integrity-check.sh. Missing patterns: '@ts-expect-error' and 'tslint:disable'. The complete pattern should be: 'eslint-disable|@ts-ignore|@ts-nocheck|@ts-expect-error|tslint:disable' (see integrity-check.sh line 62)

Suggested change

	JS_SUPPRESS=$(echo "${ADDED_LINES}" | grep -iE 'eslint-disable|@ts-ignore|@ts-nocheck' || true)
	JS_SUPPRESS=$(echo "${ADDED_LINES}" | grep -iE 'eslint-disable|@ts-ignore|@ts-nocheck|@ts-expect-error|tslint:disable' || true)

[Copilot]

The Python suppression pattern is missing 'pylint:disable'. The complete pattern should be: '#\snoqa|#\stype:\signore|#\spylint:\s*disable' (see integrity-check.sh line 72)

Suggested change

	PY_SUPPRESS=$(echo "${ADDED_LINES}" | grep -iE '#\s*noqa|#\s*type:\s*ignore' || true)
	PY_SUPPRESS=$(echo "${ADDED_LINES}" | grep -iE '#\s*noqa|#\s*type:\s*ignore|#\s*pylint:\s*disable' || true)

[Copilot]

The commented test pattern is missing 'TestMethod' which is used in some C# test frameworks. The complete pattern should be: '//\s*[(Test|Fact|Theory|TestMethod)]' (see integrity-check.sh line 86)

Suggested change

	COMMENTED_TESTS=$(echo "${ADDED_LINES}" | grep -iE '//\s*\[(Test|Fact|Theory)\]|//\s*(it|test|describe)\s*\(' || true)
	COMMENTED_TESTS=$(echo "${ADDED_LINES}" | grep -iE '//\s*\[(Test|Fact|Theory|TestMethod)\]|//\s*(it|test|describe)\s*\(' || true)

[Copilot]

The assertion detection only uses C#-style patterns (Assert.|Should.|Expect(). This misses JavaScript/TypeScript assertions which use different patterns like 'expect(|assert.|should.' (lowercase). The integrity-check.sh script has separate detection for C# (line 139) and JS (line 151) assertions. Consider either adding JS-specific assertion detection or updating this pattern to catch both.

Suggested change

	DELETED_ASSERTS=$(echo "${DELETED_LINES}" | grep -iE 'Assert\.|Should\.|Expect\(' || true)
	DELETED_ASSERTS=$(echo "${DELETED_LINES}" | grep -iE 'Assert\.|Should\.|Expect\(|assert\.|should\.|expect\(' || true)

[Copilot]

The test file deletion pattern is incomplete compared to integrity-check.sh. Missing pattern: 'Test.cs' (single test files). The complete pattern should be: '.test.|.spec.|_test.|Tests.cs|Test.cs' (see integrity-check.sh line 167)

Suggested change

	DELETED_TESTS=$(echo "${DELETED_FILES}" | grep -iE '\.test\.|\.spec\.|_test\.|Tests\.cs' || true)
	DELETED_TESTS=$(echo "${DELETED_FILES}" | grep -iE '\.test\.|\.spec\.|_test\.|Tests\.cs|Test\.cs' || true)

[Copilot]

The script assumes the .git/hooks directory exists, but in some edge cases (e.g., a freshly initialized git repo), this directory might not exist yet. Consider adding a check to create it if needed: 'mkdir -p "${HOOKS_DIR}"' before line 26.

Suggested change

	mkdir -p "${HOOKS_DIR}"

[Copilot]

The C# suppression pattern is incomplete compared to the existing integrity-check.sh script. The pattern should include 'DisableWarning' to match line 52 of integrity-check.sh which uses: '#pragma\s+warning\s+disable|SuppressMessage|DisableWarning'

[ANcpLua]

Superseded by PR #54 which includes install-git-hook.sh and removes Claude hooks