/cf-commit

Create a commit for the current changes. Hint: $ARGUMENTS

Workflow

Step 0: Load Custom Guide

Run: bash "${CLAUDE_PLUGIN_ROOT}/lib/load-custom-guide.sh" cf-commit

If output is not empty, integrate the returned sections into this workflow:

• ## Before → execute before Step 1
• ## Rules → apply as additional rules throughout all steps
• ## After → execute after the final step

Step 1: Analyze Changes

git status
git diff
git diff --staged
git log --oneline -5

Step 2: Identify Conversation-Related Changes

Review the current conversation to understand what task was performed and which files were modified as part of that task.

• Prioritize changes from the current conversation — files you edited or created during this session are the primary candidates for this commit
• Separate unrelated changes — if git status shows files that were NOT part of the current task, do NOT include them
• If ALL changes are from the current conversation, proceed normally
• If there is a mix, clearly tell the user which files you will stage and which you will skip (and why)

Step 3: Verify Before Committing

Skip this step if ANY of these conditions are true:

• .coding-friend/config.json has commit.verify: false
• Tests already ran and passed earlier in this conversation (e.g., from cf-verification after implementation)

Otherwise:

1. Run the test suite — all tests must pass
2. Run linter if configured — no new warnings
3. Run build if applicable — must succeed

If any check fails, fix the issue FIRST. Do not commit broken code.

Step 4: Stage & Scan

• Stage only files relevant to the current conversation's task
• Do NOT stage unrelated changes from other work
• Do NOT stage .env, credentials, or secrets
• Do NOT use git add . or git add -A

Secret scan — after staging, check for accidental secrets:

SECRETS=$(git diff --cached | grep -c -iE "(api[_-]?key|token|password|secret|private[_-]?key|credential)" || echo 0)

If SECRETS > 0:

1. Show matches with context: git diff --cached | grep -iE -C2 "(api[_-]?key|token|password|secret|private[_-]?key|credential)"
2. Review each match — variable names like getApiKey() or TOKEN_TYPE are OK, actual secret values are NOT
3. If real secrets found: unstage the file (git reset HEAD <file>), suggest adding to .gitignore
4. If all matches are false positives (code references, not actual secrets): proceed

Step 5: Write Commit Message

Follow conventional commits format:

<type>(<scope>): <subject>

<body - explain WHY, not WHAT>

Types: feat, fix, refactor, test, docs, chore, style, perf, ci

Rules:

• Subject line < 72 characters
• Body explains the motivation ("why"), not the mechanics ("what")
• If $ARGUMENTS is provided, use it as context for the message
• Reference issue numbers if applicable
• NEVER include AI/agent attribution (no "Co-Authored-By", "Generated by", "Claude", "Copilot", "AI-assisted", etc.)

Step 6: Commit

git commit -m "<message>"

Show the commit result to the user.