{"id":13676292,"url":"https://github.com/conventionalcommit/commitlint","last_synced_at":"2026-02-21T16:34:04.754Z","repository":{"id":43667980,"uuid":"393236633","full_name":"conventionalcommit/commitlint","owner":"conventionalcommit","description":"commitlint checks if your commit messages meets the conventional commit format","archived":false,"fork":false,"pushed_at":"2025-06-14T13:42:32.000Z","size":148,"stargazers_count":71,"open_issues_count":7,"forks_count":8,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-06-14T14:35:29.656Z","etag":null,"topics":["conventional-commit","conventional-commits","git","go","linter"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/conventionalcommit.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-08-06T03:29:13.000Z","updated_at":"2025-06-14T13:42:36.000Z","dependencies_parsed_at":"2024-01-14T14:31:12.995Z","dependency_job_id":"153ccbf4-501b-4467-a19f-98ead80f4696","html_url":"https://github.com/conventionalcommit/commitlint","commit_stats":null,"previous_names":[],"tags_count":13,"template":false,"template_full_name":null,"purl":"pkg:github/conventionalcommit/commitlint","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/conventionalcommit%2Fcommitlint","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/conventionalcommit%2Fcommitlint/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/conventionalcommit%2Fcommitlint/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/conventionalcommit%2Fcommitlint/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/conventionalcommit","download_url":"https://codeload.github.com/conventionalcommit/commitlint/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/conventionalcommit%2Fcommitlint/sbom","scorecard":{"id":303699,"data":{"date":"2025-08-11","repo":{"name":"github.com/conventionalcommit/commitlint","commit":"bf3d490c7a9b64db7694eb16f02ce86c711aa3d7"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.6,"checks":[{"name":"Code-Review","score":0,"reason":"Found 1/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":5,"reason":"6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/conventionalcommit/commitlint/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/conventionalcommit/commitlint/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/goreleaser.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/conventionalcommit/commitlint/goreleaser.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/goreleaser.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/conventionalcommit/commitlint/goreleaser.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/goreleaser.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/conventionalcommit/commitlint/goreleaser.yml/master?enable=pin","Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned","Info: 0 out of 1 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/go.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/goreleaser.yml:9","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.10.1 not signed: https://api.github.com/repos/conventionalcommit/commitlint/releases/91448092","Warn: release artifact v0.10.0 not signed: https://api.github.com/repos/conventionalcommit/commitlint/releases/73981663","Warn: release artifact v0.9.1 not signed: https://api.github.com/repos/conventionalcommit/commitlint/releases/72692300","Warn: release artifact v0.9.0 not signed: https://api.github.com/repos/conventionalcommit/commitlint/releases/72692060","Warn: release artifact v0.8.0 not signed: https://api.github.com/repos/conventionalcommit/commitlint/releases/61086979","Warn: release artifact v0.10.1 does not have provenance: https://api.github.com/repos/conventionalcommit/commitlint/releases/91448092","Warn: release artifact v0.10.0 does not have provenance: https://api.github.com/repos/conventionalcommit/commitlint/releases/73981663","Warn: release artifact v0.9.1 does not have provenance: https://api.github.com/repos/conventionalcommit/commitlint/releases/72692300","Warn: release artifact v0.9.0 does not have provenance: https://api.github.com/repos/conventionalcommit/commitlint/releases/72692060","Warn: release artifact v0.8.0 does not have provenance: https://api.github.com/repos/conventionalcommit/commitlint/releases/61086979"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 1 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T21:26:29.214Z","repository_id":43667980,"created_at":"2025-08-17T21:26:29.214Z","updated_at":"2025-08-17T21:26:29.214Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29686795,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-21T15:51:39.154Z","status":"ssl_error","status_checked_at":"2026-02-21T15:49:03.425Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["conventional-commit","conventional-commits","git","go","linter"],"created_at":"2024-08-02T13:00:21.941Z","updated_at":"2026-02-21T16:34:04.746Z","avatar_url":"https://github.com/conventionalcommit.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"[![PkgGoDev](https://pkg.go.dev/badge/github.com/conventionalcommit/commitlint)](https://pkg.go.dev/github.com/conventionalcommit/commitlint)\n\n# commitlint\n\ncommitlint checks if your commit message meets the [conventional commit format](https://www.conventionalcommits.org/en/v1.0.0/)\n\n```\n\u003ctype\u003e[optional scope]: \u003cdescription\u003e\n\n[optional body]\n\n[optional footer(s)]\n```\n\n- [Why Use Conventional Commits?](https://www.conventionalcommits.org/en/v1.0.0/#why-use-conventional-commits)\n\n### Table of Contents\n\n- [commitlint](#commitlint)\n - [Table of Contents](#table-of-contents)\n - [Installation](#installation)\n - [Releases](#releases)\n - [Using go](#using-go)\n - [Setup](#setup)\n - [Manual](#manual)\n - [Remove](#remove)\n - [Quick Test](#quick-test)\n - [Commands](#commands)\n - [config](#config)\n - [lint](#lint)\n - [Precedence](#precedence)\n - [Config](#config-1)\n - [Message](#message)\n - [hook](#hook)\n - [debug](#debug)\n - [Default Config](#default-config)\n - [Commit Types](#commit-types)\n - [Ignore Patterns](#ignore-patterns)\n - [Default Ignore Patterns](#default-ignore-patterns)\n - [Custom Ignore Patterns](#custom-ignore-patterns)\n - [Disabling Default Ignores](#disabling-default-ignores)\n - [Available Rules](#available-rules)\n - [Available Formatters](#available-formatters)\n - [Extensibility](#extensibility)\n - [FAQ](#faq)\n - [License](#license)\n\n## Installation\n\n### Releases\n\nDownload binary from [releases](https://github.com/conventionalcommit/commitlint/releases) and add it to your `PATH`\n\n### Using go\n\n```bash\ngo install github.com/conventionalcommit/commitlint@latest\n```\n\n## Setup\n\n- Enable for a single git repository, `cd` to repository directory\n\n```bash\ncommitlint init\n```\n\n- Enable globally for all git repositories\n\n```bash\ncommitlint init --global\n```\n\n- to customize hooks destination pass `--hookspath` with desired location\n\n```bash\ncommitlint init --hookspath /path/to/hooks\ncommitlint init --global --hookspath /path/to/hooks\n```\n\n### Manual\n\n- run `commitlint hook` to create `.commitlint/hooks` containing git hooks\n - pass `--hookspath` or `-p` to customize the hooks output path\n- To enable in single repo\n - run `git config core.hooksPath /path/to/.commitlint/hooks`\n- To enable globally\n - run `git config --global core.hooksPath /path/to/.commitlint/hooks`\n\n### Remove\n\n- To remove hooks from a single repository\n\n```bash\ncommitlint remove\n```\n\n- To remove hooks globally\n\n```bash\ncommitlint remove --global\n```\n\nBoth commands ask for confirmation before unsetting `core.hooksPath` in git config. Hook files are left intact.\n\n## Quick Test\n\n- Valid commit message\n\n```bash\necho \"feat: good commit message\" | commitlint lint\n# āœ” commit message\n```\n\n- Invalid commit message\n\n```bash\necho \"fear: do not fear for commit message\" | commitlint lint\n# āŒ type-enum: type 'fear' is not allowed, you can use one of [build chore ci docs feat fix merge perf refactor revert style test]\n```\n\n## Commands\n\n### config\n\n- To create a config file, run `commitlint config create`, this will create `.commitlint.yaml` with only the enabled rules and their settings (compact format)\n\n- To create a config file with **all** rules and settings written out (including disabled ones), run `commitlint config create --all`\n\n- To validate a config file, run `commitlint config check /path/to/conf.yaml`\n\n### lint\n\nTo lint a message, you can use any one of the following\n- run `commitlint lint --message=file`\n- run `echo \"message\" | commitlint lint`\n- run `commitlint lint \u003c file`\n\n#### Precedence\n\n`commitlint lint` follows below order for `config` and `message`\n\n##### Config\n\n- config file passed to `--config` command-line argument\n- `COMMITLINT_CONFIG` env variable\n- config file in current directory or git repo root in the below order\n - .commitlint.yml\n - .commitlint.yaml\n - commitlint.yml\n - commitlint.yaml\n- [default config](#default-config)\n\n##### Message\n\n- `stdin` pipe stream\n- commit message file passed to `--message` command-line argument\n- `.git/COMMIT_EDITMSG` in current directory\n\n### hook\n\n- To create hook files, run `commitlint hook`\n - pass `--hookspath` or `-p` to customize the hooks output directory\n - pass `--replace` or `-r` to overwrite existing hook files\n\n### debug\n\n To prints useful information for debugging commitlint\n\n run `commitlint debug`\n\n## Default Config\n\n```yaml\nmin-version: v0.11.0\nformatter: default\nrules:\n- header-min-length\n- header-max-length\n- body-max-line-length\n- footer-max-line-length\n- type-enum\nseverity:\n default: error\n rules: {}\nsettings:\n body-max-line-length:\n argument: 100\n flags: {}\n footer-max-line-length:\n argument: 100\n flags: {}\n header-max-length:\n argument: 72\n flags: {}\n header-min-length:\n argument: 10\n flags: {}\n type-enum:\n argument:\n - feat\n - fix\n - docs\n - style\n - refactor\n - perf\n - test\n - build\n - ci\n - chore\n - revert\n flags: {}\ndisable-default-ignores: false\nignores: []\n```\n\n### Commit Types\n\nCommonly used commit types from [Conventional Commit Types](https://github.com/commitizen/conventional-commit-types)\n\n| Type | Description |\n| :------- | :------------------------------------------------------------------------------- |\n| feat | A new feature |\n| fix | A bug fix |\n| docs | Documentation only changes |\n| style | Changes that do not affect the meaning of the code (white-space, formatting etc) |\n| refactor | A code change that neither fixes a bug nor adds a feature |\n| perf | A code change that improves performance |\n| test | Adding missing tests or correcting existing tests |\n| build | Changes that affect the build system or external dependencies |\n| ci | Changes to our CI configuration files and scripts |\n| chore | Other changes that don't modify src or test files |\n| revert | Reverts a previous commit |\n\n## Ignore Patterns\n\ncommitlint automatically skips linting for commit messages generated by git (merges, reverts, fixups, etc.).\nIf the **first line** of a commit message matches any ignore pattern, linting is skipped entirely.\n\n### Default Ignore Patterns\n\nThe following patterns are enabled by default\n(source: [`config/default.go`](config/default.go)):\n\n| Pattern | Matches |\n| :--- | :--- |\n| `^Merge pull request #\\d+` | GitHub pull request merges |\n| `^Merge .+ into .+` | Generic merge (X into Y) |\n| `^Merge branch '.+'` | `git merge` branch |\n| `^Merge tag '.+'` | `git merge` tag |\n| `^Merge remote-tracking branch '.+'` | `git merge` remote-tracking branch |\n| `^Merged .+ (in\\|into) .+` | Azure DevOps / Bitbucket merged |\n| `^Merged PR #?\\d+` | Azure DevOps pull request |\n| `^(R\\|r)evert ` | `git revert` |\n| `^(R\\|r)eapply ` | `git reapply` |\n| `^(amend\\|fixup\\|squash)! ` | `git commit --fixup/--squash/--amend` |\n| `^Automatic merge` | Automatic merges |\n| `^Auto-merged .+ into .+` | Auto-merged branches |\n| `^Initial commit$` | Initial commit (exact match) |\n\n### Custom Ignore Patterns\n\nAdd your own patterns in the config file under `ignores:`. User-defined patterns are\n**additive**, they are checked alongside the built-in defaults.\n\n```yaml\nignores:\n - \"^WIP \"\n - \"^TICKET-\\\\d+\"\n```\n\n### Disabling Default Ignores\n\nIf you want **only** your custom patterns (no built-in defaults), set `disable-default-ignores: true`:\n\n```yaml\ndisable-default-ignores: true\nignores:\n - \"^WIP \"\n```\n\n## Available Rules\n\nThe list of available lint rules\n\n| name | argument | flags | description |\n| ---------------------- | ------------------------ | ----------------- | --------------------------------------------- |\n| header-min-length | int | n/a | checks the min length of header (first line) |\n| header-max-length | int | n/a | checks the max length of header (first line) |\n| body-max-line-length | int | n/a | checks the max length of each line in body |\n| footer-max-line-length | int | n/a | checks the max length of each line in footer |\n| type-enum | []string | n/a | restrict type to given list of string |\n| scope-enum | []string | allow-empty: bool | restrict scope to given list of string |\n| footer-enum | []string | n/a | restrict footer token to given list of string |\n| type-min-length | int | n/a | checks the min length of type |\n| type-max-length | int | n/a | checks the max length of type |\n| scope-min-length | int | n/a | checks the min length of scope |\n| scope-max-length | int | n/a | checks the max length of scope |\n| description-min-length | int | n/a | checks the min length of description |\n| description-max-length | int | n/a | checks the max length of description |\n| body-min-length | int | n/a | checks the min length of body |\n| body-max-length | int | n/a | checks the max length of body |\n| footer-min-length | int | n/a | checks the min length of footer |\n| footer-max-length | int | n/a | checks the max length of footer |\n| type-charset | string | n/a | restricts type to given charset |\n| scope-charset | string | n/a | restricts scope to given charset |\n| footer-type-enum | []{token, types, values} | n/a | enforces footer notes for given type |\n\n## Available Formatters\n\n- default\n\n```\ncommitlint\n\nā†’ input: \"fear: do not fear for ...\"\n\nErrors:\n āŒ type-enum: type 'fear' is not allowed, you can use one of [build chore ci docs feat fix perf refactor revert style test]\n\nTotal 1 errors, 0 warnings, 0 other severities\n```\n\n- JSON\n\n```json\n{\"input\":\"fear: do not fear for commit message\",\"issues\":[{\"description\":\"type 'fear' is not allowed, you can use one of [build chore ci docs feat fix perf refactor revert style test]\",\"name\":\"type-enum\",\"severity\":\"error\"}]}\n```\n\n## Extensibility\n\n## FAQ\n\n- How to have custom config for each repository?\n\n Place `.commitlint.yaml` file in repo root directory. linter follows [config precedence](#precedence).\n\n To create a sample config, run `commitlint config create` (or `commitlint config create --all` to include all available settings)\n\n- How can I skip lint check for a commit?\n\n use `--no-verify` flag with `git commit` which skips commit hooks\n\n- How does commitlint handle merge / revert commits?\n\n commitlint ships with [built-in ignore patterns](#default-ignore-patterns) that\n automatically skip linting for merge commits, reverts, fixups, squashes, and other\n git-generated messages. You can add your own patterns with the `ignores` config key,\n or disable the defaults with `disable-default-ignores: true`.\n\n- Can I use the old `version` config key?\n\n Yes. The `version` key is still accepted for backward compatibility, but new config\n files should use `min-version` instead.\n\n## License\n\nAll packages are licensed under [MIT License](LICENSE.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fconventionalcommit%2Fcommitlint","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fconventionalcommit%2Fcommitlint","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fconventionalcommit%2Fcommitlint/lists"}