{"id":13529776,"url":"https://github.com/siderolabs/conform","last_synced_at":"2025-12-15T07:06:02.141Z","repository":{"id":38233207,"uuid":"93275422","full_name":"siderolabs/conform","owner":"siderolabs","description":"Policy enforcement for your pipelines.","archived":false,"fork":false,"pushed_at":"2025-04-01T03:43:23.000Z","size":17824,"stargazers_count":463,"open_issues_count":31,"forks_count":53,"subscribers_count":10,"default_branch":"main","last_synced_at":"2025-04-02T09:01:53.540Z","etag":null,"topics":["build-automation","docker","go"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/siderolabs.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-06-03T21:43:39.000Z","updated_at":"2025-03-26T20:54:15.000Z","dependencies_parsed_at":"2024-03-01T10:25:21.056Z","dependency_job_id":"c7a59deb-8e34-4332-87a3-e991a5af01b2","html_url":"https://github.com/siderolabs/conform","commit_stats":{"total_commits":175,"total_committers":27,"mean_commits":6.481481481481482,"dds":"0.29714285714285715","last_synced_commit":"a6572d2df58f1e526a0e0694c5bfd59b04b93e7e"},"previous_names":["autonomy/conform","talos-systems/conform"],"tags_count":31,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siderolabs%2Fconform","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siderolabs%2Fconform/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siderolabs%2Fconform/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siderolabs%2Fconform/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/siderolabs","download_url":"https://codeload.github.com/siderolabs/conform/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246785429,"owners_count":20833490,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["build-automation","docker","go"],"created_at":"2024-08-01T07:00:39.326Z","updated_at":"2025-12-15T07:05:57.084Z","avatar_url":"https://github.com/siderolabs.png","language":"Go","funding_links":[],"categories":["Go","Community Resources"],"sub_categories":["GitHub Tools and Management"],"readme":"\u003c!-- markdownlint-disable MD041 --\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ch1 align=\"center\"\u003eConform\u003c/h1\u003e\n  \u003cp align=\"center\"\u003ePolicy enforcement for your pipelines.\u003c/p\u003e\n  \u003cp align=\"center\"\u003e\n    \u003ca href=\"https://conventionalcommits.org\"\u003e\u003cimg alt=\"Conventional Commits\" src=\"https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg?style=flat-square\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://godoc.org/github.com/siderolabs/conform\"\u003e\u003cimg alt=\"GoDoc\" src=\"http://img.shields.io/badge/godoc-reference-blue.svg?style=flat-square\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://travis-ci.org/siderolabs/conform\"\u003e\u003cimg alt=\"Travis\" src=\"https://img.shields.io/travis/siderolabs/conform.svg?style=flat-square\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://codecov.io/gh/siderolabs/conform\"\u003e\u003cimg alt=\"Codecov\" src=\"https://img.shields.io/codecov/c/github/siderolabs/conform.svg?style=flat-square\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://goreportcard.com/report/github.com/siderolabs/conform\"\u003e\u003cimg alt=\"Go Report Card\" src=\"https://goreportcard.com/badge/github.com/siderolabs/conform?style=flat-square\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/siderolabs/conform/releases/latest\"\u003e\u003cimg alt=\"Release\" src=\"https://img.shields.io/github/release/siderolabs/conform.svg?style=flat-square\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/siderolabs/conform/releases/latest\"\u003e\u003cimg alt=\"GitHub (pre-)release\" src=\"https://img.shields.io/github/release/siderolabs/conform/all.svg?style=flat-square\"\u003e\u003c/a\u003e\n  \u003c/p\u003e\n\u003c/p\u003e\n\n---\n\n**Conform** is a tool for enforcing policies on your build pipelines.\n\nSome of the policies included are:\n\n- **Commits**: Enforce commit policies including:\n  - Commit message header length\n  - Developer Certificate of Origin\n  - GPG signature\n  - GPG signature identity check\n  - [Conventional Commits](https://www.conventionalcommits.org)\n  - Imperative mood\n  - Spell check\n  - Maximum of one commit ahead of `master`\n  - Require a commit body\n  - Jira issue check\n- **License Headers**: Enforce license headers on source code files.\n\n## Getting Started\n\nTo install conform you can download a [release](https://github.com/siderolabs/conform/releases), or build it locally (go must be installed):\n\n```bash\ngo install github.com/siderolabs/conform/cmd/conform@latest\n```\n\nThird option is to run it as a container:\n\n```bash\ndocker run --rm -it -v $PWD:/src:ro,Z -w /src ghcr.io/siderolabs/conform:v0.1.0-alpha.22 enforce\n```\n\nYou can also install conform with [aqua](https://aquaproj.github.io/).\n\n```bash\naqua g -i siderolabs/conform\n```\n\nNow, create a file named `.conform.yaml` with the following contents:\n\n```yaml\npolicies:\n  - type: commit\n    spec:\n      header:\n        length: 89\n        imperative: true\n        case: lower\n        invalidLastCharacters: .\n        jira:\n          keys:\n          - PROJ\n          - JIRA\n      body:\n        required: true\n      dco: true\n      gpg:\n        required: false\n        identity:\n          gitHubOrganization: some-organization\n      spellcheck:\n        locale: US\n      maximumOfOneCommit: true\n      conventional:\n        types:\n          - \"type\"\n        scopes:\n          - \"scope\"\n        descriptionLength: 72\n  - type: license\n    spec:\n      skipPaths:\n        - .git/\n        - .build*/\n      includeSuffixes:\n        - .ext\n      excludeSuffixes:\n        - .exclude-ext-prefix.ext\n      allowPrecedingComments: false\n      header: |\n        This is the contents of a license header.\n```\n\nIn the same directory, run:\n\n```bash\n$ conform enforce\nPOLICY         CHECK                        STATUS        MESSAGE\ncommit         Header Length                PASS          Header is 43 characters\ncommit         Imperative Mood              PASS          Commit begins with imperative verb\ncommit         Header Case                  PASS          Header case is valid\ncommit         Header Last Character        PASS          Header last character is valid\ncommit         DCO                          PASS          Developer Certificate of Origin was found\ncommit         GPG                          PASS          GPG signature found\ncommit         GPG Identity                 PASS          Signed by \"Someone \u003csomeone@example.com\u003e\"\ncommit         Conventional Commit          PASS          Commit message is a valid conventional commit\ncommit         Spellcheck                   PASS          Commit contains 0 misspellings\ncommit         Number of Commits            PASS          HEAD is 0 commit(s) ahead of refs/heads/master\ncommit         Commit Body                  PASS          Commit body is valid\nlicense        File Header                  PASS          All files have a valid license header\n```\n\nTo setup a `commit-msg` hook:\n\n```bash\ncat \u003c\u003cEOF | tee .git/hooks/commit-msg\n#!/bin/sh\n\nconform enforce --commit-msg-file \\$1\nEOF\nchmod +x .git/hooks/commit-msg\n```\n\nWe also provide a [Pre-Commit](https://pre-commit.com) hook that you can use as follows:\n\n```yaml\n# .pre-commit-config.yaml\nrepos:\n  - repo: https://github.com/siderolabs/conform\n    rev: main\n    hooks:\n      - id: conform\n        stages:\n          - commit-msg\n```\n\n### License\n\n[![license](https://img.shields.io/github/license/siderolabs/conform.svg?style=flat-square)](https://github.com/siderolabs/conform/blob/master/LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsiderolabs%2Fconform","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsiderolabs%2Fconform","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsiderolabs%2Fconform/lists"}