Skip to content
Fluid Attacks Development Portal

Commit Message

Syntax

Valid commit messages have the structure:

[product/sub-product]\[type]([scope]/): #[issue-number] [title] // This is the commit title
               // This blank line separates the commit title from the commit body
[body]         // This is the commit body. It CAN have multiple lines
  • **[variable]** are required variables that must be replaced in a final commit message (**[]** symbols must be removed)
  • // Comment are comments that must be removed in a final commit message

Rules

The following rules must be met for a commit message to be valid:

  1. **[product/sub-product]** variable depends on the changes in your commit.

    The major products are as follows:

    all         // Runs the CI for all components, in case you are modifying several components at once
    airs        // Main Fluid Attacks website [https://fluidattacks.com](https://fluidattacks.com)
    common      // Infrastructure resources and utilities for all components
    integrates  // Fluid Attacks platform [https://app.fluidattacks.com](https://app.fluidattacks.com)
    observes    // ETL suites to centralize information and enable analytics
    skims       // Automatic vulnerability scanner
    sorts       // Machine Learning tool to prioritize security analysis in Git

    In addition to these, some products have a specific subset of sub-product possibilities to use. If the commit only changes files related to one of them, you are encouraged to use a specific sub-product pipeline.

    This is a list of each available sub-product:

    • Integrates: front, forces, retrieves.
    • Skims: cspm, sast, dast, apk.
    • Observes: code-etl, gitlab-etl, infra.

    If you are working on a file in the root of the repository, outside all of these folders, use common.

  2. **[type]** variable has to be one of the following:

    rever  // Revert to a previous commit in history
    feat   // New feature
    perf   // Improves performance
    fix    // Bug fix
    refac  // Neither fixes a bug or adds a feature
    rotate // only for secrets rotation commits
    test   // Adding missing tests or correcting existing tests
    style  // Do not affect the meaning of the code (formatting, etc)
    sol    // Hacking solution only for writepus and training repo

  3. **[scope]** variable has to be one of the following:

    front  // Front-End change
    back   // Back-End change
    infra  // Infrastructure change
    conf   // Configuration files change
    build  // Build system, CI, compilers, etc (scons, webpack...)
    job    // asynchronous or schedule tasks (backups, maintenance...)
    cross  // Mix of two or more scopes
    doc    // Documentation only changes
    vbd    // Vulnerable by design hacking solution only for writeups repo
    code   // Programming challenge solution only for training repo
    hack   // ctf-hacking challenge solution only for training repo

  4. A Commit title must exist.

  5. A Commit title must not contain the ’:’ character.

  6. Commit title must have 60 characters or less.

  7. Commit title must be lower case.

  8. Commit title must not finish with a dot ’.‘.

  9. Commit title must reference an issue.

  10. Commit title must be meaningful. Avoid using things like feat(build)[integrates]: #5 feature.

  11. If commit title has sol type, it must reference issue #0.

  12. A blank line between commit title and commit body must exist.

  13. A commit body must exist.

  14. Lines in commit body must have 72 characters or less.

Possible combinations

Below is a table explaining all the possible combinations between types and scopes for a commit message (Types are columns, scopes are rows):

reverfeatperffixrefacteststyle
frontRevert front-end to a previous versionAdd new feature to front-endImprove perf in front-endFix something in front-endChange something in front-endAdd tests for front-endChange front-end code style
backRevert back-end to a previous versionAdd new feature to back-endImprove perf in back-endFix something in back-endChange something in back-endAdd tests for back-endChange back-end code style
infraRevert infra to a previous versionAdd new feature to infraImprove perf in infraFix something in infraChange something in infraAdd tests for infraChange infra code style
confRevert config files to previous a versionAdd new feature to config filesNAFix something in config filesChange something in config filesNAChange config files code style
buildRevert building tools to previous a versionAdd new feature to building tools or add a new building toolImprove building perfFix something in building toolsChange something in building toolsAdd tests for building toolsChange building tools code style
jobRevert jobs to previous a versionAdd new feature to jobs or add a new jobImprove jobs perfFix something in jobsChange something in jobsAdd tests for jobsChange jobs code style
crossRevert several scopes to previous a versionAdd new feature for several scopesImprove perf in several system partsFix something in several system partsChange something in several system partsAdd tests for several system partsChange code style in several system parts
docRevert doc to a previous versionAdd new docNAFix something in docChange something in docNAChange doc style

Where:

  • perf is performance.
  • infra is infrastructure.
  • config is configuration.
  • doc is documentation.
  • NA is not applicable.

Recommendations

  • Try to itemize your commit body:

    - Add feature X in file Y
    - Run script Z
    - Remove file A with B purpose

Example

Here is an example of a compliant commit message:

integrates\feat(build): #13 add type_check


- Add type_check function
- Remove unnecessary print_output function

Merge requests

Differences with commit messages

Merge Request commits are like commit messages with only three differences:

  1. Merge Request [type] has to be the most relevant type of all its commits. The relevance list is:

    rever
    feat
    perf
    fix
    refac
    test
    style
    sol

    Where revert has the highest and sol the lowest relevance.

    For example, if your MR has one feat, one test and one style commit, the [type] of your MR must be feat.

  2. They can (not mandatory) implement a Closes #{issue-number} in their footer, which triggers the automatic closing of the referenced issue once the MR gets accepted

Merge Request example

Here is an example of a compliant Merge Request Message:

integrates\feat(build): #13 new checks to dangerfile


- Add type_check
- Add deltas_check
- Add commit_number check


Closes #13

Issue number 13 will be automatically closed once this MR is accepted due to the Closes #13 footer.

ETA Merge Request messages

When your Merge Request is related to one area/issue that has an enumerable universe, i.e, we know with considerable certainty how many MRs are necessary to complete it, then you should use the following ETA model as a Merge Request message:

- Speed: A [parts] / B [time unit] = A/B [parts]/[time unit]
- TODO: C [parts]
- ETA: C / (A/B) = C/(A/B) [time unit]

**[parts]** should be replaced for the aspect that allows to quantify the progress of the area, which can be a number of issues, cases, files, tasks, etc.

**[time unit]** should be replaced for an appropriate unit of time that will be used to estimate an ETA, for example days or weeks.

**B** is the units of time that has passed since you started addressing the issues of the area, **A** is the total number of **[parts]** that have been submitted in such **B** time and **C** is the total number of **[parts]** that we know will resolve the issues of the area.

ETA Merge Request message example:

- Speed: 4 issues / 2 days = 2 issues/day
- TODO: 10 issues
- ETA: 10 / 2 = 5 days