Updated on 2025-07-24 GMT+08:00

Configuring Commit Rules

Introduction

CodeArts Repo supports verification and restriction rules for high-quality code commits. This section describes how to configure project-level commit rules and use common regular expressions.

Before configuring commit rules, check Constraints.

If you have the configuration permission, you can set the same commit rules for all repositories in a project based on Table 1. When configuring rules, you can refer to Examples of Common Regular Expression.

Constraints

Project manager or project administrator can set project-level commit rules.

Configuring Project-Level Commit Rules

On the CodeArts Repo homepage, go to a project, and choose Settings > Policy Settings > Commit Rules.

If you want to set the same commit rules for all repositories in a project, set parameters based on Table 1 and select Force inherit.

Table 1 Commit rules description

Parameter

Description

Example Value

Reject non-signed-off-by commits

This function records the developer responsible for code modifications, confirming their verification and accountability for the submitted content. This is a transparent way to track contributors and safeguard the quality of contributions.

If this option is selected, only signed-off-by commits can be pushed to the repository.

Currently, the following two modes are supported:

  • Online:

When performing online commit in the CodeArts Repo, use the following format to compile and commit information:

commit message             # Enter the customized commit information.
                           # This is a blank line.
Signed-off-by: User-defined signature   # Enter the user-defined signature after Signed-off-by:
  • Git client

When committing code on the Git client, run the following command. -s indicates that the signature (Signed-off-by) is added to the commit message. You need to configure the signature and email address on the client in advance by referring to Related Operations.

git commit -s -m "<your_commit_message>"

Refer to the following example if this option is selected:

  • Online:

    When submitting a file online, you need to enter a commit message in the format shown in the following figure. Otherwise, an error message indicating non-signed-off commits will be rejected will be displayed.

  • Git client:

    Run the following command on the local Git client to submit the change to the version control system. The commit message is New File.

git commit -s -m "New File"

You can run the git show command to check the signature result.

Reject commits not signed by GPG

If this option is selected, only commits signed by GPG can be pushed to the repository. For details, see Configuring a GPG Public Key.

Git client signature mode:

When committing code on the Git client, you need to add the -S parameter, indicating that the GPG (GNU Privacy Guard) signature is used to verify the identity of the committer.

git commit -s -m "your commit message"

When using tags on the Git client, you need to add the -s parameter, indicating that the GPG signature is used to verify the authenticity of the tag.

git tag -s -m "your tag message"

After this option is selected, run the following command and the commit message is update readme.

git commit -S -m "update readme"

After the command is executed successfully, you'll be instructed to enter the password of the GPG key, as shown in the following figure.

As shown in the following figure, you can run the following command to view the GPG signature submission records.

Tags cannot be deleted

After this option is selected, tags cannot be deleted online or by running commands on the client.

After this option is selected, an error message indicating tags cannot be deleted is displayed when you delete any tag.

.

Prevent committing secrets

The confidential file names include id_rsa and id_dsa. After this option is selected, an error is reported if the name of a new file submitted online or locally contains rsa, id_rsa, dsa, or id_dsa.

After this option is selected, if the name of a new file is test_id_rsa, an error message indicating the file may contain sensitive information is displayed.

Prevent git push -f

Configure whether to use the git push -f command on the client to commit code.

It is recommended to enable this considering the git push -f command is used to push your local code repository to CodeArts Repo.

After this option is enabled, the following error message is displayed when you run the git push -f command locally:

"CodeArts Repo: You are not allowed to force push code to a protected branch on this repository."

If you want to set commit rules for a specified branch of a repository in a project, click Create Commit Rule. For details about the parameters, see Table 2.

Table 2 Parameters for commit rules

Parameter

Description

Example Value

Rule Name

Customize a rule name.

Test_Rule

Branch

Enter a complete rule name or create a regular expression. The input needs to be verified, including the branch name and regular expression.

Branch_* indicates that all branch names must start with Branch_.

Commit Rule

Optional.

  • Commit Message Match: This parameter is empty by default. If left blank, all messages can be committed. Every commit message that matches the regex can be committed. You can also set that the commit message (max. 500 characters) must contain the work item number to implement E2E code tracing.
  • Commit Message Negative Match: This parameter is empty by default. If left blank, all messages can be committed. Every commit message (max. 500 characters) that matches the regex provided will be rejected.
  • Commit Author: This parameter is left empty by default, indicating that the commit author is not verified, and any parameter can be committed. This field supports a maximum of 200 characters.

    The commit author can run the git config -l command to view the value of user.name and run the git config --global user.name command to set the value of user.name.

  • Commit Author's Email: This parameter is left empty by default, indicating that the commit author email is not verified, and any parameter can be committed. This field supports a maximum of 200 characters.

    The commit author can run the git config -l command to view the value of user.email and run the git config --global user.email command to set the email address.

  • Commit Message Match: \d+\..*. \d indicates any decimal digit. + indicates that \d can appear once or multiple times. . indicates any single character except the newline character. \. indicates matching .. That is, the regular expression matches a string that starts with one or more digits, followed by a period (.) and then any number of other characters (except newline characters). For example, the regular expression can match strings in the format of 123. and 456.abc. Only commit messages that meet this match rule can be submitted.
  • Commit Message Negative Match: Leave this parameter blank.
  • Commit Author: /([a-zA-Z]d){7}/, indicating that a string consisting of a letter followed by a digit has appeared for seven consecutive times. For example, a1b2c3d4e5f6g7d8 complies with the regular expression.
  • Commit Author's Email: @my-company.com$, indicating that any string ending with @my-company.com is matched. For example, Test@my-company.com complies with the regular expression.

For more regular expression rules, see Examples of Common Regular Expression.

Basic Attributes

Optional.

  • File Name That Cannot Be Changed: This parameter is left empty by default, indicating that a file with any name can be committed. You are advised to use standard regular expressions to match the file name. By default, the file path is verified based on the file name rule. This field supports a maximum of 2,000 characters.
  • Single File Size (MB): If the size of the added or updated file exceeds the default value, the push will be rejected. You can change the default value.
  • File Name That Cannot Be Changed: (\.jar|\.exe)$, indicating that any file name ending with .jar or .exe is matched.
  • Single File Size (MB): 50.

Binary Rules

Optional. To ensure repository performance, you are advised to select Do not allow new binary files (privileged users excepted).

This is not selected by default. Do not allow new binary files (privileged users excepted) is selected by default. After Allow changes to binary files (privileged users excepted) is selected, binary files in the modify state will not be intercepted and can be directly uploaded. Binary files can be deleted without binary check.

  • Do not allow new binary files (privileged users excepted)
  • Allow changes to binary files (privileged users excepted)
  • Repo File Whitelist (files that can be directly imported to the database. This field supports a maximum of 2,000 characters.)
  • Privileged Users (Max. 50 privileged users.) If a privileged user is no longer a repository member, an error message Failed to verify the privileged user is displayed when you click Save. Remove the privileged user who is not a repository member and save the settings.

Example: Select Do not allow new binary files (privileged users excepted).

Effective Date

Optional.

Before being committed, all commits created after the effective date must match the hook settings. If this parameter is left empty, all commits are checked regardless of the commit date.

Example: April 15, 2025

Examples of Common Regular Expression

Common regular expression examples are listed below.

Table 3 Examples

Rule

Example

Single a, b, or c

[abc]

Characters other than a, b, or c

[^abc]

Lowercase letters ranging from a to z

[a-z]

Characters outside the range of a to z

[^a-z]

Uppercase and lowercase letters in the range of a to z or A to Z

[a-zA-Z]

Any single character

.

Match a or b.

a|b

Any blank character

\s

Non-blank characters

\S

Arabic numeral characters

\d

Non-Arabic numeral characters

\D

Letters, digits, or underscores (_)

\w

Characters other than letters, digits, or underscores (_)

\W

Match the content in parentheses (not capture)

(?:...)

Match and capture the content in parentheses

(...)

No or one a

a?

No or more a's

a*

One or more a's

a+

Three a's

a{3}

More than three a's

a{3,}

3 to 6 a's

a{3,6}

Beginning of text

^

End of text

$

Word boundary

\b

Non-word boundary

\B

Line breaker

\n

Carriage return character

\r

Tab key

\t

Null string

\0

Managing Commit Rules

Click in the row where the target commit rule is located to view details, as shown in the following figure. Click to modify the rule and save it again. Click to delete the commit rule.

Figure 1 Commit rule details

Related Operations

  • Run the following command to configure a global username in Git:
git config --global user.name your name
  • Run the following command to set a global email address in Git:
git config --global user.email your email address