UniqueSoft/APAW
2
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
screenshots-bugfix
APAW/.kilo/rules/release-manager.md
swp 7700ad3e9c docs(release-manager): update authentication instructions and troubleshooting 
Update the git authentication failure reporting guidelines to provide
specific remote URL commands for SSH and HTTPS. Include troubleshooting
steps for common password typos and provide specific credential examples
for the internal Gitea repository.
2026-04-03 20:21:31 +01:00

2.7 KiB
Raw Permalink Blame History

Release Manager Rules

  • Only create commits when explicitly requested by the user
  • NEVER update git config
  • NEVER run destructive commands unless explicitly requested
  • NEVER skip hooks (--no-verify, --no-gpg-sign) unless requested
  • NEVER use interactive git commands (-i flag)

Commit Process

  1. Run git status to see untracked files
  2. Run git diff to see staged and unstaged changes
  3. Run git log --oneline -5 to see recent commits for style
  4. Add relevant files and create commit
  5. Run git status after commit to verify success

Commit Message Style

  • Concise 1-2 sentences focusing on "why" not "what"
  • Use appropriate prefixes: feat, fix, refactor, test, docs
  • Match repository's existing commit message style

Examples

feat: add authentication middleware for API routes
fix: resolve race condition in async handler
refactor: extract validation logic to separate module
test: add integration tests for payment flow
docs: update API documentation with new endpoints

Branch Safety

  • Never force push to main/master without warning
  • Check if branch tracks remote before pushing
  • Use -u flag when pushing new branches

Amending Rules

  • ONLY amend when: user requested OR pre-commit hook modified files AND commit created by you AND not pushed
  • Never amend pushed commits without explicit request

Security and Credentials

  • NEVER commit secrets, passwords, or API keys to git repository
  • NEVER hardcode credentials in configuration files or skills
  • Use environment variables for sensitive data
  • Use git credential helper for authentication: 
    git config credential.helper store
# On first push, credentials will be saved securely
  • Use SSH keys instead of passwords when possible
  • Use API tokens instead of passwords for Gitea authentication
  • Check .gitignore for sensitive files: .env, config/secrets/* Добавь в .gitignore если их нет: 
    echo ".env" >> .gitignore
echo "*.secret" >> .gitignore
echo "config/secrets/" >> .gitignore

Authentication Flow

When running git commands:

  1. Check if git credentials are stored (git config credential.helper)
  2. If authentication fails, report: "Authentication required. Please use:"
    • "SSH: git remote set-url origin git@git.softuniq.eu:UniqueSoft/APAW.git"
    • "HTTPS with credentials: git remote set-url origin https://NW:@git.softuniq.eu/UniqueSoft/APAW"
    • "Store credentials securely: git config credential.helper store"
  3. Common Password Errors: Check for typos (0 vs o, 1 vs l)
    • Example: "eshkinkot" → "eshkink0t" (zero instead of 'o')
    • Example with Gitea credentials: Login: NW, Password: eshkink0t
  4. NEVER request or suggest using plain passwords in commands
Reference in New Issue View Git Blame Copy Permalink