Skip to main content



Valid commit messages have the structure:

[product]\[type]([scope]/): #[issue-number] [title] // This is the commit title
// This blank line separates the commit title from the commit body
[body] // This is the commit body. It CAN have multiple lines
  • [variable] are required variables that must be replaced in a final commit message ([] symbols must be removed)
  • // Comment are comments that must be removed in a final commit message


The following rules must be met for a commit message to be valid:

  1. [product] variable has to be one of the following, depending on which folder of the repository you are working on:

    all         // Runs the CI for all components
    // in case you are modifying several components at once

    airs // Main Fluid Attacks website
    common // Infrastructure resources and utilities for all components
    docs // This documentation site
    integrates // Fluid Attacks platform
    observes // ETL suites to centralize information and enable analytics
    skims // Automatic vulnerability scanner
    sorts // Machine Learning tool to prioritize security analysis in Git

    If you are working on a file in the root of the repository, outside all of these folders, use common.

  2. [type] variable has to be one of the following:

    rever  // Revert to a previous commit in history
    feat // New feature
    perf // Improves performance
    fix // Bug fix
    refac // Neither fixes a bug or adds a feature
    test // Adding missing tests or correcting existing tests
    style // Do not affect the meaning of the code (formatting, etc)
    sol // Hacking solution only for writepus and training repo
  3. [scope] variable has to be one of the following:

    front  // Front-End change
    back // Back-End change
    infra // Infrastructure change
    conf // Configuration files change
    build // Build system, CI, compilers, etc (scons, webpack...)
    job // asynchronous or schedule tasks (backups, maintenance...)
    cross // Mix of two or more scopes
    doc // Documentation only changes
    vbd // Vulnerable by design hacking solution only for writeups repo
    code // Programming challenge solution only for training repo
    hack // ctf-hacking challenge solution only for training repo
  4. A Commit title must exist.

  5. A Commit title must not contain the ':' character.

  6. Commit title must have 60 characters or less.

  7. Commit title must be lower case.

  8. Commit title must not finish with a dot '.'.

  9. Commit title must reference an issue.

  10. Commit title must be meaningful. Avoid using things like feat(build)[integrates]: #5 feature.

  11. If commit title has sol type, it must reference issue #0.

  12. A blank line between commit title and commit body must exist.

  13. A commit body must exist.

  14. Lines in commit body must have 72 characters or less.

  15. If commit title has fix type and the fix comes from another commit, the body must reference the commit sha of the bug in the format - commit: $COMMIT_SHA (the full version of sha 40 with characters), If the fix is not related to a specific commit, use - commit: N/A instead.

Possible combinations

Below is a table explaining all the possible combinations between types and scopes for a commit message (Types are columns, scopes are rows):

frontRevert front-end to a previous versionAdd new feature to front-endImprove perf in front-endFix something in front-endChange something in front-endAdd tests for front-endChange front-end code style
backRevert back-end to a previous versionAdd new feature to back-endImprove perf in back-endFix something in back-endChange something in back-endAdd tests for back-endChange back-end code style
infraRevert infra to a previous versionAdd new feature to infraImprove perf in infraFix something in infraChange something in infraAdd tests for infraChange infra code style
confRevert config files to previous a versionAdd new feature to config filesNAFix something in config filesChange something in config filesNAChange config files code style
buildRevert building tools to previous a versionAdd new feature to building tools or add a new building toolImprove building perfFix something in building toolsChange something in building toolsAdd tests for building toolsChange building tools code style
jobRevert jobs to previous a versionAdd new feature to jobs or add a new jobImprove jobs perfFix something in jobsChange something in jobsAdd tests for jobsChange jobs code style
crossRevert several scopes to previous a versionAdd new feature for several scopesImprove perf in several system partsFix something in several system partsChange something in several system partsAdd tests for several system partsChange code style in several system parts
docRevert doc to a previous versionAdd new docNAFix something in docChange something in docNAChange doc style


  • perf is performance.
  • infra is infrastructure.
  • config is configuration.
  • doc is documentation.
  • NA is not applicable.


  • Try to itemize your commit body:

    - Add feature X in file Y
    - Run script Z
    - Remove file A with B purpose


Here is an example of a compliant commit message:

integrates\feat(build): #13 add type_check

- Add type_check function
- Remove unnecessary print_output function
free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.