CASE 163 · LICHEN · 2023
Style and secret violations that fail at commit, not at PR review.
A devtools company had a CI pipeline that caught linting violations, formatting issues, and committed secrets — but only after the developer had pushed and waited five minutes. We rolled out pre-commit hooks with the same checks running locally in under a second.
DevTools
PLATFORM
2023
RESULTS
What changed, by the numbers.
CI FAILURES (LINT/FORMAT)
−96%
COMMITTED SECRETS
0
PR REVIEW TIME
−18%
DEVELOPER FEEDBACK LOOP
< 1s
HOW IT WENT
The CI failures were a steady annoyance. About 12% of pushes failed on lint, formatting, or trivial-fix issues. Each failure cost five minutes of developer attention plus context switch. The team had drafted a precommit-hooks rollout three separate times without finishing it.
We shipped a `pre-commit-config.yaml` with the same checks the CI ran — Black for Python, Prettier for JS/TS, ESLint, Ruff, and Trufflehog for secrets. A repo-level setup hook installed it on `git clone`. The CI checks stayed in place as a backstop for anyone who skipped the hook.
CI failures from lint and format dropped 96%. Committed secrets dropped to zero — Trufflehog at commit catches secrets before they reach git history at all. PR review time fell 18% because reviewers stopped flagging style issues; the bot had already.
RELATED · SAME DOMAIN
Other engagements in this space.
READY WHEN YOU ARE
Let's get your AWS bill (and architecture) in order.
The discovery call is free. You walk away with at least one concrete idea — even if we never work together.