Replace Husky with prek for pre-commit hooks

[Copilot]

Pull request

Proposed changes

This PR removes Husky-based pre-commit integration and migrates the repository to prek, aligned with the approach used in maehr/open-research-data-template.

What changed

• Added @j178/prek as a dev dependency in package.json.
• Added prepare script: prek install.
• Added .pre-commit-config.yaml with a local prettier-check hook:
  • entry: npm run check
  • language: system
  • stages: [pre-commit]
  • pass_filenames: false to avoid Prettier CLI argument conflicts.
• Updated README consistency section:
  • documents prek for pre-commit checks
  • keeps Commitizen documented for commit messages.
• Updated lockfile (pnpm-lock.yaml) to include the new dependency state.

Validation

• npm run check passes.
• npx @j178/prek run --all-files passes.

Types of changes

• New feature (non-breaking change which adds functionality).
• Enhancement (non-breaking change which enhances functionality)
• Bug Fix (non-breaking change which fixes an issue).
• Breaking change (fix or feature that would cause existing functionality to change).

Checklist

• I have read the README document.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

[maehr]

@copilot use prek https://github.com/j178/prek like https://github.com/maehr/open-research-data-template

[Copilot]

@copilot use prek https://github.com/j178/prek like https://github.com/maehr/open-research-data-template

Implemented in commit 651a134.

I switched the repo to prek like maehr/open-research-data-template:

• added @j178/prek and prepare: "prek install" in package.json
• added .pre-commit-config.yaml with a local pre-commit hook for npm run check
• updated README accordingly (prek for pre-commit checks, Commitizen for commit messages)
• updated lockfile and validated with npm run check and npx @j178/prek run --all-files.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• prek.j178.dev
  • Triggering command: /home/REDACTED/work/_temp/ghcca-node/node/bin/node /home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps /home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[Copilot]

Pull request overview

This PR replaces the Husky-based pre-commit hook integration with prek, a lightweight Node.js wrapper for the pre-commit framework. It removes Husky from the dev dependencies, adds @j178/prek, introduces a .pre-commit-config.yaml with a local Prettier check hook, and updates the README documentation accordingly.

Changes:

• Replaced husky with @j178/prek in package.json, updating the prepare lifecycle script from husky to prek install.
• Added .pre-commit-config.yaml defining a local prettier-check hook; deleted the .husky/pre-commit file.
• Updated README.md to reference prek for pre-commit checks and correctly attribute Commitizen for conventional commits enforcement; removed the now-redundant explicit npm run prepare instruction.

Reviewed changes

Copilot reviewed 4 out of 5 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
package.json	Swaps husky for @j178/prek, updates prepare script
.pre-commit-config.yaml	New file defining the Prettier pre-commit hook using prek
.husky/pre-commit	Deleted (replaced by .pre-commit-config.yaml)
README.md	Documents prek for pre-commit checks; Commitizen for commit messages
pnpm-lock.yaml	Lockfile updated to reflect the new/removed dependencies

Files not reviewed (1)

• pnpm-lock.yaml: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The pre-commit hook entry uses npm run check, but the repository uses pnpm as its package manager (evidenced by pnpm-lock.yaml). The previous .husky/pre-commit correctly used pnpm check. Using npm run check instead of pnpm run check (or simply pnpm check) is inconsistent with the project's package manager and may cause issues in environments where only pnpm is guaranteed to be available, or where there could be dependency resolution differences between npm and pnpm.

Suggested change

	entry: npm run check
	entry: pnpm check

[Copilot]

The @j178/prek package introduces axios (and its transitive dependencies: follow-redirects, form-data, proxy-from-env, axios-proxy-builder, etc.) as runtime dependencies. For a dev-only git hooks runner, this is a significant and unexpected supply chain dependency footprint. If prek needs to make HTTP calls (e.g., to download hooks), this may pose a security concern that is worth acknowledging. Consider whether this level of transitive dependency is acceptable given that the prior tool (husky) was essentially zero-dependency.

Suggested change

	"prepare": "prek install"
	},
	"devDependencies": {
	"@j178/prek": "^0.3.4",
	"commitizen": "^4.3.1",
	"cz-conventional-changelog": "^3.3.0",
	"prepare": "husky install"
	},
	"devDependencies": {
	"commitizen": "^4.3.1",
	"cz-conventional-changelog": "^3.3.0",
	"husky": "^9.1.6",