warengonzaga · warengonzaga · Feb 20, 2026 · Feb 18, 2026 · Feb 18, 2026 · Feb 18, 2026
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -50,3 +50,15 @@ jobs:
           max_attempts: 3
           timeout_minutes: 10
           command: bun test
+
+  package:
+    needs: test
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    uses: ./.github/workflows/package.yml
+    secrets: inherit
+
+  container:
+    needs: test
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    uses: ./.github/workflows/container.yml
+    secrets: inherit
diff --git a/.github/workflows/commit-lint.yml b/.github/workflows/commit-lint.yml
@@ -0,0 +1,61 @@
+name: Commit Lint
+
+on:
+  pull_request:
+    branches: [main, dev]
+  push:
+    branches: [main, dev]
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  lint-commits:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Validate commit messages
+        run: |
+          # Clean Commit convention pattern
+          # Format: <emoji> <type>[(<scope>)]: <description>
+          PATTERN='^(📦|🔧|🗑️|🔒|⚙️|☕|🧪|📖|🚀) (new|update|remove|security|setup|chore|test|docs|release)( \([a-z0-9][a-z0-9-]*\))?: .{1,72}$'
+
+          if [ "${{ github.event_name }}" = "pull_request" ]; then
+            COMMITS=$(git log --format="%s" "${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }}")
+          else
+            GITHUB_EVENT_BEFORE="${{ github.event.before }}"
+            GITHUB_EVENT_AFTER="${{ github.event.after }}"
+            if [ "$GITHUB_EVENT_BEFORE" = "0000000000000000000000000000000000000000" ]; then
+              # Initial push has no valid "before" SHA, so capture all reachable commits
+              COMMITS=$(git log --format="%s" "$GITHUB_EVENT_AFTER")
+            else
+              COMMITS=$(git log --format="%s" "${GITHUB_EVENT_BEFORE}..${GITHUB_EVENT_AFTER}")
+            fi
+          fi
+
+          FAILED=0
+          while IFS= read -r msg; do
+            [ -z "$msg" ] && continue
+            # Allow merge commits
+            if echo "$msg" | grep -qE "^Merge "; then
+              continue
+            fi
+            if ! echo "$msg" | grep -qP "$PATTERN"; then
+              echo "✖ Invalid commit message: $msg"
+              FAILED=1
+            else
+              echo "✔ Valid commit message: $msg"
+            fi
+          done <<< "$COMMITS"
+
+          if [ "$FAILED" -eq 1 ]; then
+            echo ""
+            echo "One or more commit messages do not follow the Clean Commit convention."
+            echo "Format: <emoji> <type>[(<scope>)]: <description>"
+            echo "Reference: https://github.com/wgtechlabs/clean-commit"
+            exit 1
+          fi
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
@@ -3,6 +3,8 @@ name: Container Build
 on:
   workflow_call:
   workflow_dispatch:
+  release:
+    types: [published]
 
 permissions:
   contents: read

diff --git a/.github/workflows/landing.yml b/.github/workflows/landing.yml
@@ -0,0 +1,49 @@
+name: Deploy Landing Page
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - 'src/landing/**'
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: pages
+  cancel-in-progress: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: oven-sh/setup-bun@v2
+        with:
+          bun-version: latest
+
+      - name: Install dependencies
+        run: bun install
+
+      - name: Build landing page
+        run: bun run --cwd src/landing build
+
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: src/landing/dist
+
+  deploy:
+    needs: build
+    runs-on: ubuntu-latest
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    steps:
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4
diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
@@ -8,6 +8,8 @@ on:
         description: 'Perform dry run without publishing'
         type: boolean
         default: true
+  release:
+    types: [published]
 
 permissions:
   contents: read
@@ -32,7 +34,7 @@ jobs:
         run: bun install --frozen-lockfile
 
       - name: Build & Publish Packages
-        uses: wgtechlabs/package-build-flow-action@v2.0.0
+        uses: wgtechlabs/package-build-flow-action@v2.0.1
         with:
           monorepo: 'true'
           workspace-detection: 'true'

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -8,8 +8,6 @@ on:
 
 permissions:
   contents: write
-  packages: write
-  security-events: write
   pull-requests: write
 
 jobs:
@@ -42,20 +40,8 @@ jobs:
             echo "changed=false" >> $GITHUB_OUTPUT
           fi
 
-  package:
-    needs: check-version
-    if: needs.check-version.outputs.changed == 'true'
-    uses: ./.github/workflows/package.yml
-    secrets: inherit
-
-  container:
-    needs: check-version
-    if: needs.check-version.outputs.changed == 'true'
-    uses: ./.github/workflows/container.yml
-    secrets: inherit
-
   release:
-    needs: [check-version, package, container]
+    needs: check-version
     if: needs.check-version.outputs.changed == 'true'
     runs-on: ubuntu-latest
     steps:

diff --git a/.husky/commit-msg b/.husky/commit-msg
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+bun "$(dirname "$0")/validate-commit-msg.mjs" "$1"
diff --git a/.husky/pre-commit b/.husky/pre-commit
@@ -0,0 +1 @@
+bun test --bail
diff --git a/.husky/validate-commit-msg.mjs b/.husky/validate-commit-msg.mjs
@@ -0,0 +1,52 @@
+import { readFileSync } from "fs";
+
+const msgFile = process.argv[2];
+if (!msgFile) {
+  console.error("Error: No commit message file path provided.");
+  process.exit(1);
+}
+let raw;
+try {
+  raw = readFileSync(msgFile, "utf8");
+} catch (err) {
+  console.error(
+    `Error: Could not read commit message file "${msgFile}": ${err.message}`,
+  );
+  process.exit(1);
+}
+const firstLine = raw.replace(/\r/g, "").split("\n")[0].trim();
+
+// Allow merge and revert commits
+if (/^Merge /.test(firstLine) || /^Revert /.test(firstLine)) process.exit(0);
+
+// Clean Commit convention pattern
+// Format: <emoji> <type>[(<scope>)]: <description>
+const pattern =
+  /^(📦|🔧|🗑\uFE0F?|🔒|⚙\uFE0F?|☕|🧪|📖|🚀) (new|update|remove|security|setup|chore|test|docs|release)( \([a-z0-9][a-z0-9-]*\))?: .{1,72}$/u;
+
+if (!pattern.test(firstLine)) {
+  console.error("");
+  console.error("✖ Invalid commit message format.");
+  console.error("");
+  console.error("  Expected: <emoji> <type>[(<scope>)]: <description>");
+  console.error("");
+  console.error("  Types and emojis:");
+  console.error("    📦 new      – new features, files, or capabilities");
+  console.error("    🔧 update   – changes, refactoring, improvements");
+  console.error("    🗑️  remove   – removing code, files, or dependencies");
+  console.error("    🔒 security – security fixes or patches");
+  console.error("    ⚙️  setup    – configs, CI/CD, tooling, build systems");
+  console.error("    ☕ chore    – maintenance, dependency updates");
+  console.error("    🧪 test     – adding or updating tests");
+  console.error("    📖 docs     – documentation changes");
+  console.error("    🚀 release  – version releases");
+  console.error("");
+  console.error("  Examples:");
+  console.error("    📦 new: user authentication system");
+  console.error("    🔧 update (api): improve error handling");
+  console.error("    ⚙️  setup (ci): configure github actions workflow");
+  console.error("");
+  console.error("  Reference: https://github.com/wgtechlabs/clean-commit");
+  console.error("");
+  process.exit(1);
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		#!/bin/sh

		bun "$(dirname "$0")/validate-commit-msg.mjs" "$1"