CodeClarityLab / Glossary
Ctrl K
← CodeClarityLab Home
Browse by Category
+ added · updated 7d
⚖ Terms of Use
← Back to glossary

Commit Message Best Practices

style Beginner

Also Known As

git commit message conventional commits commit style

TL;DR

Clear commit messages that explain why a change was made, not just what — enabling efficient git log navigation, automated changelog generation, and informed code archaeology.

Explanation

The seven rules of a good commit: (1) Separate subject from body with a blank line, (2) Limit subject to 50 chars, (3) Capitalise subject, (4) No period at end, (5) Use imperative mood ('Add' not 'Added'), (6) Wrap body at 72 chars, (7) Use the body to explain what and why, not how. Conventional Commits format (feat:, fix:, chore:) enables automated semantic versioning and changelog generation. git log --oneline should tell a story of the project's evolution.

Common Misconception

Commit messages are for the commit author — commit messages are primarily for future developers (and your future self) trying to understand why a change was made 18 months ago.

Why It Matters

Good commit messages turn git log into documentation — a well-written commit explaining why a security check was added prevents future developers from 'cleaning up' the code and reintroducing a vulnerability.

Common Mistakes

  • 'WIP', 'fix', 'update', 'misc' — meaningless; what work, what fix, what update?
  • Subject line > 72 characters — truncated in most git tools.
  • No body explaining the why — the diff shows what changed; the message should explain why.
  • Past tense ('Added feature') instead of imperative ('Add feature') — inconsistent with git's own messages.

Code Examples

✗ Vulnerable 
# Useless commit history:
git log --oneline
abc123 fix
def456 update
ghi789 WIP
jkl012 changes
# 6 months later: which commit introduced the security regression?
# No way to know without reading every diff
✓ Fixed 
# Conventional Commits — searchable, automatable:
git log --oneline
abc123 fix(auth): prevent session fixation after password reset
def456 feat(checkout): add Apple Pay support
ghi789 refactor(user): extract email validation to ValueObject
jkl012 security: rotate JWT signing key after exposure in logs

# Full commit with body:
fix(auth): prevent session fixation after password reset

Session was not regenerated after successful password reset,
allowing an attacker with a pre-existing session ID to take
over the account. Fixes CVE-2026-1234.

Closes #456
Added 16 Mar 2026
Edited 22 Mar 2026
Views 22

Curated in Warsaw under one editorial standard. 1,444 terms, single voice.  About this reference →

Rate this term
No ratings yet
🤖 AI Guestbook educational data only
| |
Last 30 days
1 ping W 0 pings T 0 pings F 1 ping S 0 pings S 1 ping M 0 pings T 0 pings W 0 pings T 0 pings F 0 pings S 1 ping S 0 pings M 0 pings T 0 pings W 1 ping T 0 pings F 2 pings S 0 pings S 0 pings M 0 pings T 0 pings W 0 pings T 0 pings F 1 ping S 0 pings S 0 pings M 1 ping T 0 pings W 0 pings T
Agents 0
No pings yet today
No pings yesterday
Perplexity 6 Amazonbot 5 Google 3 Unknown AI 3 Ahrefs 2
Also referenced
CHANGELOG — Keeping a Good One 34 Conventional Commits 23 Git Hooks 23 Semantic Versioning (SemVer) 16
How they use it
crawler 17 crawler_json 1 pre-tracking 1
Related categories
devops 1k style 992 git 415
DEV INTEL Tools & Severity
🟢 Low ⚙ Fix effort: Low
⚡ Quick Fix
Write commit messages as 'what and why', not 'what and how' — the diff shows what changed, the message should explain why it changed and what problem it solves
📦 Applies To
any web cli
🔗 Prerequisites
🔍 Detection Hints
Commit messages: 'fix stuff', 'WIP', 'asdf', 'minor changes'; no type prefix; body missing for complex changes
Auto-detectable: ✓ Yes commitlint husky git-hooks
⚠ Related Problems
🤖 AI Agent
Confidence: Medium False Positives: Medium ✗ Manual fix Fix: Low Context: File
✓ schema.org compliant