# quality-gate > Validate code quality before merge. Runs tests, coverage, linting, type checking, and security scans. Blocks merge if thresholds not met. Use before any PR merge. - Author: Boudy de Geer - Repository: boudydegeer/scrum-claude - Version: 20251222052721 - Stars: 0 - Forks: 0 - Last Updated: 2026-02-07 - Source: https://github.com/boudydegeer/scrum-claude - Web: https://mule.run/skillshub/@@boudydegeer/scrum-claude~quality-gate:20251222052721 --- --- name: quality-gate description: Validate code quality before merge. Runs tests, coverage, linting, type checking, and security scans. Blocks merge if thresholds not met. Use before any PR merge. --- # Quality Gate Skill ## Overview Enforce quality standards before code can be merged. Acts as an automated gatekeeper that ensures all code meets project standards. ## When to Use - Before merging any PR - After implementing a task - As part of execute-sprint-flow ## Configuration Quality thresholds are defined in `.scrum-claude.json`: ```json { "qualityGates": { "minCoverage": 80, "maxComplexity": 10, "requiredChecks": ["tests", "lint", "types", "security"], "allowWarnings": false } } ``` ## Pipeline Stages ### Stage 1: Tests ```bash npm test # OR: pytest, go test, etc. ``` **Pass criteria:** All tests pass **Output:** Test count, passed, failed, skipped ### Stage 2: Coverage ```bash npm run test:coverage # Check: coverage >= minCoverage ``` **Pass criteria:** Coverage >= threshold (default 80%) **Output:** Line coverage %, branch coverage % ### Stage 3: Linting ```bash npm run lint # OR: eslint, ruff, golint, etc. ``` **Pass criteria:** No errors (warnings allowed if configured) **Output:** Error count, warning count **Auto-fix attempt:** ```bash npm run lint -- --fix ``` ### Stage 4: Type Checking ```bash npm run typecheck # OR: tsc --noEmit, mypy, etc. ``` **Pass criteria:** No type errors **Output:** Error count by file ### Stage 5: Security Scan ```bash npm audit # OR: safety check, gosec, etc. ``` **Pass criteria:** No high/critical vulnerabilities **Output:** Vulnerability count by severity ## Results Format ``` ┌─────────────────────────────────────────────────────────┐ │ QUALITY GATE RESULTS │ ├─────────────────────────────────────────────────────────┤ │ Stage │ Status │ Details │ │ ─────────────┼────────┼────────────────────────────── │ │ Tests │ ✅ PASS │ 45/45 passed │ │ Coverage │ ✅ PASS │ 87% (threshold: 80%) │ │ Lint │ ⚠️ WARN │ 0 errors, 3 warnings │ │ Types │ ✅ PASS │ No errors │ │ Security │ ✅ PASS │ No vulnerabilities │ ├─────────────────────────────────────────────────────────┤ │ OVERALL: ✅ PASS │ └─────────────────────────────────────────────────────────┘ ``` ## Decision Logic ``` IF all stages PASS: → Return PASS, allow merge IF any stage has warnings AND allowWarnings=true: → Return PASS with warnings IF any stage FAIL: → Return FAIL → Provide fix suggestions → Block merge ``` ## Fix Suggestions When a stage fails, provide actionable suggestions: | Stage | Failure | Suggestion | |-------|---------|------------| | Tests | 3 failed | "Review failing tests: test_auth.py:45, test_api.py:89" | | Coverage | 72% | "Add tests for: src/utils/parser.ts (0% coverage)" | | Lint | 5 errors | "Run `npm run lint -- --fix` to auto-fix" | | Types | 2 errors | "Fix type errors in: src/handlers/user.ts:23" | | Security | 1 high | "Update package 'lodash' to >= 4.17.21" | ## Integration with Approval If quality gate fails and cannot be auto-fixed: ``` Use approval-request skill: type: "override" context: Quality gate failure details options: [Approve Override, Reject, Defer] ``` ## Bypassing (Emergency Only) ```bash # Only with explicit human approval /agile:execute --skip-quality-gate --reason "hotfix for production" ``` All bypasses are logged.