From 6e9f2d43c0d9a23004b988d13323c1e26d3dba92 Mon Sep 17 00:00:00 2001
From: Matthew DeGuzman <matthew.deguzman@datadoghq.com>
Date: Wed, 18 Mar 2026 14:33:38 -0400
Subject: [PATCH 1/3] chore: format files and add Makefile directive

---
 AGENTS.md                          |  3 +-
 Makefile                           |  5 ++-
 allowedsymbols/symbols_internal.go | 64 +++++++++++++++---------------
 3 files changed, 38 insertions(+), 34 deletions(-)

diff --git a/AGENTS.md b/AGENTS.md
index 5ba13e38..b66405a2 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -18,7 +18,8 @@ The shell is supported on Linux, Windows and macOS.
 
 ## Code Style
 
-- **All Go files must be formatted with `gofmt` before committing.** Run `gofmt -w .` from the repo root and verify with `gofmt -l .` (no output means clean). CI enforces this and will fail if any file is not properly formatted.
+- **IMPORTANT: Always run `make fmt` after making any edits.** This is a mandatory step — no exceptions. CI will reject unformatted code. Run it after every change, before committing, and before running tests. Do not skip this step.
+- All Go files must be formatted with `gofmt` before committing. `make fmt` handles this automatically. You can verify with `gofmt -l .` (no output means clean).
 
 ## Pull Requests
 
diff --git a/Makefile b/Makefile
index bd56f052..f3a15812 100644
--- a/Makefile
+++ b/Makefile
@@ -1,8 +1,11 @@
-.PHONY: build test test_all test_against_bash compliance
+.PHONY: build fmt test test_all test_against_bash compliance
 
 build:
 	go build -o rshell ./cmd/rshell
 
+fmt:
+	go fmt ./...
+
 test:
 	go test -v -race ./...
 
diff --git a/allowedsymbols/symbols_internal.go b/allowedsymbols/symbols_internal.go
index 3a038475..cbef7a74 100644
--- a/allowedsymbols/symbols_internal.go
+++ b/allowedsymbols/symbols_internal.go
@@ -14,41 +14,41 @@ var internalPerPackageSymbols = map[string][]string{
 	},
 	"procinfo": {
 		"bufio.NewScanner",                      // line-by-line reading of /proc files; no write capability.
-		"bytes.NewReader",                        // wraps a byte slice as an in-memory io.Reader; no I/O side effects.
-		"context.Context",                        // deadline/cancellation interface; no side effects.
-		"errors.New",                             // creates a sentinel error (unsupported-platform stub); pure function, no I/O.
-		"fmt.Errorf",                             // error formatting; pure function, no I/O.
-		"fmt.Sprintf",                            // string formatting; pure function, no I/O.
-		"os.Getpid",                              // returns the current process ID; read-only, no side effects.
-		"os.Open",                                // opens a file read-only; needed to stream /proc/stat line-by-line.
-		"os.ReadDir",                             // reads a directory listing; needed to enumerate /proc entries.
-		"os.ReadFile",                            // reads a whole file; needed to read /proc/[pid]/{stat,cmdline,status}.
-		"strconv.Atoi",                           // string-to-int conversion; pure function, no I/O.
-		"strconv.ParseInt",                       // string to int64 with base/bit-size; pure function, no I/O.
-		"strings.Fields",                         // splits a string on whitespace; pure function, no I/O.
-		"strings.HasPrefix",                      // checks string prefix; pure function, no I/O.
-		"strings.Index",                          // finds first occurrence of a substring; pure function, no I/O.
-		"strings.LastIndex",                      // finds last occurrence of a substring; pure function, no I/O.
-		"strings.TrimRight",                      // trims trailing characters; pure function, no I/O.
-		"strings.TrimSpace",                      // removes leading/trailing whitespace; pure function, no I/O.
-		"syscall.Getsid",                         // returns the session ID of a process; read-only syscall, no write/exec.
-		"time.Now",                               // returns the current wall-clock time; read-only, no side effects.
-		"time.Unix",                              // constructs a Time from Unix seconds; pure function, no I/O.
-		"golang.org/x/sys/unix.KinfoProc",        // (darwin) struct type carrying per-process kinfo_proc data from sysctl; read-only data, no exec capability.
-		"golang.org/x/sys/unix.SysctlKinfoProc",  // (darwin) reads a single process's kinfo_proc via kern.proc.pid sysctl; read-only, no exec or write capability.
-		"golang.org/x/sys/unix.SysctlKinfoProcSlice",       // (darwin) reads all processes' kinfo_proc via kern.proc.all sysctl; read-only, no exec or write capability.
-		"golang.org/x/sys/unix.SysctlRaw",                  // (darwin) reads raw kern.procargs2 sysctl buffer per-PID to obtain argv; read-only, no exec capability.
-		"golang.org/x/sys/windows.CloseHandle",             // (windows) closes a process-snapshot handle after enumeration; no data read or exec capability.
+		"bytes.NewReader",                       // wraps a byte slice as an in-memory io.Reader; no I/O side effects.
+		"context.Context",                       // deadline/cancellation interface; no side effects.
+		"errors.New",                            // creates a sentinel error (unsupported-platform stub); pure function, no I/O.
+		"fmt.Errorf",                            // error formatting; pure function, no I/O.
+		"fmt.Sprintf",                           // string formatting; pure function, no I/O.
+		"os.Getpid",                             // returns the current process ID; read-only, no side effects.
+		"os.Open",                               // opens a file read-only; needed to stream /proc/stat line-by-line.
+		"os.ReadDir",                            // reads a directory listing; needed to enumerate /proc entries.
+		"os.ReadFile",                           // reads a whole file; needed to read /proc/[pid]/{stat,cmdline,status}.
+		"strconv.Atoi",                          // string-to-int conversion; pure function, no I/O.
+		"strconv.ParseInt",                      // string to int64 with base/bit-size; pure function, no I/O.
+		"strings.Fields",                        // splits a string on whitespace; pure function, no I/O.
+		"strings.HasPrefix",                     // checks string prefix; pure function, no I/O.
+		"strings.Index",                         // finds first occurrence of a substring; pure function, no I/O.
+		"strings.LastIndex",                     // finds last occurrence of a substring; pure function, no I/O.
+		"strings.TrimRight",                     // trims trailing characters; pure function, no I/O.
+		"strings.TrimSpace",                     // removes leading/trailing whitespace; pure function, no I/O.
+		"syscall.Getsid",                        // returns the session ID of a process; read-only syscall, no write/exec.
+		"time.Now",                              // returns the current wall-clock time; read-only, no side effects.
+		"time.Unix",                             // constructs a Time from Unix seconds; pure function, no I/O.
+		"golang.org/x/sys/unix.KinfoProc",       // (darwin) struct type carrying per-process kinfo_proc data from sysctl; read-only data, no exec capability.
+		"golang.org/x/sys/unix.SysctlKinfoProc", // (darwin) reads a single process's kinfo_proc via kern.proc.pid sysctl; read-only, no exec or write capability.
+		"golang.org/x/sys/unix.SysctlKinfoProcSlice",        // (darwin) reads all processes' kinfo_proc via kern.proc.all sysctl; read-only, no exec or write capability.
+		"golang.org/x/sys/unix.SysctlRaw",                   // (darwin) reads raw kern.procargs2 sysctl buffer per-PID to obtain argv; read-only, no exec capability.
+		"golang.org/x/sys/windows.CloseHandle",              // (windows) closes a process-snapshot handle after enumeration; no data read or exec capability.
 		"golang.org/x/sys/windows.CreateToolhelp32Snapshot", // (windows) creates a read-only snapshot of the process table; no exec or write capability.
-		"golang.org/x/sys/windows.ERROR_NO_MORE_FILES",     // (windows) sentinel error indicating end of process enumeration; pure constant.
-		"golang.org/x/sys/windows.Process32First",          // (windows) reads the first entry from a process snapshot; read-only, no exec capability.
-		"golang.org/x/sys/windows.Process32Next",           // (windows) advances to the next entry in a process snapshot; read-only, no exec capability.
-		"golang.org/x/sys/windows.ProcessEntry32",          // (windows) struct type holding process snapshot entry data; pure data type, no I/O.
-		"golang.org/x/sys/windows.TH32CS_SNAPPROCESS",      // (windows) flag constant selecting process entries for CreateToolhelp32Snapshot; pure constant.
-		"golang.org/x/sys/windows.UTF16ToString",           // (windows) converts a null-terminated UTF-16 slice to a Go string; pure function, no I/O.
+		"golang.org/x/sys/windows.ERROR_NO_MORE_FILES",      // (windows) sentinel error indicating end of process enumeration; pure constant.
+		"golang.org/x/sys/windows.Process32First",           // (windows) reads the first entry from a process snapshot; read-only, no exec capability.
+		"golang.org/x/sys/windows.Process32Next",            // (windows) advances to the next entry in a process snapshot; read-only, no exec capability.
+		"golang.org/x/sys/windows.ProcessEntry32",           // (windows) struct type holding process snapshot entry data; pure data type, no I/O.
+		"golang.org/x/sys/windows.TH32CS_SNAPPROCESS",       // (windows) flag constant selecting process entries for CreateToolhelp32Snapshot; pure constant.
+		"golang.org/x/sys/windows.UTF16ToString",            // (windows) converts a null-terminated UTF-16 slice to a Go string; pure function, no I/O.
 	},
 	"winnet": {
-		"encoding/binary.BigEndian",   // reads big-endian IPv6 group values from DLL buffer; pure value, no I/O.
+		"encoding/binary.BigEndian",    // reads big-endian IPv6 group values from DLL buffer; pure value, no I/O.
 		"encoding/binary.LittleEndian", // reads little-endian DWORD fields from DLL buffer; pure value, no I/O.
 		"errors.New",                   // creates a sentinel error (non-Windows stub); pure function, no I/O.
 		"fmt.Errorf",                   // error formatting; pure function, no I/O.

From 1b5b46ae040442fc0b13ef749c2166373fded2b9 Mon Sep 17 00:00:00 2001
From: Matthew DeGuzman <matthew.deguzman@datadoghq.com>
Date: Wed, 18 Mar 2026 14:52:25 -0400
Subject: [PATCH 2/3] chore: add pre-push hook to enforce Go formatting

Adds a pre-push hook that checks all Go files are properly formatted
before allowing a push. Works out of the box via dd-git-hooks
global hooks infrastructure.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 hooks/pre-push | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100755 hooks/pre-push

diff --git a/hooks/pre-push b/hooks/pre-push
new file mode 100755
index 00000000..4ee96e82
--- /dev/null
+++ b/hooks/pre-push
@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+# Check that all Go files are properly formatted.
+# Runs on pre-push to prevent unformatted code from reaching the remote.
+
+unformatted=$(gofmt -l . 2>/dev/null)
+
+if [[ -n "$unformatted" ]]; then
+  echo "❌ The following files are not formatted:" >&2
+  echo "$unformatted" >&2
+  echo "" >&2
+  echo "Run 'make fmt' to fix formatting, then commit and push again." >&2
+  exit 1
+fi

From 0e100747672915ec640640941b46a9010a62fbb1 Mon Sep 17 00:00:00 2001
From: Matthew DeGuzman <matthew.deguzman@datadoghq.com>
Date: Wed, 18 Mar 2026 14:53:24 -0400
Subject: [PATCH 3/3] chore: add log message to pre-push formatting check

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 hooks/pre-push | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hooks/pre-push b/hooks/pre-push
index 4ee96e82..9948c6e5 100755
--- a/hooks/pre-push
+++ b/hooks/pre-push
@@ -5,6 +5,7 @@ set -euo pipefail
 # Check that all Go files are properly formatted.
 # Runs on pre-push to prevent unformatted code from reaching the remote.
 
+echo "Checking for unformatted Go files..."
 unformatted=$(gofmt -l . 2>/dev/null)
 
 if [[ -n "$unformatted" ]]; then