Git pre-receive hook

When you enable pre-receive hook for git repository:

It takes no arguments, but for each ref to be updated it receives on standard input a line of the format:

< old-value > SP < new-value > SP < ref-name > LF

where < old-value > is the old object name stored in the ref, < new-value > is the new object name to be stored in the ref and is the full name of the ref. When creating a new ref, < old-value > is 40 0.

Does anyone can explain me how do I examine all the files that will be changed in the repository if i allow this commit?

I'd like to run that files through some scripts to check syntax and so on.

Thanks.


Oddly, I had some code laying around from a git -> Wordpress utility that might help. The following will give you a list of all files changed in the receive, as well as their contents. No guarantees, may have bugs, may not be the most efficient way to do it, blah blah blah. Some of this code is based off stuff in gitshelve, which is a really great thing to look at for generic git manipulation.

import sys
import os
import subprocess

def git(args, **kwargs):
    environ = os.environ.copy()
    if 'repo' in kwargs:
        environ['GIT_DIR'] = kwargs['repo']
    if 'work' in kwargs:
        environ['GIT_WORK_TREE'] = kwargs['work']
    proc = subprocess.Popen(args, stdout=subprocess.PIPE, env=environ)
    return proc.communicate()

def get_changed_files(base, commit, **kw):
    (results, code) = git(('git', 'diff', '--numstat', "%s..%s" % (base, commit)), **kw)
    lines = results.split('\n')[:-1]
    return map(lambda x: x.split('\t')[2], lines)

def get_new_file(filename, commit):
    (results, code) = git(('git', 'show', '%s:%s' % (commit, filename)))
    return results

repo = os.getcwd()
basedir = os.path.join(repo, "..")

line = sys.stdin.read()
(base, commit, ref) = line.strip().split()
modified = get_changed_files(base, commit)

for fname in modified:
    print "=====", fname
    print get_new_file(fname, commit)

I just did this. Here's the basic flow I used.

In your pre-receive hook, read each line from stdin, which (as you mentioned) look like this:

oldref newref refname
  1. For each (oldref, newref) pair you need to list all the commits:

    git show --format=format:%H --quiet oldref..newref
    
  2. for each commit you need to list all the files:

    git diff --name-only commit^..commit
    
  3. to examine a file, use git show:

    git show commit:filepath
    

    do whatever checking of file contents here. If you want to notify the user of an issue, write to stderr

  4. after iterating all the refs, commits and files exit nonzero to reject the push, or zero to allow it

Note that this approach walks all the commits in order, so if a file is modified in several commits each version will get examined. If you wanted to only view each file in a push once, traverse the commits in reverse order instead, and just don't examine a given file twice. I recommend the first approach however so that all versions of pushed files are examined.


If you want to know the whether permissions of the files are changed in the local repository before pushing to remote repository, run git ls-tree -r commit, where commit is the SHA commit value of the local repository.

This command gives a list of files with their permissions, which can be parsed to check if the permission of a file is changed before pushing.