Tracking changes to hooks in .git/hooks

git githooks

Solution 1:

http://benjamin-meyer.blogspot.com/2008/10/git-hooks.html

Files in the .git/hooks directory are not part of the repository and so they are not tracked. A workaround is to have a git_hooks directory at the top of your repository like done in Arora and symlink .git/hooks to git_hooks whenever you clone. This way the hooks will be part of the project, under revision control and accessible to everyone.

Solution 2:

I realise this question is years old, but I feel this needs to be said for travellers like myself who wind up here: Hooks are not tracked by design! Brian's answer will work, but the deal with that is that you are effectively trusting everyone else you are working with to not put malicious code in the repository, which your hooks then execute without question; this is the very definition of a security hole.

Solution 3:

Reviving this old thread, you could have a separate version controlled directory which contains your hooks then use the git config core.hooksPath to target that directory.

Solution 4:

Modifying Brian's answer to take into account Philip's important point:

If you have any user with write access that creates a hook (say, post-commit) with '#!/bin/sh rm -rf ~' there goes your home directory. (Or maybe something more benign but still stupid.)

To protect against this, it would be best not to symlink the directory, but copy them manually to and from a git_hooks directory. Yes, you have to remember to manually copy theses files when you update them, but better than nothing, and still you don't give someone user-level access to commands on your machine.

UPDATE: As mentioned below, if you plan on changing your hooks a bunch, you could make a wrapper script which copies the files and then runs the commit. However automating a commit (with git add and inputting an automated message) is really messy. A better idea would be to have one of your hooks do the copy to this 'git_hooks' directory, before the commit. This way malicious user wouldn't be able to commit a file that will run on the next hook call.

Related

How do I just SAVE a jsFiddle and not get a new version
Is Android using NTP to sync time?
Difference between input-group and form-group
Accessing getters within Vuex mutations
Explain the proof by Vinay Deolalikar that P != NP [closed]
Is there any graph data structure implemented for C#
What is the difference between hash salting and noncing?
Why use returned instance after save() on Spring Data JPA Repository?
R Plotting confidence bands with ggplot
LANG=C is in a number of the /etc/init.d/* scripts. What does LANG=C do and why do you need to set LANG=C.
Is it necessary to reinstall your OS after adding more RAM?
Considerations about using multiple Wireless Access Points with the same channel and SSID