Tracking changes to hooks in .git/hooks

Solution 1:

http://benjamin-meyer.blogspot.com/2008/10/git-hooks.html

Files in the .git/hooks directory are not part of the repository and so they are not tracked. A workaround is to have a git_hooks directory at the top of your repository like done in Arora and symlink .git/hooks to git_hooks whenever you clone. This way the hooks will be part of the project, under revision control and accessible to everyone.

Solution 2:

I realise this question is years old, but I feel this needs to be said for travellers like myself who wind up here: Hooks are not tracked by design! Brian's answer will work, but the deal with that is that you are effectively trusting everyone else you are working with to not put malicious code in the repository, which your hooks then execute without question; this is the very definition of a security hole.

Solution 3:

Reviving this old thread, you could have a separate version controlled directory which contains your hooks then use the git config core.hooksPath to target that directory.

Solution 4:

Modifying Brian's answer to take into account Philip's important point:

If you have any user with write access that creates a hook (say, post-commit) with '#!/bin/sh rm -rf ~' there goes your home directory. (Or maybe something more benign but still stupid.)

To protect against this, it would be best not to symlink the directory, but copy them manually to and from a git_hooks directory. Yes, you have to remember to manually copy theses files when you update them, but better than nothing, and still you don't give someone user-level access to commands on your machine.

UPDATE: As mentioned below, if you plan on changing your hooks a bunch, you could make a wrapper script which copies the files and then runs the commit. However automating a commit (with git add and inputting an automated message) is really messy. A better idea would be to have one of your hooks do the copy to this 'git_hooks' directory, before the commit. This way malicious user wouldn't be able to commit a file that will run on the next hook call.