17

I would like to have some hooks always present in a clone of a given repository. Is there a way to add a file in .git/hooks in the repository?

Thanks

Improve this question

2 Answers 2

Reset to default
22

It is possible to define your own hooks in a git template, but even there, those hooks would be non-executable ones.

I.e. the user would still have to activate them (rename or activate the executable bit) once the repo is cloned.
That way, said user won't have any unwanted script executed without his/her full knowledge and explicit approval.
Doing otherwise would be too much of a security risk for anyone "blindly" cloning a repo.

Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

Sounds reasonable not to allow a repository to execute code in an open environment. That being said, in a contained environment (internal projects for my company) it could be useful. But scripts installing hooks would have to do.
I understand the previous comments, however installing and activating a hook sounds to me an advanced user action. In my case, which is a contained environment, I would like to ensure users write the branch name in the commit message, which is pretty simple with a hook. But it seems to me it won't be that simple to explain every user how to configure it, whereas having it in the git repo itself would simplify many things.
"too much of a security risk for anyone "blindly" cloning a repo." This is the answer? Really? I also could include something like "code execution" within my ANT or Maven configuration. This might even be more executed than the pre-commit hook for instance, it is just easier to see. "Blindly" doing something is always a risk.
@Adrian not sure I follow you. By "blindly", I refer to hooks coming from an repo you are cloning, and that would be automatically executed without you realizing they are there (because they are buried in .git/hooks, hence the "blind" qualifier). This has nothing to do with sources you get, examine and decide to run (or be run by your hook).
The commit restriction should only apply to public repos. There are a million reasons why a company/organization will want to have hooks in their repo.
|
5

Sounds like a security risk to me. Just because you clone some repository doesn't mean you want to give it the right to execute code.

You could put a copy of hooks into the versioned code and include some script file to allow the user to copy them to his hooks directory easily. And of course one you have hooks installed you can use them to keep themselves up-to-date.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.