[Proposal] Clonable scripts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

As we all know the hooks ( in .git/hooks ) are not cloned along with
the code of a project.
Now this is a correct approach for the scripts that do stuff like
emailing the people responsible for releases or submitting the commit
to a CI system.

For several other things it makes a lot of sense to give the developer
immediate feedback. Things like the format of the commit message (i.e.
it must start with an issue tracker id) or compliance with a coding
standard.

Initially I wanted to propose introducing fully clonable (pre-commit)
hook scripts.
However I can imagine that a malicious opensource coder can create a
github repo and try to hack the computer of a contributer via those
scripts. So having such scripts is a 'bad idea'.

If those scripts were how ever written in a language that is build
into the git program and the script are run in such a way that they
can only interact with the files in the local git (and _nothing_
outside of that) this would be solved.

Also have a builtin scripting language also means that this would run
on all operating systems (yes, even Windows).

So I propose the following new feature:

1) A scripting language is put inside git. Perhaps a version of python
or ruby or go or ... (no need for a 'new' language)

2) If a project contains a folder called .githooks in the root of the
code base then the rules/scripts that are present there are executed
ONLY on the system doing the actual commit. These scripts are run in
such a limited way that they can only read the files in the
repository, they cannot do any networking/write to disk/etc and they
can only do a limited set op actions against the current operation at
hand (i.e. do checks, parse messages, etc).

3) For the regular hooks this language is also support and when
located in the (not cloned!) .git/hooks directory they are just as
powerful as a normal script (i.e. can control CI, send emails, etc.).

Like I said, this is just a proposal and I would like to know what you
guys think.

-- 
Best regards / Met vriendelijke groeten,

Niels Basjes
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]