From: Junio C Hamano <gitster@pobox.com>
To: Jakub Narebski <jnareb@gmail.com>
Cc: "Shawn O. Pearce" <spearce@spearce.org>, git@vger.kernel.org
Subject: Re: Git and securing a repository
Date: Thu, 03 Jan 2008 01:36:48 -0800 [thread overview]
Message-ID: <7vzlvns11r.fsf@gitster.siamese.dyndns.org> (raw)
In-Reply-To: <200801031011.29050.jnareb@gmail.com> (Jakub Narebski's message of "Thu, 3 Jan 2008 10:11:24 +0100")
Jakub Narebski <jnareb@gmail.com> writes:
> Shawn O. Pearce wrote:
>> Jakub Narebski <jnareb@gmail.com> wrote:
>
>> > AFAIK both update and pre-receive hooks are invoked also on fetch...
>> > but I might be mistaken.
>>
>> No, they are *not* invoked on fetch. Currently no hooks execute
>> during fetch; either on the server *or* on the client side of
>> the connection.
>
> Errr... I think at least post-update hook (the one with
> git-update-server-info by default) is invoked on fetch.
Please don't think then. Instead check your facts before
posting to avoid wasting bandwidth and people's time. The
post-update hook is run on the remote end when you push into it.
I do not particularly like hooks that act after an operation is
initiated locally and act solely on local data. This is maybe
because I still consider git tools building blocks suitable for
higher level scripting more than other people do.
There are five valid reasons you might want a hook to a git
operation:
(1) A hook that countermands the normal decision made by the
underlying command. Examples of this class are the update
hook and the pre-commit hook.
(2) A hook that operates on data generated after the command
starts to run. The ability to munge the commit log message
by the commit-msg hook is an example.
(3) A hook that operates on the remote end of the connection
that you may not otherwise have access to other than over
the git protocol. An example is the post-update hook.
(4) A hook that runs under a lock that is acquired by the
command for mutual exclusion. Currently there is no
example, but if we allowed the update hook to modify the
commit that was pushed through send-pack => receive-pack
pair, which was discussed on the list a while ago, it would
be a good example of this.
(5) A hook that is run differently depending on the outcome of
the command. The post-merge hook conditionally run by
git-pull is an example of this (it is not even run if no
merge takes place). Another example is the post-checkout
hook that gets information that is otherwise harder to get
(namely, if it was a branch checkout or file checkout --
you can figure it out by examining the command line but
that already is part of the processing git-checkout does
anyway, so no need to force duplicating that code in the
userland).
You cannot do an equivalent operation from outside the git
command for the above classes of operations. You need hooks
for them.
On the other hand, if you want to always cause an action after
running a git opeation locally, you do not have to have a hook.
You can just run them yourself, or have "git myfetch" wrapper
that does whatever you want after running "git fetch". Only
when the combination of the underlying command and something
else is widely useful, _and_ that something else needs
flexibility, a hook is warranted (if that something else is
always the same thing, it is better to fold that into the
underlying command).
next prev parent reply other threads:[~2008-01-03 9:37 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-02 7:13 Git and securing a repository Gonzalo Garramuño
2008-01-02 6:34 ` Felipe Balbi
2008-01-02 10:04 ` Gonzalo Garramuño
2008-01-02 9:26 ` David Symonds
2008-01-02 10:39 ` Gonzalo Garramuño
2008-01-02 10:51 ` Jakub Narebski
2008-01-03 3:58 ` Shawn O. Pearce
2008-01-03 4:30 ` Bruno Cesar Ribas
2008-01-03 5:36 ` Gonzalo Garramuño
2008-01-03 4:45 ` Shawn O. Pearce
2008-01-03 6:08 ` Gonzalo Garramuño
2008-01-03 5:19 ` Shawn O. Pearce
2008-01-03 9:11 ` Jakub Narebski
2008-01-03 9:36 ` Junio C Hamano [this message]
2008-01-02 19:31 ` Jan Hudec
2008-01-02 19:41 ` Gregory Jefferis
2008-01-02 22:17 ` Linus Torvalds
2008-01-02 16:18 ` Daniel Barkalow
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7vzlvns11r.fsf@gitster.siamese.dyndns.org \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=jnareb@gmail.com \
--cc=spearce@spearce.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).