Environment
- ggshield version:
1.44.1
- Operating system (Linux, macOS, Windows):
Ubuntu
- Operating system version:
24.04 LTS
- Python version:
3.14.0
Describe the bug
Versioning Git Hooks is a very common practice and as it's not provided out of the box by git, people very often use the tool Husky :
Unfortunately ggshield install isn't compatible with Husky.
Steps to reproduce:
# Using standard GitHook
$echo "echo '[global pre-commit] Start'" > $HOME/.git/hooks/pre-commit
$ggshield install --mode global --append
pre-commit successfully added in $HOME/.git/hooks/pre-commit
$echo "echo '[global pre-commit] End'" >> $HOME/.git/hooks/pre-commit
$cat $HOME/.git/hooks/pre-commit
$mkdir -p /tmp/test && cd /tmp/test
$git init .
Dépôt Git vide initialisé dans /tmp/test/.git/
$echo "echo '[local pre-commit] Start'" > .git/hooks/pre-commit
$chmod +x .git/hooks/pre-commit
$echo toto > toto && git add toto && git commit -m test
[global pre-commit] Start
[local pre-commit] Start
Scanning... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 1 / 1
No secrets have been found
[global pre-commit] End
[master (commit racine) 5469dad] test
1 file changed, 1 insertion(+)
create mode 100644 toto
# Using Husky
$mkdir -p /tmp/test1 && cd /tmp/test1
$git init
Dépôt Git vide initialisé dans /tmp/test1/.git/
$npm install --save-dev husky
added 1 package in 373ms
1 package is looking for funding
run `npm fund` for details
$npx husky init
$git config --get --local core.hooksPath
.husky/_
$echo "echo '[local pre-commit] Start using Husky'" > .husky/pre-commit
$echo toto > toto && git add toto && git commit -m test
[local pre-commit] Start using Husky
[master (commit racine) e69ec63] test
1 file changed, 1 insertion(+)
create mode 100644 toto
# Trying with local mode
$ggshield install --mode local
pre-commit successfully added in .git/hooks/pre-commit
$echo toto1 > toto1 && git add toto1 && git commit -m test
[local pre-commit] Start using Husky
[master b466b22] test
1 file changed, 1 insertion(+)
create mode 100644 toto1
Actual result:
[local pre-commit] Start using Husky
[master (commit racine) d2beabd] test
1 file changed, 1 insertion(+)
create mode 100644 toto
Expected result:
[global pre-commit] Start
[local pre-commit] Start using Husky
Scanning... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 1 / 1
No secrets have been found
[global pre-commit] End
[master (commit racine) 5469dad] test
1 file changed, 1 insertion(+)
create mode 100644 toto
Ideas
I think ggshield install --mode local should detect Husky-configured repos (where git config --get --local core.hooksPath outputs .husky/_) and automatically install into .husky/pre-commit rather than .git/hooks/pre-commit.
Improving ggshield install --mode global is more challenging because when Husky sets core.hooksPath locally, it completely overrides the global hooks path, preventing global hooks from ever being executed.
Environment
1.44.1Ubuntu24.04 LTS3.14.0Describe the bug
Versioning Git Hooks is a very common practice and as it's not provided out of the box by
git, people very often use the toolHusky:Unfortunately
ggshield installisn't compatible with Husky.Steps to reproduce:
Actual result:
Expected result:
Ideas
I think
ggshield install --mode localshould detect Husky-configured repos (wheregit config --get --local core.hooksPathoutputs.husky/_) and automatically install into.husky/pre-commitrather than.git/hooks/pre-commit.Improving
ggshield install --mode globalis more challenging because when Husky setscore.hooksPathlocally, it completely overrides the global hooks path, preventing global hooks from ever being executed.