Open dgattey opened 11 months ago
Hey! Lefthook shouldn't be installed automatically in the CI. I assume that your postinstall script calls lefthook install
explicitly. You can safely remove this posinstall call because lefthook package does it automatically when not in the CI.
I would also recomment to use lefthook
dependency only in devDependencies
. It is not supposed to be used in production-like environment.
I don't think lefthook should support executing lefthook install
not in a git project. Lefthook is supposed to be used with git and it requires git to get the project root and hooks dir path (it can be different from .git/hooks
). Otherwise – where should lefthook install the hooks? Probably to .git/hooks
, but this doesn't look correct to me 😕
lefthook install
running automatically on postinstall hooks is incompatible with pnpm
and their stance on running dependencies' pre/post hooks automatically for security. So that's why it's an explicit postinstall hook. How do I get around this? Is there some check I can run in the postinstall hook to see if it's in CI?
I don't need to run lefthook anywhere but locally when I clone the repo. A solution that allows me to disable running lefthook install
as a postinstall hook on CI is perfect.
Sounds good, I think you can use a custom shell script with the following check:
[ -z $CI ] && lefthook install || true
Unfortunately, I don't know well how pnpm works but if the shell script doesn't work there's probably a way to write a custom JS script for that. The only problem is to correctly find the executable.
I also encountered the same problem. The environment is as follows:
Indeed, there is a process to skip the installation in the CI environment.
However, this process does not work if you explicitly install it using pnpm exec lefthook install
.
Do you think adding a CI environment check to the following code would be a solution? Please let us know what you think.
Hey @Maeda-Naoki! Could please tell more about the reasons you explicitly run lefthook install
in the CI?
Do you think adding a CI environment check to the following code would be a solution? Please let us know what you think.
I don't think this is a good idea because in this case the whole program behavior depends on environment variable. I believe that when someone uses lefthook install
explicitly they want it to install. And it would be too surprising that lefthook
doesn't install the hooks because you have CI env variable set.
But I am curios about how you use lefthook in the CI and I'd like to help with issues you met.
Hi @mrexox .
Could please tell more about the reasons you explicitly run lefthook install in the CI?
I am using lefthook in the following environment.
I added the following script to package.json to initialize lefthook at git clone.
"scripts": {
"prepare": "lefthook install",
},
If you don't do this, it will not show up as sync hooks
when you git clone.
So I added a lefthook install script to package.json.
The problem is when you clone this repository in GitLab CI.
The CI environment variable is defined in GitLab CI, but for some reason the lefthook installation is not skipped and lefthook is installed.
@Maeda-Naoki , if you have lefthook listed in your devDependencies
then when you run yarn install
lefthook will automatically be called (on non-CI environment). Please, don't use lefthook install
explicitly in a prepare
script.
:wrench: Summary
Here's the context, but the gist is that I'm using
lefthook
in a repo that gets deployed on Vercel. When it builds, there's no .git folder present thanks to how Vercel works. Unfortunately, lefthook seems to need the .git folder, or theCI
flag isn't working right, since it's failing to build with lefthook installed in this setup.Lefthook version
1.5.1
Steps to reproduce
Try
pnpm install
without a .git folder present withCI=1
Expected results
A successful install
Actual results
A failure to build because of missing folder
Possible Solution
Don't require the .git folder
Logs / Screenshots