Needs a .git folder to be present, fails if missing even if $CI is true

[dgattey]

:wrench: Summary

Here's the context, but the gist is that I'm using lefthook in a repo that gets deployed on Vercel. When it builds, there's no .git folder present thanks to how Vercel works. Unfortunately, lefthook seems to need the .git folder, or the CI flag isn't working right, since it's failing to build with lefthook installed in this setup.

Lefthook version

1.5.1

Steps to reproduce

Try pnpm install without a .git folder present with CI=1

Expected results

A successful install

Actual results

A failure to build because of missing folder

Possible Solution

Don't require the .git folder

Logs / Screenshots

LEFTHOOK_VERBOSE=true git ...

[mrexox]

Hey! Lefthook shouldn't be installed automatically in the CI. I assume that your postinstall script calls lefthook install explicitly. You can safely remove this posinstall call because lefthook package does it automatically when not in the CI.

I would also recomment to use lefthook dependency only in devDependencies. It is not supposed to be used in production-like environment.

---

I don't think lefthook should support executing lefthook install not in a git project. Lefthook is supposed to be used with git and it requires git to get the project root and hooks dir path (it can be different from .git/hooks). Otherwise – where should lefthook install the hooks? Probably to .git/hooks, but this doesn't look correct to me 😕

[dgattey]

lefthook install running automatically on postinstall hooks is incompatible with pnpm and their stance on running dependencies' pre/post hooks automatically for security. So that's why it's an explicit postinstall hook. How do I get around this? Is there some check I can run in the postinstall hook to see if it's in CI?

I don't need to run lefthook anywhere but locally when I clone the repo. A solution that allows me to disable running lefthook install as a postinstall hook on CI is perfect.

[mrexox]

Sounds good, I think you can use a custom shell script with the following check:

[ -z $CI ] && lefthook install || true

Unfortunately, I don't know well how pnpm works but if the shell script doesn't work there's probably a way to write a custom JS script for that. The only problem is to correctly find the executable.

[Maeda-Naoki]

I also encountered the same problem. The environment is as follows:

• lefthook: v1.6.0
• pnpm: v8.12.1

Indeed, there is a process to skip the installation in the CI environment.

However, this process does not work if you explicitly install it using pnpm exec lefthook install.

Do you think adding a CI environment check to the following code would be a solution? Please let us know what you think.

[mrexox]

Hey @Maeda-Naoki! Could please tell more about the reasons you explicitly run lefthook install in the CI?

[mrexox]

Do you think adding a CI environment check to the following code would be a solution? Please let us know what you think.

I don't think this is a good idea because in this case the whole program behavior depends on environment variable. I believe that when someone uses lefthook install explicitly they want it to install. And it would be too surprising that lefthook doesn't install the hooks because you have CI env variable set.

But I am curios about how you use lefthook in the CI and I'd like to help with issues you met.

[Maeda-Naoki]

Hi @mrexox .

Could please tell more about the reasons you explicitly run lefthook install in the CI?

I am using lefthook in the following environment.

• lefthook: v1.6.0
• pnpm: v8.12.1

I added the following script to package.json to initialize lefthook at git clone.

"scripts": {
  "prepare": "lefthook install",
},

If you don't do this, it will not show up as sync hooks when you git clone.
So I added a lefthook install script to package.json.

The problem is when you clone this repository in GitLab CI.
The CI environment variable is defined in GitLab CI, but for some reason the lefthook installation is not skipped and lefthook is installed.

[mrexox]

@Maeda-Naoki , if you have lefthook listed in your devDependencies then when you run yarn install lefthook will automatically be called (on non-CI environment). Please, don't use lefthook install explicitly in a prepare script.