search

evilmartians / lefthook

Fast and powerful Git hooks manager for any type of projects.
MIT License
4.75k stars 211 forks source link

lefthook.yml is automatically added when using my library #691

Closed namnh-0652 closed 5 months ago

namnh-0652 commented 5 months ago

:wrench: Summary

lefthook.yml file is added when other project added my library. The content of it is the same with internal/templates/config.tmpl

Lefthook version

Steps to reproduce

Expected results

Actual results

Possible Solution

Logs / Screenshots

The content of generated file lefthook.yml


# EXAMPLE USAGE:
#
#   Refer for explanation to following link:
#   https://github.com/evilmartians/lefthook/blob/master/docs/configuration.md
#
# pre-push:
#   commands:
#     packages-audit:
#       tags: frontend security
#       run: yarn audit
#     gems-audit:
#       tags: backend security
#       run: bundle audit
#
# pre-commit:
#   parallel: true
#   commands:
#     eslint:
#       glob: "*.{js,ts,jsx,tsx}"
#       run: yarn eslint {staged_files}
#     rubocop:
#       tags: backend style
#       glob: "*.rb"
#       exclude: '(^|/)(application|routes)\.rb$'
#       run: bundle exec rubocop --force-exclusion {all_files}
#     govet:
#       tags: backend style
#       files: git ls-files -m
#       glob: "*.go"
#       run: go vet {files}
#   scripts:
#     "hello.js":
#       runner: node
#     "any.go":
#       runner: go run
`
mrexox commented 5 months ago

Looks like lefthook is used as a dev dependency: https://github.com/callstack/react-native-builder-bob/blob/main/package.json#L25. I think it would better to create this issue in react-native-builder-bob repo, since auto-installing lefthook hooks when installing an npm package is a feature and it is used by many people from the very beginning of the lefthook project. The easiest solution is to ask the react-native-builder-bob developers to remove the dependency.

namnh-0652 commented 5 months ago

@mrexox Thanks for your response. react-native-builder-bob simply generates our library template. So, as you suggested, is the only way to fix this by removing lefthook as a devDependencies?

If I create a simple library (do not use react-native-builder-bob) and add lefthook, will lefthook.yml be added as the default to any project using my library?

mrexox commented 5 months ago

@namnh-0652 Actually devDependencies should not be installed when installing a dependent package. It will happen only if lefthook was in the dependencies section.

I think I missed that you mentioned

Create react native app and add above library via git url

Looks like in this case devDependencies are being installed too, so lefthook package generates the lefthook.yml.

Since this happens implicitly I can suggest you to add an empty lefthook.yml and commit it into the app repo. I haven't thought of this flow (installing a package via git url), and there's no mechanism to tell npm not to use postinstall scripts when installing a package with git url (I don't know any). So the solution can be to use an empty (dummy) lefthook config that does nothing.

Or you can set the env variable CI=true before running the yarn install, but I think this is less convenient.

mrexox commented 5 months ago

I will close this issue since this is not a bug but kind of a side effect of using git urls in npm dependencies.