search

pre-commit / pre-commit

A framework for managing and maintaining multi-language pre-commit hooks.
https://pre-commit.com
MIT License
13.03k stars 816 forks source link

pre-commit killed on MacOS when provided specific file contents #3356

Open wwomack-bs opened 5 days ago

wwomack-bs commented 5 days ago

search you tried in the issue tracker

killed

describe your issue

I have a single python file that will pass our pre-commit tests when pre-commit is run with -a but the process is killed when passed in individually. The file is plain ascii python. I narrowed down the contents to a single import line that still caused the failure. Initially the failure was observed inside my repo but I have recreated it outside the repo which eliminates my pre-commit-config.yaml file as causal.

➜  /tmp echo "from impacket.examples.utils import parse_target" > /tmp/testfile.py
➜  /tmp file /tmp/testfile.py
/tmp/testfile.py: Python script text executable, ASCII text
➜  /tmp xxd /tmp/testfile.py
00000000: 6672 6f6d 2069 6d70 6163 6b65 742e 6578  from impacket.ex
00000010: 616d 706c 6573 2e75 7469 6c73 2069 6d70  amples.utils imp
00000020: 6f72 7420 7061 7273 655f 7461 7267 6574  ort parse_target
00000030: 0a                                       .
➜  /tmp pre-commit run -V --files /tmp/testfile.py
[1]    3200 killed     pre-commit run -V --files /tmp/testfile.py
➜  /tmp sudo dmesg | tail -n 1
[1100917.705286]: Process is not properly entitled to submit open directory event

This is on a mac running on a Apple M1 Pro cpu running MacOS 14.6.1.

pre-commit --version

pre-commit 4.0.1

.pre-commit-config.yaml

n/a

~/.cache/pre-commit/pre-commit.log (if present)

No response

asottile commented 5 days ago

please try on the latest version and include the backtrace. I suspect this is just Apple's SIP and the particular directory is protected but it's difficult to tell from what you've provided

wwomack-bs commented 5 days ago

I believe 4.0.1 is the latest release which is what I am running installed via brew.

This was originally attempted from a directory under my home directory with the same results and a coworker confirmed the same behavior on their machine.

Interestingly, you can see here that with slightly different contents in the same directory, pre-commit is not killed and runs successfully.

➜  /tmp echo "from doesnotexist import nothing" > /tmp/testfile_passes.py
➜  /tmp pre-commit run -V --files /tmp/testfile_passes.py
usage: pre-commit [-h] [-V] {autoupdate,clean,gc,init-templatedir,install,install-hooks,migrate-config,run,sample-config,try-repo,uninstall,validate-config,validate-manifest,help,hook-impl} ...
pre-commit: error: unrecognized arguments: -V

I just pulled down the repo and ran the same using the latest main (cb14bc2) with the same results. There is no stacktrace and pre-commit is immediately killed if passed a file with these contents. Does not seem to matter which directory the file is in.

asottile commented 5 days ago

I guess I should clarify -- I can't reproduce this so I need you to provide a backtrace in order to help debug this. usually when a process is killed you can retrieve a core dump to know how and why it was killed

you mentioned coworker -- I strongly suspect you've got some rogue corporate spyware / antivirus that's overstepping its bounds