diff options
author | Pierre Habouzit <madcoder@debian.org> | 2009-04-16 22:00:44 +0200 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2009-04-18 06:26:11 +0200 |
commit | aed97c677cdfd1b9bbc9b33b5418ad4a29109082 (patch) | |
tree | a79f1ffa4fd4b5521888b8e6e83a68137267beee /templates | |
parent | get_local_heads(): do not return random pointer if there is no head (diff) | |
download | git-aed97c677cdfd1b9bbc9b33b5418ad4a29109082.tar.xz git-aed97c677cdfd1b9bbc9b33b5418ad4a29109082.zip |
hook/update: example of how to prevent branch creation
Since git doesn't provide a receive.denyBranchCreation or similar, here is
an example of how to be sure users cannot create branches remotely by
pushing a new reference.
This setup has been proven useful to prevent creation of spurious branches
because of users having their remote.origin.push set to HEAD, when they
use `git push` while being on a local topic branch of theirs instead of
the proper one.
Signed-off-by: Pierre Habouzit <madcoder@debian.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'templates')
-rwxr-xr-x | templates/hooks--update.sample | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/templates/hooks--update.sample b/templates/hooks--update.sample index a3f68ae3b4..f8bf490cff 100755 --- a/templates/hooks--update.sample +++ b/templates/hooks--update.sample @@ -16,6 +16,9 @@ # hooks.allowdeletebranch # This boolean sets whether deleting branches will be allowed in the # repository. By default they won't be. +# hooks.denycreatebranch +# This boolean sets whether remotely creating branches will be denied +# in the repository. By default this is allowed. # # --- Command line @@ -39,6 +42,7 @@ fi # --- Config allowunannotated=$(git config --bool hooks.allowunannotated) allowdeletebranch=$(git config --bool hooks.allowdeletebranch) +denycreatebranch=$(git config --bool hooks.denycreatebranch) allowdeletetag=$(git config --bool hooks.allowdeletetag) # check for no description @@ -52,7 +56,8 @@ esac # --- Check types # if $newrev is 0000...0000, it's a commit to delete a ref. -if [ "$newrev" = "0000000000000000000000000000000000000000" ]; then +zero="0000000000000000000000000000000000000000" +if [ "$newrev" = "$zero" ]; then newrev_type=delete else newrev_type=$(git-cat-file -t $newrev) @@ -80,6 +85,10 @@ case "$refname","$newrev_type" in ;; refs/heads/*,commit) # branch + if [ "$oldrev" = "$zero" -a "$denycreatebranch" = "true" ]; then + echo "*** Creating a branch is not allowed in this repository" >&2 + exit 1 + fi ;; refs/heads/*,delete) # delete branch |