Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@arkweid/lefthook
Advanced tools
The fastest polyglot Git hooks manager out there
Fast and powerful Git hooks manager for Node.js, Ruby or any other type of projects.
pre-push
hook.# On `git push` lefthook will run spelling and links check for all of the changed files
pre-push:
parallel: true
commands:
spelling:
files: git diff --name-only HEAD @{push}
glob: "*.md"
run: npx yaspeller {files}
check-links:
files: git diff --name-only HEAD @{push}
glob: "*.md"
run: npx markdown-link-check {files}
Choose your environment:
Then you can find all Lefthook features in the full guide and explore wiki.
If you want more speed. Example
pre-push:
parallel: true
If you want your own list. Custom and prebuilt examples.
pre-commit:
commands:
frontend-linter:
run: yarn eslint {staged_files}
backend-linter:
run: bundle exec rubocop --force-exclusion {all_files}
frontend-style:
files: git diff --name-only HEAD @{push}
run: yarn stylelint {files}
If you want to filter list of files.
pre-commit:
commands:
backend-linter:
glob: "*.rb" # glob filter
exclude: "application.rb|routes.rb" # regexp filter
run: bundle exec rubocop --force-exclusion {all_files}
If you want to execute the commands in a relative path
pre-commit:
commands:
backend-linter:
root: "api/" # Careful to have only trailing slash
glob: "*.rb" # glob filter
run: bundle exec rubocop {all_files}
If oneline commands are not enough, you can execute files. Example.
commit-msg:
scripts:
"template_checker":
runner: bash
If you want to control a group of commands. Example.
pre-push:
commands:
packages-audit:
tags: frontend security
run: yarn audit
gems-audit:
tags: backend security
run: bundle audit
If you are in the Docker environment. Example.
pre-commit:
scripts:
"good_job.js":
runner: docker run -it --rm <container_id_or_name> {cmd}
If you a frontend/backend developer and want to skip unnecessary commands or override something into Docker. Description.
# lefthook-local.yml
pre-push:
exclude_tags:
- frontend
commands:
packages-audit:
skip: true
If you want to run hooks group directly.
$ lefthook run pre-commit
If you want to run specific group of commands directly.
fixer:
commands:
ruby-fixer:
run: bundle exec rubocop --force-exclusion --safe-auto-correct {staged_files}
js-fixer:
run: yarn eslint --fix {staged_files}
$ lefthook run fixer
0.7.7 (2021-10-02)
help
and version
commands (PR #209) @pwincklesFAQs
Simple git hooks manager
The npm package @arkweid/lefthook receives a total of 9,889 weekly downloads. As such, @arkweid/lefthook popularity was classified as popular.
We found that @arkweid/lefthook demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.