Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@finos/git-proxy

Package Overview
Dependencies
Maintainers
4
Versions
25
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@finos/git-proxy

Deploy custom push protections and policies on top of Git.

  • 1.2.2
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
15
increased by15.38%
Maintainers
4
Weekly downloads
 
Created
Source

Logo

Deploy custom push protections and policies
on top of Git


Docs · Report a bug · Suggest a new feature


FINOS - Incubating NPM Build codecov Documentation
License Contributors Slack Stars Forks


What is Git Proxy

Git Proxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). It applies rules and workflows (configurable as plugins) to all outgoing git push operations to ensure they are compliant.

The main goal of Git Proxy is to marry the defacto standard Open Source developer experience (git-based workflow of branching out, submitting changes and merging back) with security and legal requirements that firms have to comply with, when operating in highly regulated industries like financial services.

That said, Git Proxy can also be used on a local environment to enforce a single developer's best practices, which tends to be the easiest setup to start with and the most comfortable one to build new Git Proxy plugins.

sequenceDiagram
    actor Developer
    Developer->>+Git Server: git clone
    Developer->>Workstation: git remote add proxy <proxy-server>
    Developer->>+Git Proxy: git push proxy
    Git Proxy-->>-Developer: Failed license check
    Developer->>Workstation: git commit -m 'fix license issue'
    Developer->>+Git Proxy: git push
    Git Proxy-->>-Git Server: Approved

Getting Started 🚀

Install & run git-proxy (requires Nodejs):

$ npx -- @finos/git-proxy

Clone a repository, set the remote to the Git Proxy URL and push your changes:

# Only HTTPS cloning is supported at the moment, see https://github.com/finos/git-proxy/issues/27.
$ git clone https://github.com/octocat/Hello-World.git && cd Hello-World
# The below command is using the GitHub official CLI to fork the repo that is cloned.
# You can also fork on the GitHub UI. For usage details on the CLI, see https://github.com/cli/cli
$ gh repo fork
✓ Created fork yourGithubUser/Hello-World
...
$ git remote add proxy http://localhost:8000/yourGithubUser/Hello-World.git
# This fetches the repository's default branch and pushes it (https://stackoverflow.com/a/44750379).
$ git push proxy $(git symbolic-ref refs/remotes/origin/HEAD | sed 's@^refs/remotes/origin/@@')

Using the default configuration, Git Proxy intercepts the push and blocks it. To enable code pushing to your fork via Git Proxy, add your repository URL into the Git Proxy config file (proxy.config.json). For more information, refer to our documentation.

Documentation

For detailed step-by-step instructions for how to install, deploy & configure Git Proxy and customize for your environment, see the project's documentation:

Contributing

Your contributions are at the core of making this a true open source project. Any contributions you make are greatly appreciated. See CONTRIBUTING.md for more information.

Security

If you identify a security vulnerability in the codebase, please follow the steps in SECURITY.md. This includes logic-based vulnerabilities and sensitive information or secrets found in code.

Code of Conduct

We are committed to making open source an enjoyable and respectful experience for our community. See CODE_OF_CONDUCT for more information.

License

This project is distributed under the Apache-2.0 license. See LICENSE for more information.

Contact

Drop a note, ask a question or just say hello in our community Slack channel 👋

Otherwise, if you have a deeper query or require more support, please raise an issue. You can also reach out to help@finos.org.

FAQs

Package last updated on 23 May 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc