Security News
New CVE Forecasting Tool Predicts 47,000 Disclosures in 2025
CVEForecast.org uses machine learning to project a record-breaking surge in vulnerability disclosures in 2025.
By Sarah Gooding - Jul 07, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
@hkdobrev/run-if-changed
Advanced tools
🔃 run-if-changed 
Run a command if a file changes via Git hooks. Useful for lock files or build systems to keep dependencies and generated files up to date when changing branches, pulling or commiting.
Inspired by lint-staged and recommended to be used with husky.
State of the project
run-if-changed is functional as-is, but it's still quite basic and rough as it has just been published. So issues, feature requests and pull requests are most welcome!
Installation and setup
Install with npm
npm install --save-dev husky @hkdobrev/run-if-changed
Recommended setup
"run-if-changed": {
"package-lock.json": "npm install --prefer-offline --no-audit"
}
Install with Yarn
yarn add --dev husky @hkdobrev/run-if-changed
Recommended setup
"run-if-changed": {
"yarn.lock": "yarn install --prefer-offline --pure-lockfile --color=always"
}
Set up Git hooks
Using husky
echo "npx run-if-changed" > .husky/post-commit
echo "npx run-if-changed" > .husky/post-checkout
echo "npx run-if-changed" > .husky/post-merge
echo "npx run-if-changed" > .husky/post-rewrite
Just git hooks
echo "npx run-if-changed" >> .git/hooks/post-commit && chmod +x .git/hooks/post-commit
echo "npx run-if-changed" >> .git/hooks/post-checkout && chmod +x .git/hooks/post-checkout
echo "npx run-if-changed" >> .git/hooks/post-merge && chmod +x .git/hooks/post-merge
echo "npx run-if-changed" >> .git/hooks/post-rewrite && chmod +x .git/hooks/post-rewrite
Why
The use case for run-if-changed is mostly for a team working on a project and push and pull code in different branches. When you share dependencies, database migrations or compilable code in the shared Git repository often some commands need to be run when a file or folder gets updated.
Check out the common use cases.
Configuration
run-if-changedobject in yourpackage.json.run-if-changedrcfile in JSON or YML formatrun-if-changed.config.jsfile in JS format
See cosmiconfig for more details on what formats are supported.
Configuration should be an object where each key is a file or directory match pattern and the value is either a single command or an array of commands to run if the file have changed since the last Git operation.
What commands are supported?
Supported are any executables installed locally or globally via npm or Yarn as well as any executable from your $PATH.
Using globally installed scripts is discouraged, since run-if-changed may not work for someone who doesn't have it installed.
run-if-changed is using execa to locate locally installed scripts and run them. So in your .run-if-changedrc you can just write and it would use the local version:
{
"src": "webpack"
}
Sequences of commands are supported. Pass an array of commands instead of a single one and they will run sequentially.
Use cases
Install or update dependencies when lock file changes
If you use a dependency manager with a lock file like npm, Yarn, Composer, Bundler or others, you would usually add a dependency and the dependency manager would install it and add it to the lock file in a single run. However, when someone else has updated a dependency and you pull new code or checkout their branch you need to manually run the install command of your dependency manager.
Here's example configuration of run-if-changed:
npm
package.json
{
"run-if-changed": {
"package-lock.json": "npm install --prefer-offline --no-audit"
}
}
.run-if-changedrc
{
"package-lock.json": "npm install --prefer-offline --no-audit"
}
Yarn
package.json
{
"run-if-changed": {
"yarn.lock": "yarn install --prefer-offline --pure-lockfile --color=always"
}
}
.run-if-changedrc
{
"yarn.lock": "yarn install --prefer-offline --pure-lockfile --color=always"
}
Composer
package.json
{
"run-if-changed": {
"composer.lock": "composer install --ignore-platform-reqs --ansi"
}
}
Bundler
package.json
{
"run-if-changed": {
"Gemfile.lock": "bundle install"
}
}
Run database migrations if there are new migrations
If you keep database migrations in your repository, you'd usually want to run them when you check out a branch or pull from master.
Example of running Doctrine migrations when pulling or changing branches
package.json
{
"run-if-changed": {
"migrations": "./console db:migrate --allow-no-migration --no-interaction"
}
}
Compile sources in a build folder after pulling new code.
Example for running build on changing src folder when pulling or changing branches
package.json
{
"run-if-changed": {
"src": "npm run build"
}
}
FAQs
Run a command if a file changes via Git hooks
The npm package @hkdobrev/run-if-changed receives a total of 3,348 weekly downloads. As such, @hkdobrev/run-if-changed popularity was classified as popular.
We found that @hkdobrev/run-if-changed demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 14 Dec 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Browserslist-rs Gets Major Refactor, Cutting Binary Size by Over 1MB
Browserslist-rs now uses static data to reduce binary size by over 1MB, improving memory use and performance for Rust-based frontend tools.
By Sarah Gooding - Jul 04, 2025
Research
Security News
8 More Malicious Firefox Extensions: Exploiting Popular Game Recognition, Hijacking User Sessions, and Stealing OAuth Credentials
Eight new malicious Firefox extensions impersonate games, steal OAuth tokens, hijack sessions, and exploit browser permissions to spy on users.
By Kush Pandya - Jul 04, 2025