
Security News
Suno Breached via Shai-Hulud Worm, Leaked Code Exposes AI Music Scraping
A Shai-Hulud infection exposed Suno's source code, which shows the AI music startup stream-ripped tracks to train its models.
git-permachine
Advanced tools
Automatically merge machine-specific config files with base configs using git hooks
Automatically merge machine-specific configuration files with base configurations in git repositories. Like Husky for git hooks, but for config file management.
When working across multiple machines, you often need:
permachine automatically:
config.homezone.json)config.base.json)config.json) - gitignored# In your repository
cd /path/to/your/repo
# Initialize (one-time setup)
npx permachine init
# That's it! Your configs will now auto-merge on git operations
cd D:/projects/git-permachine
bun install
bun link
# In your target repo
cd /path/to/your/repo
bun link git-permachine
npm install -g git-permachine
# or
bun add -g git-permachine
Given machine name homezone (auto-detected):
| Purpose | Filename | In Git? |
|---|---|---|
| Base config (shared) | config.base.json | ✅ Yes |
| Machine-specific | config.homezone.json | ✅ Yes |
| Final output (merged) | config.json | ❌ No (gitignored) |
Same pattern works for .env files:
| Purpose | Filename | In Git? |
|---|---|---|
| Base config | .env.base | ✅ Yes |
| Machine-specific | .env.homezone | ✅ Yes |
| Final output | .env | ❌ No (gitignored) |
init - Initialize in repositorypermachine init [options]
Options:
--legacy Use .git/hooks wrapping instead of core.hooksPath
--auto Auto-detect best installation method
What it does:
homezone)*.{machine}.* files.gitignore with output filesExample output:
✓ Machine detected: homezone
✓ Git hooks installed via core.hooksPath
✓ Updated .gitignore with 2 file(s)
✓ Merged 2 file(s)
Git hooks will auto-merge on:
- checkout (switching branches)
- merge (git pull/merge)
- commit
merge - Manually trigger mergepermachine merge [--silent]
Useful for:
info - Show current setuppermachine info
Example output:
Machine name: homezone
Repository: /path/to/repo
Hooks method: core.hooksPath
Hooks path: .permachine/hooks
Tracked patterns: 2
- config.base.json + config.homezone.json → config.json
- .env.base + .env.homezone → .env
uninstall - Remove git hookspermachine uninstall
Removes git hooks and restores original hooks (if using legacy mode).
Automatically detects machine name across platforms:
COMPUTERNAME environment variablehostname()Scans repository for files matching *.{machine}.* pattern:
config.homezone.json ✅.env.homezone ✅settings.homezone.json ✅node_modules/, .git/, dist/Example:
// config.base.json
{
"server": { "host": "localhost", "port": 3000 },
"logging": { "level": "info" }
}
// config.homezone.json
{
"server": { "port": 8080 },
"database": { "password": "secret" }
}
// config.json (merged output)
{
"server": { "host": "localhost", "port": 8080 },
"logging": { "level": "info" },
"database": { "password": "secret" }
}
Example:
# .env.base
DATABASE_HOST=localhost
DATABASE_PORT=5432
API_KEY=default
# .env.homezone
DATABASE_PORT=3306
API_KEY=secret_key_123
# .env (merged output)
DATABASE_HOST=localhost
DATABASE_PORT=3306
API_KEY=secret_key_123
Two installation methods:
core.hooksPathgit config core.hooksPath .permachine/hooks
.git/hooks.git/hooks wrapping.git/hooks/*.pre-mcsHooks run on:
git pull or git mergeMerge happens silently in background (only logs errors).
cd C:\Users\josch\.config\opencode
# Initialize
permachine init
# Machine detected: homezone
# Reorganize existing config
mv config.json config.homezone.json
# Create base config with shared settings
cat > config.base.json << EOF
{
"theme": "nightowl-transparent",
"autoupdate": true
}
EOF
# Add machine-specific settings to config.homezone.json
# ...edit file...
# Merge
permachine merge
# Output: config.json (gitignored)
# Future git operations auto-merge!
# Different machines, different settings
# Machine: "workstation"
config.workstation.json → Development settings, localhost
.env.workstation → Local database credentials
# Machine: "server"
config.server.json → Production settings, real domains
.env.server → Production database credentials
# Shared base
config.base.json → Common app settings
.env.base → Default environment variables
# Each machine gets its own merged config automatically!
# Project structure
project/
├── config.base.json
├── config.homezone.json
├── settings/
│ ├── app.base.json
│ ├── app.homezone.json
│ ├── database.base.json
│ └── database.homezone.json
└── .env.base
.env.homezone
# All files auto-merge on git operations:
# - config.json
# - settings/app.json
# - settings/database.json
# - .env
.json).env, .env.*)→ Uses machine file only
→ Uses base file only (rare, scanner looks for machine files)
→ Skips silently
→ Logs error with file path, skips merge
→ Logs error, doesn't crash
git clone <repo>
cd permachine
bun install
# All tests
bun test
# Watch mode
bun test --watch
# Specific test file
bun test tests/unit/json-adapter.test.ts
bun run build
bun run dev init
bun run dev merge
bun run dev info
Check hook installation:
permachine info
Verify git config:
git config --get core.hooksPath
# Should output: .permachine/hooks
Check hook files exist:
ls .permachine/hooks/
Run manually to see errors:
permachine merge
Check machine name:
permachine info
# Verify "Machine name" matches your file pattern
Use legacy mode:
permachine uninstall
permachine init --legacy
Contributions welcome! Please:
bun test)MIT © JosXa
Inspired by:
FAQs
Automatically merge machine-specific config files with base configs using git hooks
The npm package git-permachine receives a total of 3 weekly downloads. As such, git-permachine popularity was classified as not popular.
We found that git-permachine demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
A Shai-Hulud infection exposed Suno's source code, which shows the AI music startup stream-ripped tracks to train its models.

Security News
Vercel is formalizing a monthly release program for Next.js. The change follows React2Shell and a sharp rise in AI-assisted vulnerability discovery.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.