A Git hooks manager for Node.js, Ruby, Python and many other types of projects.
With Go (>= 1.24):
go install github.com/evilmartians/lefthook@latest
go get -tool github.com/evilmartians/lefthook
With NPM:
npm install lefthook --save-dev
For Ruby:
gem install lefthook
For Python:
pip install lefthook
Installation guide with more ways to install lefthook: apt, brew, winget, and others.
Configure your hooks, install them once and forget about it: rely on the magic underneath.
# Configure your hooks
vim lefthook.yml
# Install them to the git project
lefthook install
# Enjoy your work with git
git add -A && git commit -m '...'
lefthook.yml config options.Gives you more speed. docs
pre-push:
parallel: true
If you want your own list. Custom and prebuilt examples.
pre-commit:
jobs:
- name: lint frontend
run: yarn eslint {staged_files}
- name: lint backend
run: bundle exec rubocop --force-exclusion {all_files}
- name: stylelint frontend
files: git diff --name-only HEAD @{push}
run: yarn stylelint {files}
If you want to filter list of files. You could find more glob pattern examples here.
pre-commit:
jobs:
- name: lint backend
glob: "*.rb" # glob filter
exclude: '(^|/)(application|routes)\.rb$' # regexp filter
run: bundle exec rubocop --force-exclusion {all_files}
If you want to execute the commands in a relative path
pre-commit:
jobs:
- name: lint backend
root: "api/" # Careful to have only trailing slash
glob: "*.rb" # glob filter
run: bundle exec rubocop {all_files}
If oneline commands are not enough, you can execute files. docs
commit-msg:
jobs:
- script: "template_checker"
runner: bash
If you want to control a group of commands. docs
pre-push:
jobs:
- name: audit packages
tags:
- frontend
- linters
run: yarn lint
- name: audit gems
tags:
- backend
- security
run: bundle audit
If you are in the Docker environment. docs
pre-commit:
jobs:
- script: "good_job.js"
runner: docker run -it --rm <container_id_or_name> {cmd}
If you a frontend/backend developer and want to skip unnecessary commands or override something into Docker. docs
# lefthook-local.yml
pre-push:
exclude_tags:
- frontend
jobs:
- name: audit packages
skip: true
If you want to run hooks group directly.
$ lefthook run pre-commit
If you want to run specific group of commands directly.
fixer:
jobs:
- run: bundle exec rubocop --force-exclusion --safe-auto-correct {staged_files}
- run: yarn eslint --fix {staged_files}
$ lefthook run fixer
You can control what lefthook prints with output option.
output:
- execution
- failure
Check examples
Husky is a popular tool for managing Git hooks, similar to Lefthook. It allows developers to run scripts at various stages of the Git workflow. Husky is known for its simplicity and ease of integration with npm scripts. Compared to Lefthook, Husky is more widely adopted and has a larger community, but Lefthook offers more advanced configuration options and better performance for large projects.
Pre-commit is a framework for managing and maintaining multi-language pre-commit hooks. It is more focused on pre-commit hooks specifically, whereas Lefthook provides a broader range of hook types. Pre-commit is language-agnostic and supports a wide variety of hooks out of the box, making it a good choice for projects with diverse technology stacks.
FAQs
Simple git hooks manager
The npm package lefthook receives a total of 726,396 weekly downloads. As such, lefthook popularity was classified as popular.
We found that lefthook demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Rust’s crates.io team is advancing an RFC to add a Security tab that surfaces RustSec vulnerability and unsoundness advisories directly on crate pages.
Security News
/Research
Socket found a Rust typosquat (finch-rust) that loads sha-rust to steal credentials, using impersonation and an unpinned dependency to auto-deliver updates.
Research
/Security Fundamentals
A pair of typosquatted Go packages posing as Google’s UUID library quietly turn helper functions into encrypted exfiltration channels to a paste site, putting developer and CI data at risk.