A few months ago, I was looking for something to prevent me to commit/push code with a debugger call, byebug
for example. Then I found something that I didn't know at the moment: Git Hooks. Git Hooks allow running custom scripts when certain actions occur, for example: commit, push, merge, checkout, etc.
You can put whatever you want in these custom scripts, including to check if you did something not so clever, for example, push code with a byebug
call. And if you search in Google, you'll find a couple of Git hook scripts to prevent you from doing that.
But then, as a Ruby developer, I thought: Hey, there's always a gem, right!?. Right! And it's called overcommit. Overcommit is a Ruby gem which allows you to easily manage and configure your Git hooks.
To start using overcommit is very simple:
$ gem install overcommit
$ overcommit --install
The overcommit --install
command will create a .overcommit.yml
settings file in the current folder and also back up existing hooks. The default settings file includes the following hooks:
- CapitalizedSubject: Ensures commit message subject lines start with a capital letter
- EmptyMessage: Checks that the commit message is not empty
- SingleLineSubject: Ensures commit message subject lines are followed by a blank line
- TextWidth: Ensures the number of columns the subject and commit message lines occupy is under the preferred limits
- TrailingPeriod: Ensures commit message subject lines do not have a trailing period
- AuthorEmail: Checks the format of an author's email address
- AuthorName: Ensures that a commit author has a name with at least first and last names
- BrokenSymlinks: Checks for broken symlinks
- CaseConflicts: Checks for files that would conflict in case-insensitive filesystems
Of course, you can easily disable any of these hooks:
CapitalizedSubject:
enabled: false
Every time you perform changes in the settings file, you also need to update the signature running overcommit --sign
. You can also disable signature checking by setting verify_signatures: false
in your .overcommit.yml
file. However, please read the security implications before doing that.
Recommended built-in hooks
The hooks described in this section are the ones I'm currently using and recommend. You can also find, between parenthesis in the hook title, in which action the hooks are being executed.
RuboCop (PreCommit)
Runs RuboCop against any modified Ruby files.
RuboCop:
enabled: true
on_warn: fail
problem_on_unmodified_line: ignore
command: ['bundle', 'exec', 'rubocop']
-
on_warn: fail
: blocks the commit in case of warnings -
problem_on_unmodified_line: ignore
: ignore problems in lines of code you did not add/change
BundleAudit (PreCommit)
Checks for vulnerable versions of gems in Gemfile.lock.
BundleAudit:
enabled: true
flags: ['--update']
-
flags: ['--update']
: force BundleAudit to update before checking
BundleCheck (PreCommit)
Check if local Gemfile.lock matches Gemfile when either changes, unless Gemfile.lock
is ignored by git.
BundleCheck:
enabled: true
ForbiddenBranches (PreCommit and PrePush)
Prevents commits to branches matching one of the configured patterns.
ForbiddenBranches:
enabled: true
branch_patterns: ['master']
Fasterer (PreCommit)
Runs fasterer
against any modified Ruby files.
Fasterer:
enabled: true
exclude:
- 'vendor/**/*.rb'
- 'db/schema.rb'
CustomScript (PreCommit)
Runs a custom command/script before commit.
CustomScript:
quiet: true
enabled: true
command: ['i18n-tasks', 'normalize']
The previous hook will run i18n-tasks normalize
before commit. normalize
is a task of the i18n-tasks gem.
BundleInstall (PostCheckout, PostMerge and PostRewrite)
Runs bundle install
when a change is detected in the repository's dependencies.
BundleInstall:
enabled: true
Other (probably) useful built-in hooks
These are the hooks I'm not currently using but I'm willing to give a try.
- Foodcritic: linting tool for writing better and safer code
- RailsBestPractices: code metric tool to check the quality of Rails code
- RailsSchemaUpToDate: Check to see whether the schema file is in line with the migrations
- Reek: Code smell detector for Ruby
- Brakeman: Vulnerability scanner designed for Rails applications. It statically analyzes code to find security issues
-
FixMe: Check for "token" (
TODO
,FIXME
, etc.) strings before commit - BundleOutdated: List installed gems with newer versions available
Looking for a job?
If you're looking for a job and you live around Frankfurt am Main or you're willing to move, we have positions available at creditshelf. All positions available for English speakers.
Top comments (1)
As someone who is just getting into Ruby (coming from PHP / DevOps background) this was really helpful! I love tools that shift quality task left. The bonus here is the tools run on commit! :heart:
I'll check out your role postings; Frankfurt seems like an Frankfurt place.