Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
openclaw/git-hooks/pre-commit
jiarung 386dbb010e fix(git-hooks,usage-log): fix two CI failures 
pre-commit: guard the resolve-node.sh source with a file-existence
check so the hook works in test environments that stub only the files
they care about (the integration test creates run-node-tool.sh but not
resolve-node.sh; node is provided via a fake binary in PATH so the
nvm fallback is never needed in that context).

usage-log: replace Math.random() in makeId() with crypto.randomBytes()
to satisfy the temp-path-guard security lint rule that rejects weak
randomness in source files.
2026-03-13 14:57:25 +00:00

60 lines
1.7 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -euo pipefail
ROOT_DIR="$(git rev-parse --show-toplevel 2>/dev/null || pwd)"
# Resolve node when not in PATH (e.g. nvm environments where the shell
# profile hasn't been sourced by the git hook). Picks the newest installed
# nvm version using version-aware sort so that v22 is preferred over v18.
_resolve_node_sh="$ROOT_DIR/scripts/pre-commit/resolve-node.sh"
if [[ -f "$_resolve_node_sh" ]]; then
# shellcheck source=scripts/pre-commit/resolve-node.sh
source "$_resolve_node_sh"
fi
unset _resolve_node_sh
RUN_NODE_TOOL="$ROOT_DIR/scripts/pre-commit/run-node-tool.sh"
FILTER_FILES="$ROOT_DIR/scripts/pre-commit/filter-staged-files.mjs"
if [[ ! -x "$RUN_NODE_TOOL" ]]; then
echo "Missing helper: $RUN_NODE_TOOL" >&2
exit 1
fi
if [[ ! -f "$FILTER_FILES" ]]; then
echo "Missing helper: $FILTER_FILES" >&2
exit 1
fi
# Security: avoid option-injection from malicious file names (e.g. "--all", "--force").
# Robustness: NUL-delimited file list handles spaces/newlines safely.
# Compatibility: use read loops instead of `mapfile` so this runs on macOS Bash 3.x.
files=()
while IFS= read -r -d '' file; do
files+=("$file")
done < <(git diff --cached --name-only --diff-filter=ACMR -z)
if [ "${#files[@]}" -eq 0 ]; then
exit 0
fi
lint_files=()
while IFS= read -r -d '' file; do
lint_files+=("$file")
done < <(node "$FILTER_FILES" lint -- "${files[@]}")
format_files=()
while IFS= read -r -d '' file; do
format_files+=("$file")
done < <(node "$FILTER_FILES" format -- "${files[@]}")
if [ "${#lint_files[@]}" -gt 0 ]; then
"$RUN_NODE_TOOL" oxlint --type-aware --fix -- "${lint_files[@]}"
fi
if [ "${#format_files[@]}" -gt 0 ]; then
"$RUN_NODE_TOOL" oxfmt --write -- "${format_files[@]}"
fi
git add -- "${files[@]}"
Reference in New Issue View Git Blame Copy Permalink