Simplify pre-push Git hook config

Workaround for lefthook is no longer required, it now allows receiving input from stdin.
digitalservicebund · Feb 27, 2024 · eeed2eb · eeed2eb
1 parent 9c07f66
commit eeed2eb
Showing 1 changed file with 2 additions and 23 deletions.
diff --git a/lefthook.yml b/lefthook.yml
@@ -14,27 +14,6 @@ pre-push:
       tags: licenses audit
       run: ./gradlew checkLicense
     secrets-audit:
-      # NOTE: there's one caveat with this hook! When pushing, it will only correctly scan the range of
-      # outgoing commits when pushing to a matching branch on the remote (e.g. `git push`) - pushing to a
-      # different ref on the remote like `git push origin master:foreign` does not work..
-      #
-      # For this to work the following issue will need to be fixed (in short: Lefthook does not pass on stdin
-      # to the hook script, whereas pre-push is one of the few hooks which retrieves information from there):
-      # https://github.com/evilmartians/lefthook/issues/1471
-      #
-      # The hook configuration would then turn into:
-      #
-      # pre-push:
-      #   scripts:
-      #     secrets-audit:
-      #       runner: sh
-      #
-      # with a file .lefthook/pre-push/secrets-audit looking something like:
-      #
-      # while read -r local_ref local_sha remote_ref remote_sha; do
-      #   echo "$local_ref $local_sha $remote_ref $remote_sha" | talisman --githook pre-push
-      # done
-      #
-      # exit 0
       tags: security audit
-      run: currentbranch=$(git rev-parse --abbrev-ref HEAD); echo "refs/heads/$currentbranch HEAD refs/heads/$currentbranch $(git log -1 origin/$currentbranch --format='%H')" | talisman --githook pre-push
+      run: talisman --githook pre-push
+      use_stdin: true