diff options
| -rwxr-xr-x | util/git-hooks/pre-push | 39 | 
1 files changed, 20 insertions, 19 deletions
| diff --git a/util/git-hooks/pre-push b/util/git-hooks/pre-push index 5bae8d26..b5f4620e 100755 --- a/util/git-hooks/pre-push +++ b/util/git-hooks/pre-push @@ -22,15 +22,21 @@ url="$2"  zero=0000000000000000000000000000000000000000  upstream_pattern="github\.com.flashrom/flashrom(\.git)?|flashrom\.org.git/flashrom(\.git)?" -precious_branches="stable staging" -# Only care about the upstream repository +# Only care about the upstream repositories  if echo "$url" | grep -q -v -E "$upstream_pattern" ; then  	exit 0  fi  while read local_ref local_sha remote_ref remote_sha ; do -	if [ "$remote_ref" != "refs/heads/staging" -a "$remote_ref" != "refs/heads/stable" ]; then + +	# Only allow the stable and staging branches as well as versioned stable branches (e.g., 0.0.x). +	# The matching expression's RE is always anchored to the first character (^ is undefined). +	# The outer parentheses are needed to print out the whole matched string. +	version=$(expr ${remote_ref#*refs/heads/} : '\(\([0-9]\+\.\)\{2,\}x\)$') +	if [ "$remote_ref" != "refs/heads/staging" ] && \ +	   [ "$remote_ref" != "refs/heads/stable" ] && \ +	   [ -z "$version" ]; then  		echo "Feature branches not allowed ($remote_ref)." >&2  		exit 1  	fi @@ -40,14 +46,10 @@ while read local_ref local_sha remote_ref remote_sha ; do  		exit 1  	fi -	if [ "$remote_sha" = "$zero" ]; then -		echo "No new branches allowed." >&2 -		exit 1 -	fi -  	# Check for Signed-off-by and Acked-by  	commit=$(git rev-list -n 1 --all-match --invert-grep -E \ -		--grep '^Signed-off-by: .+ <.+@.+\..+>$' --grep '^Acked-by: .+ <.+@.+\..+>$' \ +		--grep '^Signed-off-by: .+ <.+@.+\..+>$' \ +		--grep '^Acked-by: .+ <.+@.+\..+>$' \  		"$remote_sha..$local_sha")  	if [ -n "$commit" ]; then  		echo "Commit $local_sha in $local_ref is missing either \"Signed-off-by\"" \ @@ -55,17 +57,16 @@ while read local_ref local_sha remote_ref remote_sha ; do  		exit 1  	fi -	# Make _really_ sure we do not rewrite precious history -	for lbranch in $precious_branches ; do -		if [ "$remote_ref" = "refs/heads/$lbranch" ]; then -			nonreachable=$(git rev-list $remote_sha ^$local_sha | head -1) -			if [ -n "$nonreachable" ]; then -				echo "Only fast-forward pushes are allowed on $lbranch." >&2 -				echo "$nonreachable is not included in $remote_sha while pushing to $remote_ref" >&2 -				exit 1 -			fi +	# Make _really_ sure we do not rewrite history of any head/branch +	if [ "${remote_ref#*refs/heads/}" != "$remote_ref" ]; then +		nonreachable=$(git rev-list $remote_sha ^$local_sha | head -1) +		if [ -n "$nonreachable" ]; then +			echo "Only fast-forward pushes are allowed on branches." >&2 +			echo "At least $nonreachable is not included in $remote_sha while pushing to " \ +			     "$remote_ref" >&2 +			exit 1  		fi -	done +	fi  	# FIXME: check commit log format (subject without full stop at the end etc).  	# FIXME: do buildbot checks if authorized? | 
