Gathering detailed insights and metrics for lefthook-linux-x64
Gathering detailed insights and metrics for lefthook-linux-x64
Fast and powerful Git hooks manager for any type of projects.
Installations
npm install lefthook-linux-x64Developer Guide
BETA
Typescript
No
Module System
N/A
Node Version
20.18.1
NPM Version
10.8.2
Score
99.7
Supply Chain
92.7
Quality
93.4
Maintenance
100
Vulnerability
100
License
Releases
161
Contributors
139
Languages
6
Go
Ruby
JavaScript
Shell
Python
Makefile
Go (91.46%)
Ruby (4.06%)
JavaScript (1.84%)
Shell (1.38%)
Python (0.76%)
Makefile (0.51%)
Love this project? Help keep it running — sponsor us today! 🚀
Developer
Download Statistics
Total Downloads
10,621,814
Last Day
22,283
Last Week
306,998
Last Month
1,174,063
Last Year
8,166,525
GitHub Statistics
MIT License
5,411 Stars
919 Commits
221 Forks
28 Watchers
5 Branches
139 Contributors
Updated on Feb 18, 2025
Maintainers
1
Package Meta Information
Latest Version
1.10.10
Package Id
lefthook-linux-x64@1.10.10
Unpacked Size
11.79 MB
Size
4.67 MB
File Count
3
NPM Version
10.8.2
Node Version
20.18.1
Published on
Jan 21, 2025
Total Downloads
Cumulative downloads
Total Downloads
10,621,814
Last Day
33.4%
22,283
Compared to previous day
Last Week
4.6%
306,998
Compared to previous week
Last Month
43.2%
1,174,063
Compared to previous month
Last Year
277.3%
8,166,525
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
No dependencies detected.
Lefthook
The fastest polyglot Git hooks manager out there
A Git hooks manager for Node.js, Ruby, Python and many other types of projects.
- Fast. It is written in Go. Can run commands in parallel.
- Powerful. It allows to control execution and files you pass to your commands.
- Simple. It is single dependency-free binary which can work in any environment.
Install
With Go (>= 1.23):
1go install github.com/evilmartians/lefthook@latest
With NPM:
1npm install lefthook --save-dev
For Ruby:
1gem install lefthook
For Python:
1pip install lefthook
Installation guide with more ways to install lefthook: apt, brew, winget, and others.
Usage
Configure your hooks, install them once and forget about it: rely on the magic underneath.
TL;DR
1# Configure your hooks 2vim lefthook.yml 3 4# Install them to the git project 5lefthook install 6 7# Enjoy your work with git 8git add -A && git commit -m '...'
More details
- Configuration for
lefthook.ymlconfig options. - Usage for lefthook CLI options, supported ENVs, and usage tips.
- Discussions for questions, ideas, suggestions.
Why Lefthook
-
Parallel execution
Gives you more speed. docs
1pre-push: 2 parallel: true
-
Flexible list of files
If you want your own list. Custom and prebuilt examples.
1pre-commit: 2 commands: 3 frontend-linter: 4 run: yarn eslint {staged_files} 5 backend-linter: 6 run: bundle exec rubocop --force-exclusion {all_files} 7 frontend-style: 8 files: git diff --name-only HEAD @{push} 9 run: yarn stylelint {files}
-
Glob and regexp filters
If you want to filter list of files. You could find more glob pattern examples here.
1pre-commit: 2 commands: 3 backend-linter: 4 glob: "*.rb" # glob filter 5 exclude: '(^|/)(application|routes)\.rb$' # regexp filter 6 run: bundle exec rubocop --force-exclusion {all_files}
-
Execute in sub-directory
If you want to execute the commands in a relative path
1pre-commit: 2 commands: 3 backend-linter: 4 root: "api/" # Careful to have only trailing slash 5 glob: "*.rb" # glob filter 6 run: bundle exec rubocop {all_files}
-
Run scripts
If oneline commands are not enough, you can execute files. docs
1commit-msg: 2 scripts: 3 "template_checker": 4 runner: bash
-
Tags
If you want to control a group of commands. docs
1pre-push: 2 commands: 3 packages-audit: 4 tags: 5 - frontend 6 - linters 7 run: yarn lint 8 gems-audit: 9 tags: 10 - backend 11 - security 12 run: bundle audit
-
Support Docker
If you are in the Docker environment. docs
1pre-commit: 2 scripts: 3 "good_job.js": 4 runner: docker run -it --rm <container_id_or_name> {cmd}
-
Local config
If you a frontend/backend developer and want to skip unnecessary commands or override something into Docker. docs
1# lefthook-local.yml 2pre-push: 3 exclude_tags: 4 - frontend 5 commands: 6 packages-audit: 7 skip: true
-
Direct control
If you want to run hooks group directly.
1$ lefthook run pre-commit
-
Your own tasks
If you want to run specific group of commands directly.
1fixer: 2 commands: 3 ruby-fixer: 4 run: bundle exec rubocop --force-exclusion --safe-auto-correct {staged_files} 5 js-fixer: 6 run: yarn eslint --fix {staged_files}
1$ lefthook run fixer
-
Control output
You can control what lefthook prints with output option.
1output: 2 - execution 3 - failure
Guides
- Install with Node.js
- Install with Ruby
- Install with Homebrew
- Install with Winget
- Install for Debian-based Linux
- Install for RPM-based Linux
- Install for Arch Linux
- Install for Alpine Linux
- Usage
- Configuration
Examples
Check examples
Articles
- 5 cool (and surprising) ways to configure Lefthook for automation joy
- Lefthook: Knock your team’s code back into shape
- Lefthook + Crystalball
- Keeping OSS documentation in check with docsify, Lefthook, and friends
- Automatically linting docker containers
- Smooth PostgreSQL upgrades in DockerDev environments with Lefthook
- Lefthook for React/React Native apps
No vulnerabilities found.
Reason
30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
0 existing vulnerabilities detected
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:12
Reason
SAST tool is run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Info: all commits (11) are checked with a SAST tool
Reason
Found 2/30 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:18
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:19
- Warn: no topLevel permission defined: .github/workflows/codeql.yml:1
- Warn: no topLevel permission defined: .github/workflows/gh-pages.yml:1
- Warn: no topLevel permission defined: .github/workflows/lint.yml:1
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:9
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/gh-pages.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/gh-pages.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/gh-pages.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/lint.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/lint.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/lint.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:175: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:181: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:203: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/evilmartians/lefthook/test.yml/master?enable=pin
- Warn: pipCommand not pinned by hash: .github/workflows/release.yml:185
- Warn: pipCommand not pinned by hash: .github/workflows/release.yml:126
- Info: 0 out of 28 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 12 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 pipCommand dependencies pinned
- Info: 1 out of 1 goCommand dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
Project has not signed or included provenance with any releases.
Details
- Warn: release artifact v1.10.10 not signed: https://api.github.com/repos/evilmartians/lefthook/releases/195781829
- Warn: release artifact v1.10.9 not signed: https://api.github.com/repos/evilmartians/lefthook/releases/195582917
- Warn: release artifact v1.10.8 not signed: https://api.github.com/repos/evilmartians/lefthook/releases/195290119
- Warn: release artifact v1.10.7 not signed: https://api.github.com/repos/evilmartians/lefthook/releases/194876108
- Warn: release artifact v1.10.6 not signed: https://api.github.com/repos/evilmartians/lefthook/releases/194870972
- Warn: release artifact v1.10.10 does not have provenance: https://api.github.com/repos/evilmartians/lefthook/releases/195781829
- Warn: release artifact v1.10.9 does not have provenance: https://api.github.com/repos/evilmartians/lefthook/releases/195582917
- Warn: release artifact v1.10.8 does not have provenance: https://api.github.com/repos/evilmartians/lefthook/releases/195290119
- Warn: release artifact v1.10.7 does not have provenance: https://api.github.com/repos/evilmartians/lefthook/releases/194876108
- Warn: release artifact v1.10.6 does not have provenance: https://api.github.com/repos/evilmartians/lefthook/releases/194870972
Score
5.4
/10
Last Scanned on 2025-02-10
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More