ggshield install isn't working with Husky #1143
Description
Environment
- ggshield version:
1.44.1 - Operating system (Linux, macOS, Windows):
Ubuntu - Operating system version:
24.04 LTS - Python version:
3.14.0
Describe the bug
Versioning Git Hooks is a very common practice and as it's not provided out of the box by git, people very often use the tool Husky :
- https://typicode.github.io/husky/get-started.html
- https://github.com/typicode/husky/blob/main/index.js#L14
Unfortunately ggshield install isn't compatible with Husky.
Steps to reproduce:
# Using standard GitHook
$echo "echo '[global pre-commit] Start'" > $HOME/.git/hooks/pre-commit
$ggshield install --mode global --append
pre-commit successfully added in $HOME/.git/hooks/pre-commit
$echo "echo '[global pre-commit] End'" >> $HOME/.git/hooks/pre-commit
$cat $HOME/.git/hooks/pre-commit
$mkdir -p /tmp/test && cd /tmp/test
$git init .
Dépôt Git vide initialisé dans /tmp/test/.git/
$echo "echo '[local pre-commit] Start'" > .git/hooks/pre-commit
$chmod +x .git/hooks/pre-commit
$echo toto > toto && git add toto && git commit -m test
[global pre-commit] Start
[local pre-commit] Start
Scanning... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 1 / 1
No secrets have been found
[global pre-commit] End
[master (commit racine) 5469dad] test
1 file changed, 1 insertion(+)
create mode 100644 toto
# Using Husky
$mkdir -p /tmp/test1 && cd /tmp/test1
$git init
Dépôt Git vide initialisé dans /tmp/test1/.git/
$npm install --save-dev husky
added 1 package in 373ms
1 package is looking for funding
run `npm fund` for details
$npx husky init
$git config --get --local core.hooksPath
.husky/_
$echo "echo '[local pre-commit] Start using Husky'" > .husky/pre-commit
$echo toto > toto && git add toto && git commit -m test
[local pre-commit] Start using Husky
[master (commit racine) e69ec63] test
1 file changed, 1 insertion(+)
create mode 100644 toto
# Trying with local mode
$ggshield install --mode local
pre-commit successfully added in .git/hooks/pre-commit
$echo toto1 > toto1 && git add toto1 && git commit -m test
[local pre-commit] Start using Husky
[master b466b22] test
1 file changed, 1 insertion(+)
create mode 100644 toto1Actual result:
[local pre-commit] Start using Husky
[master (commit racine) d2beabd] test
1 file changed, 1 insertion(+)
create mode 100644 toto
Expected result:
[global pre-commit] Start
[local pre-commit] Start using Husky
Scanning... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 1 / 1
No secrets have been found
[global pre-commit] End
[master (commit racine) 5469dad] test
1 file changed, 1 insertion(+)
create mode 100644 toto
Ideas
I think ggshield install --mode local should detect Husky-configured repos (where git config --get --local core.hooksPath outputs .husky/_) and automatically install into .husky/pre-commit rather than .git/hooks/pre-commit.
Improving ggshield install --mode global is more challenging because when Husky sets core.hooksPath locally, it completely overrides the global hooks path, preventing global hooks from ever being executed.