leedm777 · November 12, 2010 18:51
diff --git a/update-check-commit-authors.sh b/update-check-commit-authors.sh
 #!/bin/bash

 #
 # Copyright 2010 David M. Lee, II <[email protected]>
 #
 # This git update hook compares the author emails from commits with a
 # whitelist stored in ${GIT_DIR}/author-whitelist.  If any commit has an
 # author that is not whitelisted, the offending author's email is displayed
 # then the update is rejected.
 #

 if test -z ${GIT_DIR}; then
    cat <<EOF >&2
 Do not run directly.  This is a git update hook.
 EOF
    exit 1
 fi

 # Prints a list of all authors for the given revlist to stdout
 function git-authors
 {
    git rev-list --pretty=format:"%ae" "$1" | grep -v "^commit " | sort | uniq
 }

 function commit-authors
 {
    if test "$1" -eq 0000000000000000000000000000000000000000; then
 	# creating a new branch.  Unfortunately, we don't know if we're
 	# cloning an existing branch or not, so we'll have to check all
 	# revisions.  This went pretty quick on an Ubuntu 10.10 VM against
 	# the Linux kernel repo (8601 authors, 221706 commits, < 7 seconds).
 	# I doubt a performance optimization is necessary.
 	git-authors $2
    else
 	git-authors $1..$2 
    fi
 }

 # Some things to note when modifying this script
 #  * the output from commit-authors can be pretty much anything.  Just clone
 #    the Linux kernel repo and look at the authors.  Given that, you
 #    _really_ have to be careful about shell injection.
 #
 #  * the grep below will remove whitelisted authors from the list of 
 #    commit-authors.  it will return 0 if there are non-whitelisted
 #    commit-authors.
 #
 #  * as a (pleasant) side effect, the list of non-whitelisted authors is
 #    printed to stdout.
 #
 #  * this is surpisingly fast; it took less than 100ms to compare 8601
 #    commit-authors against a whitelist of 8601 authors.
 commit-authors $2 $3 | \
    grep -v --fixed-strings --file=${GIT_DIR}/author-whitelist

 if test $? -eq 0; then
    # all is good
    echo ">>> Non-whitelisted Authors.  Fail!" >&2
    exit 1
 fi
	#!/bin/bash

	#
	# Copyright 2010 David M. Lee, II <[email protected]>
	#
	# This git update hook compares the author emails from commits with a
	# whitelist stored in ${GIT_DIR}/author-whitelist. If any commit has an
	# author that is not whitelisted, the offending author's email is displayed
	# then the update is rejected.
	#

	if test -z ${GIT_DIR}; then
	cat <<EOF >&2
	Do not run directly. This is a git update hook.
	EOF
	exit 1
	fi

	# Prints a list of all authors for the given revlist to stdout
	function git-authors
	{
	git rev-list --pretty=format:"%ae" "$1" \| grep -v "^commit " \| sort \| uniq
	}

	function commit-authors
	{
	if test "$1" -eq 0000000000000000000000000000000000000000; then
	# creating a new branch. Unfortunately, we don't know if we're
	# cloning an existing branch or not, so we'll have to check all
	# revisions. This went pretty quick on an Ubuntu 10.10 VM against
	# the Linux kernel repo (8601 authors, 221706 commits, < 7 seconds).
	# I doubt a performance optimization is necessary.
	git-authors $2
	else
	git-authors $1..$2
	fi
	}

	# Some things to note when modifying this script
	# * the output from commit-authors can be pretty much anything. Just clone
	# the Linux kernel repo and look at the authors. Given that, you
	# _really_ have to be careful about shell injection.
	#
	# * the grep below will remove whitelisted authors from the list of
	# commit-authors. it will return 0 if there are non-whitelisted
	# commit-authors.
	#
	# * as a (pleasant) side effect, the list of non-whitelisted authors is
	# printed to stdout.
	#
	# * this is surpisingly fast; it took less than 100ms to compare 8601
	# commit-authors against a whitelist of 8601 authors.
	commit-authors $2 $3 \| \
	grep -v --fixed-strings --file=${GIT_DIR}/author-whitelist

	if test $? -eq 0; then
	# all is good
	echo ">>> Non-whitelisted Authors. Fail!" >&2
	exit 1
	fi