post-checkout/post-merge hook to automate npm/yarn/bower/composer install only when they change

php-js-post-checkout-merge-hook

#!/bin/bash
#
# A hook to update files for package managers
# bin/post-checkout-merge-hook
#
# This is a post-merge/post-checkout/post-rewrite hook.
#
#set -x

if [[ "$SKIP_COM_GIT_HOOK" == '1' ]]; then
    exit 0
fi

if [[ "$(git rev-parse --is-inside-work-tree 2>/dev/null)" != "true" ]]; then
    echo "Not in a git directory"
    exit 1
fi

# different hooks have different ways to get the sha
if [[ "$0" == *post-checkout ]]; then
    OLD_SHA="$1"
    NEW_SHA="$2"
else
    OLD_SHA="$(git rev-parse ORIG_HEAD)"
    NEW_SHA="$(git rev-parse HEAD)"
fi

# only do something if a file has changed
CHANGED_FILES="$(git diff --name-only ${OLD_SHA} ${NEW_SHA})"

# update npm dependencies
if echo "$CHANGED_FILES" | grep -q 'package.json\|yarn.lock'; then
    PACKAGE_JSON_OLD="$(git show ${OLD_SHA}:package.json 2>/dev/null)"
    PACKAGE_JSON_NEW="$(git show ${NEW_SHA}:package.json 2>/dev/null)"
    NODE_DEPS_OLD="$(echo "$PACKAGE_JSON_OLD" | jq -r .dependencies 2>/dev/null)"
    NODE_DEPS_NEW="$(echo "$PACKAGE_JSON_NEW" | jq -r .dependencies 2>/dev/null)"
    NODE_DEV_DEPS_OLD="$(echo "$PACKAGE_JSON_OLD" | jq -r .devDependencies 2>/dev/null)"
    NODE_DEV_DEPS_NEW="$(echo "$PACKAGE_JSON_NEW" | jq -r .devDependencies 2>/dev/null)"
    YARN_LOCK_OLD="$(git show ${OLD_SHA}:yarn.lock 2>/dev/null)"
    YARN_LOCK_NEW="$(git show ${NEW_SHA}:yarn.lock 2>/dev/null)"

    # run npm install if any dependencies changed
    if [[ "$NODE_DEPS_OLD" != "$NODE_DEPS_NEW" ]] || [[ "$NODE_DEV_DEPS_OLD" != "$NODE_DEV_DEPS_NEW" ]] || [[ "$YARN_LOCK_OLD" != "$YARN_LOCK_NEW" ]]; then
        printf "\e[35m ===== npm dependencies has changed ===== \e[0m\n"
        echo
        if [[ -e yarn.lock ]]; then
            yarn install --pure-lockfile
        else
            npm install
            npm prune
        fi
    fi
fi

# update bower dependencies
if echo "$CHANGED_FILES" | grep -q 'bower.json'; then
    BOWER_DEPS_OLD="$(git show ${OLD_SHA}:bower.json 2>/dev/null | jq -r .dependencies 2>/dev/null)"
    BOWER_DEPS_NEW="$(git show ${NEW_SHA}:bower.json 2>/dev/null | jq -r .dependencies 2>/dev/null)"

    # run bower install if any dependencies changed
    if [[ "$BOWER_DEPS_OLD" != "$BOWER_DEPS_NEW" ]]; then
        printf "\e[35m ===== bower dependencies has changed ===== \e[0m\n"
        echo
        bower install
        bower prune
    fi
fi

# update composer dependencies
if echo "$CHANGED_FILES" | grep -q 'composer'; then
    COMPOSER_OLD="$(git show ${OLD_SHA}:composer.json 2>/dev/null)"
    COMPOSER_NEW="$(git show ${NEW_SHA}:composer.json 2>/dev/null)"
    COMPOSER_LOCK_OLD="$(git show ${OLD_SHA}:composer.lock 2>/dev/null)"
    COMPOSER_LOCK_NEW="$(git show ${NEW_SHA}:composer.lock 2>/dev/null)"

    # run composer install if any dependencies changed
    if [[ "$COMPOSER_OLD" != "$COMPOSER_NEW" ]] || [[ "$COMPOSER_LOCK_OLD" != "$COMPOSER_LOCK_NEW" ]]; then
        if ! composer install --dry-run 2>&1 | grep -q 'Nothing to install or update'; then
            printf "\e[35m ===== composer dependencies has changed ===== \e[0m\n"
            echo
            composer install
        fi
    fi
fi

You're redefining BOWER_DEPS_OLD when you should probably set BOWER_DEPS_NEW and then you're checking BOWER_DEPS_OLD against itself. Looks like a copy-paste error (on lines 50 and 53).