update pre-commit and update hooks

fschloesser · fschloesser · commit d91e2e1ced97 · 2021-04-14T16:05:14.000+02:00
diff --git a/pre-commit b/pre-commit
@@ -7,27 +7,28 @@
 
 if git rev-parse --verify HEAD >/dev/null 2>&1
 then
-	against=HEAD
+  against=HEAD
 else
-	# Initial commit: diff against an empty tree object
-	against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
+  # Initial commit: diff against an empty tree object
+  against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
 fi
 
 # If you want to allow non-ascii filenames set this variable to true.
 allownonascii=$(git config hooks.allownonascii)
+sizelimit=52428800
 
 # Cross platform projects tend to avoid non-ascii filenames; prevent
 # them from being added to the repository. We exploit the fact that the
 # printable range starts at the space character and ends with tilde.
 if [ "$allownonascii" != "true" ] &&
-	# Note that the use of brackets around a tr range is ok here, (it's
-	# even required, for portability to Solaris 10's /usr/bin/tr), since
-	# the square bracket bytes happen to fall in the designated range.
-	test "$(git diff --cached --name-only --diff-filter=A -z $against |
-	  LC_ALL=C tr -d '[ -~]\0')"
-then
-	echo "Attempt to add a non-ascii file name. Please choose a different name."
-	exit 1
+  # Note that the use of brackets around a tr range is ok here, (it's
+  # even required, for portability to Solaris 10's /usr/bin/tr), since
+  # the square bracket bytes happen to fall in the designated range.
+  test "$(git diff --cached --name-only --diff-filter=A -z $against |
+    LC_ALL=C tr -d '[ -~]\0')"
+    then
+      echo "Attempt to add a non-ascii file name. Please choose a different name."
+      exit 1
 fi
 
 # this checks that no unimportant whitespace changes are committed
@@ -46,4 +47,15 @@ if [ "${ifzeros}" != "" ]; then
   exit 1
 fi
 
+# check the filesize of each file stays below sizelimit
+# list new or modified files newfiles=$(git diff --staged --name-only )
+currdir="$(pwd)"
+for file in $(git diff --cached --name-only | sort | uniq); do
+  filesize=$(du -b ${currdir}/${file} | awk '{print $1}')
+  if [ "${size}" -ge "${sizelimit}" ]; then
+    echo "hard size limit (${sizelimit}) exceeded: ${file} (${size} bytes)"
+    exit 1
+  fi
+done
+
 echo "All fine, thank you."
diff --git a/serverhooks/update b/serverhooks/update
@@ -17,23 +17,33 @@
 refname=$1 # name of ref that is being updated
 oldrev=$2 # old object name that ref pointed to before
 newrev=$3 # new object name that ref should point to
+nullsha="0000000000000000000000000000000000000000"
+emptysha=$(git hash-object -t tree /dev/null) # SHA1: "4b825dc642cb6eb9a060e54bf8d69288fbee4904"
+
 echo "Enforcing policies for revision ${refname}:"
 
 # -------------------------------
 # Get the list of all the commits
 # -------------------------------
 
 # exit if a branch is about to be deleted
-if [ "${newrev}" == '0000000000000000000000000000000000000000' ]; then
+if [ "${newrev}" == "${nullsha}" ]; then
   exit 0
 fi
 
-checksince="--since=2020-04-27"
+# Set oldrev properly if the is branch created
+if [ "${oldrev}" = "${nullsha}" ]; then
+   oldrev=$emptysha
+fi
+
+checkmessagesince="--since=2020-04-27"
+checksizesince="--since=2020-04-13"
+sizelimit=52428800
 
 # branch labels are updated *after* the hook ran successfully,
-# so get all commits reachable from newref (that are newer than a certain date),
+# so get all commits reachable from newrev (that are newer than a certain date),
 # that are not reachable from any yet known ref (branch) labels
-span=$(git rev-list ${newrev} ${checksince} --not --all)
+span=$(git rev-list ${newrev} ${checkmessagesince} --not --all)
 
 # ----------------------------------------
 # Iterate over all new commits in the push
@@ -54,6 +64,23 @@ for sha1 in ${span}; do
     continue
   fi
 
+  # check the filesize of each file stays below sizelimit
+  # list new or modified files
+  newfiles=$(git show --pretty="format:" --name-only --diff-filter=ACMRT ${sha1} )
+
+  for file in ${newfiles}; do
+    size=$(git cat-file -s "${sha1}:${file}")
+    if [[ -z $size ]]; then
+        size=0;
+    fi
+
+    if [ "${size}" -gt "${sizelimit}" ]
+    then
+      echo "${sha1} hard size limit (${sizelimit}) exceeded: ${file} (${size} bytes)"
+      refuse=true
+    fi
+  done
+
   # check commit message
   commitmessage=$(git log --format=%B -n 1 ${sha1})
   commitfirstline=$(echo "${commitmessage}" | head -n 1)
