[hooks PATCH] Don't allow @localhost email addresses in commit message

Andrea Bolognani abologna at redhat.com
Fri Jan 31 09:38:56 UTC 2020

On Mon, 2020-01-27 at 16:12 +0000, Daniel P. Berrangé wrote:
> +	allow_localhost_email=$(git config --bool hooks.allowlocalhostemail)

The comment at the beginning of the script documents most hooks.*
configuration options[1], so please document this one as well.

> +			git show $rev | grep '@localhost' >/dev/null 2>&1
> +			if test $? != 0
> +			then
> +				echo "*** Update hook: @localhost email address is forbidden $rev" >&2
> +				exit 1
> +			fi

This seems excessively harsh, as it would block commits where
@localhost appears in the diff[2] or is used in the commit message
in a legitimate way[3].

We need to either be way more specific in selecting the parts of
the commit we care about (Author:, Commit:, Signed-off-by: and
Reviewed-by: at the very least) or replace the match with something

  grep -E '<.*@localhost.*>'

which I think should catch most plausible mistakes without running
into false positives.

[1] hooks.allowmissingsob is notably missing, perhaps whoever
    introduced it should go back and document it ;)
[2] 3a3a85c529e92ad767fb2222e01587186854c175, though of course you
    could argue that such a commit would not have been necessary if
    we had this hook in the first place O:-)
[3] 3f1a7070428df12dae78c5b3963fa02c0b4ef5f1 and a few others
Andrea Bolognani / Red Hat / Virtualization

More information about the libvir-list mailing list