Overcommit 0.34.2

A hotfix release to address quirks with using Overcommit with the new commit.gpgsign Git configuration option introduced in Git 2.0+.

• Add --no-color flag to all git diff/git show calls to override local configuration
• Ignore commit.gpgsign configuration option when creating stash commits in pre-commit hooks

Overcommit 0.34.1

A hotfix release to fix installation of Overcommit on systems with newer versions of RubyGems, which now preserve symlinks by default (previous behavior was to convert symlinks to regular files).

• Switch template directory hooks from symlinks to regular files so gem can be installed on Windows

Overcommit 0.34.0

Mostly bug fixes with a few minor enhancements.

• Fix Scalastyle pre-commit hook to capture messages with no line number
• Fix CoffeeLint pre-commit hook detection of modified lines
• Fix Jscs pre-commit hook to work with jscs 3.0.0+
• Fix CapitalizedSubject pre-commit hook to ignore commit message subjects
  starting with fixup! or squash! special prefixes
• Add BundleOutdated pre-commit hook to report gems in the Gemfile.lock
  that have newer versions available
• Add destructive_only option to ProtectedBranches pre-push hook
• Include .ru files in RuboCop pre-commit hook
• Fix TextWidth to ignore special fixup!/squash! prefixes in commit
  message subjects when determining width of line

Overcommit 0.33.0

The most notable update in this release is Overcommit's change in behavior to automatically invoke a Bundler context when running a CLI command if the gemfile option is specified in your .overcommit.yml. This saves you from having to prepend bundle exec ... to the overcommit command in order to use gems specified in the Gemfile specified by gemfile.

New Features

• Add global quiet option which silences all hook output except in the case
  of warning or error

Changes

• Official support for Rubinius has been dropped. It will probably still work
  for most use cases, but parallelized hook runs may be problematic. If someone
  from the community is willing to step up to support it, we'll gladly add it
  back
• Change overcommit CLI to automatically run within a Bundler context if the
  gemfile option is specified. This mainly saves you from needing
  bundle exec when running overcommit --run

Bug Fixes

• Fix AuthorName/AuthorEmail pre-commit hooks to respect
  GIT_AUTHOR_NAME/GIT_AUTHOR_EMAIL environment variables, respectively
• Fix JavaCheckstyle pre-commit hook to ignore [ERROR] prefix when parsing
  output messages

Overcommit 0.32.0

This major release introduces support for running hooks in parallel, which is enabled by default. If you are using MRI Ruby, the benefits are most noticeable if your hooks run other executables (e.g. you run static analysis tools like rubocop or scss-lint), since threads in MRI Ruby cannot truly run in parallel due to the Global Interpreter Lock (GIL). However, if the threads are blocked waiting on a child process, then they'll parallelize just fine.

New Features

• Hooks are now run in parallel by default
• Add concurrency global option allowing you to specify the number of threads
  to use when running hooks concurrently
• Add parallelize hook option which specifies whether or not this hook should
  be run in parallel (default is true)
• Add processors hook option allowing you to specify how many processing
  units a hook should require
• Add ForbiddenBranches pre-commit hook which prevents creating a commit
  on any blacklisted branch by name/pattern
• Add MessageFormat commit-msg hook to validate commit messages against
  a regex pattern

Changes

• Improve error message output when there is a problem processing messages
  via extract_messages pre-commit hook helper
• Switch ScssLint pre-commit hook to use the JSON output formatter instead
  of the default formatter
• Change tense of hook descriptions from progressive indicative form ("Running")
  to indicative present form ("Run") so output reads better in parallel hook
  runs

Bug Fixes

• Fix bug where amending a commit with command line arguments containing
  Unicode characters could cause a crash due to invalid byte sequences
• Fix Minitest pre-push hook to include all test files

Overcommit 0.32.0.rc1

This is a prerelease to help us test the new parallelism features of Overcommit.

You can install it by running gem install overcommit --pre.

See the parallelize and processors hook options documentation and the Concurrency section for details.

Overcommit 0.31.0

A relatively small release mostly consisting of bug fixes.

New Features

• Add support for glob patterns to ProtectedBranches pre-push hook
• Add Mdl pre-commit hook to run mdl on Markdown files

Changes

• Improve error message when gem file specified by gemfile option has not had a dependency installed

Bug Fixes

• Add --without-color flag to RailsBestPractices pre-commit hook to fix parsing issues due to color escape sequences
• Fix RuboCop pre-commit hook to not swallow cop messages when parser gem warnings are output to STDERR

Overcommit 0.30.0

Fixes a showstopper bug that prevented the use of existing hook scripts when invoked via the --run flag, along with some new hooks and other bug fixes.

New Features

• Add Dogma pre-commit hook to lint Elixir files with
  dogma files
• Add Minitest pre-push hook to run Minitest tests
• Add RailsBestPractices pre-commit hook which lints code with
  rails_best_practices

Bug Fixes

• Fix --run flag to not block reading STDIN when using existing hook scripts
• Fix RuboCop pre-commit hook to fail when RuboCop version specified by
  Bundler context is not available
• Fix TextWidth commit-msg hook to not include newline characters in
  calculated width

Overcommit 0.29.1

A bugfix release that addresses a breakage in hook signing.

• Raise error when hooks are defined with invalid names (i.e. non-alphanumeric
  characters)
• Fix hook signing when specifying hook name
• Fix BundleCheck pre-commit hook to not report false negatives when running
  via overcommit --run with local changes

Overcommit 0.29.0

Edit: This release ended up having a different bug related to signing hooks. Please use 0.29.1 or newer (but still read these release notes for details)

This release includes an important security patch relevant for developers who use Overcommit in open source projects. Special thanks to @danuker for responsibly disclosing the issue.

The most notable change with signature verification is that now you'll need to run overcommit --sign if you are running Overcommit for your repo for the very first time, regardless of whether you have it enabled. This means CI runs will need to include overcommit --sign before overcommit --run if you use that feature, since services like Travis create a new git repo for each run.

Security Fix

• Fix vulnerability where disabling signature verification would not be caught
  by signature verification, allowing an attacker to bypass the check. If you
  disable signature verification in your configuration, you must rename the
  option to verify_signatures and should audit your hooks. Make sure to uninstall any version of Overcommit before 0.29.0, otherwise an attacker could simply downgrade your version via the Gemfile to run a vulnerable version

New Features

• Allow nested arrays in include and exclude options so lists of file
  glob patterns can be shared across hook configurations via YAML references
• Add NginxTest pre-commit hook that checks nginx configuration files with
  nginx -t
• Respect core.commentchar configuration when reading commit messages

Changes

• Rename verify_plugin_signatures to verify_signatures

Bug Fixes

• Fix Jscs pre-commit hook to handle the new jscs
  exit codes introduced
  as of 2.2.0
• Fix Scalastyle pre-commit hook to fail with non-zero exit statuses