| ▲ | factorialboy 6 hours ago | |
Installed GitButler to try it out — and realized it installs malicious Git hooks to take over the git commit workflow: * pre-commit — The malicious one. It intercepted every `git commit` attempt and aborted it with that error message, forcing you to use `but commit` instead. Effectively a commit hijack — no way to commit to your own repo without their tool. * post-checkout — Fired whenever you switched branches. GitButler used it to track your branch state and sync its virtual branch model. It cleaned this one up itself when we checked out. * There's also typically a prepare-commit-msg hook that GitButler installs to inject its metadata into commit messages, though we didn't hit that one. * The pre-commit hook is the aggressive one — it's a standard git hook location, so git runs it unconditionally before every commit. GitButler installs it silently as part of "setting up" a repo, with no opt-in. The only escape (without their CLI) is exactly what we did: delete it manually. | ||
| ▲ | schacon 5 minutes ago | parent | next [-] | |
Just to clarify (and we do say this when you run `but setup`), the `pre-commit` hook is needed because of the way that we manage commits - we allow for multiple parallel applied branches, which Git cannot do. The way we accomplish this is to maintain a hidden 'megamerge' commit (as JJ would say). All Git commands work fine the way we're doing it except 'git commit', which is not aware of our operating model and will commit on top of our megamerge, which is problematic. So we install pre-commit to protect against getting yourself in a poor situation by using both Git and GitButler interchangeably. It's not difficult to "escape" - using `git checkout` will tear everything down properly - that's the only task of the `post-checkout` - to determine that you want to go back to using vanilla git commit tooling and remove our shims. We also don't have a prepare-commit-msg hook - our commit tooling will inject an extra Change-Id header (of the same format and interchangeable with Jujutsu) but that affects nothing that vanilla git cares about. | ||
| ▲ | ivanjermakov 3 hours ago | parent | prev [-] | |
So they decided to start "embrace, extend, and extinguish" directly with with "extinguish". | ||