Overcommit v0.29.0 Release Notes
-
๐ Important Security Fix
- ๐ Fix vulnerability where disabling signature verification would not be caught
by signature verification, allowing an attacker to bypass the check. If you
disable signature verification in your configuration, you must rename the
option to
verify_signatures
and should audit your hooks.
๐ New Features
- ๐ Allow nested arrays in
include
andexclude
options so lists of file glob patterns can be shared across hook configurations via YAML references - โ Add
NginxTest
pre-commit hook that checks nginx configuration files withnginx -t
- ๐ง Respect
core.commentchar
configuration when reading commit messages
๐ Changes
- ๐ Rename
verify_plugin_signatures
toverify_signatures
๐ Bug Fixes
- ๐ Fix
Jscs
pre-commit hook to handle the newjscs
exit codes introduced as of 2.2.0 - ๐ Fix
Scalastyle
pre-commit hook to fail with non-zero exit statuses
- ๐ Fix vulnerability where disabling signature verification would not be caught
by signature verification, allowing an attacker to bypass the check. If you
disable signature verification in your configuration, you must rename the
option to