{"id":13529761,"url":"https://github.com/rudikershaw/git-build-hook","last_synced_at":"2025-08-29T16:40:19.887Z","repository":{"id":35240924,"uuid":"151619546","full_name":"rudikershaw/git-build-hook","owner":"rudikershaw","description":"A maven plugin for managing client side (local) git configuration for those working on your project. Including but not limited to setting git config, installing hooks, validating the local repository.","archived":false,"fork":false,"pushed_at":"2025-07-07T11:14:34.000Z","size":358,"stargazers_count":150,"open_issues_count":9,"forks_count":24,"subscribers_count":3,"default_branch":"develop","last_synced_at":"2025-08-23T22:21:15.645Z","etag":null,"topics":["build","client-git-hooks","client-side-git-hooks","enforce-conventions","enforcer","git","git-hook","git-hooks","hooks","installer","linting","local-git-hooks","maven","maven-plugin","project-management"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rudikershaw.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-10-04T18:41:36.000Z","updated_at":"2025-08-21T01:17:17.000Z","dependencies_parsed_at":"2023-12-14T13:37:54.464Z","dependency_job_id":"8e084633-bb5a-43cb-a751-56586903c469","html_url":"https://github.com/rudikershaw/git-build-hook","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"purl":"pkg:github/rudikershaw/git-build-hook","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rudikershaw%2Fgit-build-hook","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rudikershaw%2Fgit-build-hook/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rudikershaw%2Fgit-build-hook/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rudikershaw%2Fgit-build-hook/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rudikershaw","download_url":"https://codeload.github.com/rudikershaw/git-build-hook/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rudikershaw%2Fgit-build-hook/sbom","scorecard":{"id":789160,"data":{"date":"2025-08-11","repo":{"name":"github.com/rudikershaw/git-build-hook","commit":"32b0273670e0339911d6acbf3491cf6baeac6969"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.2,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":2,"reason":"Found 8/30 approved changesets -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":9,"reason":"binaries present in source code","details":["Warn: binary detected: .mvn/wrapper/maven-wrapper.jar:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 9 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":7,"reason":"3 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-78wr-2p64-hpwj","Warn: Project is vulnerable to: GHSA-3p86-9955-h393","Warn: Project is vulnerable to: GHSA-vrpq-qp53-qv56"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T06:58:09.988Z","repository_id":35240924,"created_at":"2025-08-23T06:58:09.988Z","updated_at":"2025-08-23T06:58:09.988Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":272723569,"owners_count":24982491,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-29T02:00:10.610Z","response_time":87,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["build","client-git-hooks","client-side-git-hooks","enforce-conventions","enforcer","git","git-hook","git-hooks","hooks","installer","linting","local-git-hooks","maven","maven-plugin","project-management"],"created_at":"2024-08-01T07:00:39.165Z","updated_at":"2025-08-29T16:40:19.850Z","avatar_url":"https://github.com/rudikershaw.png","language":"Java","readme":"\u003cimg align=\"right\" width=\"164\" height=\"250\" src=\"documentation/logo.png\"  alt=\"The Git Build Hook Maven Plugin Logo\"/\u003e\n\n[![MIT Licence][licence-image]][licence-url]\n[![Build Status][travis-image]][travis-url]\n[![Maven Central][maven-central-image]][maven-central-url]\n\n# Git Build Hook Maven Plugin \n\nA Maven plugin used to add configuration, install git hooks, and initialize the local project's git repository. It is common for a team or project to need to manage client side git configuration. For example, you may need to install pre-commit hooks for all your developers, or insist on a particular `core.autoclrf` policy. This plugin allows you to setup configuration for every developer working on the project the first time they run your build.\n\n## Key Features\n\n* Set arbitrary project specific git configuration.\n* Install client side (local) git hooks for the project.\n* Fail the build if your project is not being managed by Git.\n* Use with Maven archetypes to initialise Git repository with the first build.\n\n## Basic Usage\n\nA common use-case might be to install local git hooks by setting the `core.hooksPath` configuration. Put all your Git hooks in a directory in your project, then configure your `pom.xml` to include the following plugin declaration, goal, and configuration.\n\n```xml\n\u003cbuild\u003e\n  \u003cplugins\u003e\n    \u003cplugin\u003e\n      \u003cgroupId\u003ecom.rudikershaw.gitbuildhook\u003c/groupId\u003e\n      \u003cartifactId\u003egit-build-hook-maven-plugin\u003c/artifactId\u003e\n      \u003cversion\u003e3.5.0\u003c/version\u003e\n      \u003cconfiguration\u003e\n        \u003cgitConfig\u003e\n          \u003c!-- The location of the directory you are using to store the Git hooks in your project. --\u003e\n          \u003ccore.hooksPath\u003ehooks-directory/\u003c/core.hooksPath\u003e\n          \u003c!-- Some other project specific git config that you want to set. --\u003e\n          \u003ccustom.configuration\u003etrue\u003c/custom.configuration\u003e \n        \u003c/gitConfig\u003e\n      \u003c/configuration\u003e\n      \u003cexecutions\u003e\n        \u003cexecution\u003e\n          \u003cgoals\u003e       \n            \u003c!-- Sets git config specified under configuration \u003e gitConfig. --\u003e\n            \u003cgoal\u003econfigure\u003c/goal\u003e\n          \u003c/goals\u003e\n        \u003c/execution\u003e\n      \u003c/executions\u003e\n    \u003c/plugin\u003e\n      \u003c!-- ... etc ... --\u003e\n  \u003c/plugins\u003e\n\u003c/build\u003e\n```\n\nWhen you run your project build the plugin will configure git to run hooks out of the directory specified. This will effectively set up the hooks in that directory for everyone working on your project. If you would prefer to install individual git hooks into the default hooks directory, then you can use the `install` goal with configuration for each hook you wish to install like so;\n\n```xml\n...\n      \u003cconfiguration\u003e\n        \u003cinstallHooks\u003e\n          \u003c!-- The location of a git hook to install into the default hooks directory. --\u003e\n          \u003cpre-commit\u003efile_path/to/your/hook.sh\u003c/pre-commit\u003e\n          \u003ccommit-msg\u003eclass_path/package/hook.sh\u003c/commit-msg\u003e\n        \u003c/installHooks\u003e\n      \u003c/configuration\u003e\n      \u003cdependencies\u003e\n        \u003cdependency\u003e\n          \u003cgroupId\u003emy.company\u003c/groupId\u003e\n          \u003cartifactId\u003ecompany-git-hooks\u003c/artifactId\u003e\n          \u003cversion\u003e[1.2.3,)\u003c/version\u003e\n        \u003cdependency\u003e\n      \u003c/dependencies\u003e\n...\n      \u003cgoals\u003e       \n        \u003c!-- Install specific hooks directly to the default hooks directory. --\u003e\n        \u003cgoal\u003einstall\u003c/goal\u003e\n      \u003c/goals\u003e\n...\n```\n\nWith both of the above goals, the build will fail if the project is not managed by Git. If you would prefer the plugin to, instead of failing, initialize a new Git repository at the root of the project you can do the following;\n\n```xml\n...\n\u003cgoals\u003e       \n  \u003c!-- Initialize a Git repository at the root of the project if one does not exist. --\u003e\n  \u003cgoal\u003einitialize\u003c/goal\u003e\n  \u003cgoal\u003econfigure\u003c/goal\u003e\n\u003c/goals\u003e\n...\n```\n\n### Wait, but why?\n\nMany web-based hosting services for version control using Git, do not allow server side hooks. Server side hooks are extremely useful for enforcing certain styles of commit message, restricting the kind and types of actions that can be performed against certain branches, providing useful feedback or advice during certain actions in Git, and much more. This kind of quick feedback is advantageous when managing any large group of developers. \n\nIf you cannot perform these kind of actions server side, what else can be done? Well, the hooks can be installed on the developers local machines. But it can be difficult to organise groups of people to install these hooks and even more difficult to get updates out to everyone. \n\nIf only there was some way that the hooks could be managed in your project repository and installed automatically during your build. Well, that is what this plugin is for. \n\n[licence-image]: http://img.shields.io/npm/l/gulp-rtlcss.svg?style=flat\n[licence-url]: https://tldrlegal.com/license/mit-license\n[travis-image]: https://app.travis-ci.com/rudikershaw/git-build-hook.svg?branch=develop\n[travis-url]: https://app.travis-ci.com/rudikershaw/git-build-hook?branch=develop\n[maven-central-image]: https://maven-badges.herokuapp.com/maven-central/com.rudikershaw.gitbuildhook/git-build-hook-maven-plugin/badge.svg\n[maven-central-url]: https://maven-badges.herokuapp.com/maven-central/com.rudikershaw.gitbuildhook/git-build-hook-maven-plugin\n","funding_links":[],"categories":["Tools"],"sub_categories":["update"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frudikershaw%2Fgit-build-hook","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frudikershaw%2Fgit-build-hook","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frudikershaw%2Fgit-build-hook/lists"}