lefthook
by evilmartians
Lefthook is a fast, powerful, and dependency-free Git hooks manager that automates and controls Git hook execution across various programming environments.
Fast and powerful Git hooks manager for any type of projects.
Primary Use Case
Lefthook is used by developers and DevSecOps teams to automate and manage Git hooks efficiently, ensuring code quality and security checks run consistently before commits or pushes. It is ideal for projects in Node.js, Ruby, Python, and other languages, enabling parallel execution and flexible file filtering to optimize pre-commit, pre-push, and other Git hook workflows.
- Written in Go for speed and efficiency
- Runs Git hook commands in parallel to save time
- Single binary with no external dependencies
- Supports multiple languages and environments (Node.js, Ruby, Python, etc.)
- Flexible file filtering with glob and regexp patterns
- Ability to run commands in subdirectories
- Supports running scripts with custom runners
- Tag-based grouping of jobs for selective execution
Installation
- Install with Go (>= 1.24): go install github.com/evilmartians/lefthook@latest
- Or as a Go tool: go get -tool github.com/evilmartians/lefthook
- Install with NPM: npm install lefthook --save-dev
- Install with Ruby gem: gem install lefthook
- Install with Python pip: pip install lefthook
- Refer to installation guide for apt, brew, winget, and other methods
Usage
>_ vim lefthook.ymlConfigure your Git hooks in the lefthook.yml file
>_ lefthook installInstall the configured Git hooks into the current Git project
>_ git add -A && git commit -m '...'Standard Git workflow that triggers Lefthook-managed hooks during commit
>_ pre-push:
parallel: trueEnable parallel execution of jobs in the pre-push hook
>_ pre-commit:
jobs:
- name: lint frontend
run: yarn eslint {staged_files}Run ESLint on staged frontend files during pre-commit
>_ pre-commit:
jobs:
- name: lint backend
glob: "*.rb"
exclude: '(^|/)(application|routes)\.rb$'
run: bundle exec rubocop --force-exclusion {all_files}Run RuboCop on Ruby files excluding specific patterns during pre-commit
>_ commit-msg:
jobs:
- script: "template_checker"
runner: bashRun a custom bash script named template_checker during commit-msg hook
- Integrate Lefthook into CI/CD pipelines to enforce security checks early in the development lifecycle, reducing vulnerabilities before deployment.
- Use Lefthook’s parallel execution feature to optimize performance of security scans and static analysis tools during pre-commit or pre-push hooks.
- Leverage flexible file filtering to target security-critical files for scanning, improving efficiency and reducing noise in security automation.
- Combine Lefthook with secret scanning and dependency vulnerability tools to automate detection of sensitive data leaks and insecure dependencies.
- Employ Lefthook in purple team exercises to simulate attacker techniques via custom hooks and validate blue team detection and response capabilities.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about lefthook. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
grafana
grafana/grafana
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
PowerShell
PowerShell/PowerShell
PowerShell for every system!
awx
ansible/awx
AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. It is one of the upstream projects for Red Hat Ansible Automation Platform.
wazuh
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
awesome-security
sbilly/awesome-security
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
crowdsec
crowdsecurity/crowdsec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.