Fix `scripts/security-harness` to support older git versions

Peter Leitzenrequested to merge
pl-security-harness-fix into master

What does this MR do and why?

Prior this commit scripts/security-harness would not remove lefthook if the git < 2.31 because the option --path-format=absolute wasn't available yet and just been echoed which resulted in a multiline result:

$ git rev-parse  --path-format=absolute --git-path hooks/pre-push
--path-format=absolute
.git/hooks/pre-push

The hook path "--path-format=absolute\n.git/hooks/pre-push" which does not exist. Moreover, the first run creates a directory "--path-format=absolute\n.git/" which is cumbersome to remove.

In this MR we only care about the last line which is most likely the path to the hook.

Screenshots or screen recordings

Before with git < 2.31 💥 After with git < 2.31 After with git >= 2.31
Screenshot_from_2021-10-20_14-51-54 Screenshot_from_2021-10-20_14-52-47 Screenshot_from_2021-10-20_14-54-21

How to set up and validate locally

  • Ensure you have git installed < 2.31 and verify via git --version
  • Without this patch: Run scripts/security-harness and verify that hook is not installed and "--path-format=absolute\n.git/" exists 💥
  • With patch applied: Run scripts/security-harness again. Hook installed and no "--path-format=absolute\n.git/"

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Peter Leitzen

Merge request reports