do local checksum/pkgver checks via git hooks
Discussed briefly with the team. We previously considered having pre-commit git hooks for pmaports, but decided againt it due to potential security issues and because they would have to be enabled manually.
However, what we didn't consider was using pmbootstrap to install the hooks. It can ensure that we're on the master branch of pmaports and that the hooks haven't been modified and then copy (NOT symlink) them to .git/hooks. This allows us to keep them up to date as long as you check out the master branch occasionally, and avoid any security concerns if you check out untrusted branches.
The associated python/shell scripts for doing pkgver checks might also have to be copied to .git, this shouldn't be a huge concern? We could alternatively have the hooks ask if any of the associated scripts are modified and it's an untrusted branch?
I'd like a few basic hooks:
- pre-commit: run pmbootstrap checksum and check pkgver, do shellcheck, auto-generate commit title from the first 3 modified packages that are staged
- post-commit: validate commit message
- other ideas?...