gitSafetyHook static method
Hook that prevents dangerous git operations.
Blocks force pushes to protected branches, hard resets, and other destructive operations.
Implementation
static HookRegistration gitSafetyHook({
List<String> protectedBranches = const ['main', 'master'],
}) {
return HookRegistration(
id: 'builtin:git-safety',
type: HookType.onGitOperation,
priority: HookPriority.critical,
name: 'Git Safety',
description: 'Prevents dangerous git operations.',
source: 'builtin',
tags: {'security', 'git'},
handler: (context) {
if (context is! GitHookContext) return const HookContinue();
// Block force push to protected branches
if (context.operation == GitOperation.push &&
context.force &&
protectedBranches.contains(context.branch)) {
return HookAbort(
'Force push to protected branch "${context.branch}" is blocked.',
);
}
// Block hard reset
if (context.operation == GitOperation.reset &&
context.metadata['hard'] == true) {
return HookAbort(
'Hard reset is blocked. Use soft or mixed reset instead.',
);
}
// Block branch deletion of protected branches
if (context.operation == GitOperation.branch &&
context.metadata['delete'] == true &&
protectedBranches.contains(context.targetBranch)) {
return HookAbort(
'Deletion of protected branch "${context.targetBranch}" is blocked.',
);
}
return const HookContinue();
},
);
}