-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
High
-
None
-
Affects Version/s: 4.2.12
-
Component/s: Git
-
None
-
Severity 1 - Critical
When a pre-commit hook gets executed through Sourcetree.app on macOS it runs sandboxed and thus has some limitations. One limitation is that it can't execute certain binaries:
git --no-optional-locks -c color.branch=false -c color.diff=false -c color.status=false -c diff.mnemonicprefix=false -c core.quotepath=false -c credential.helper=sourcetree commit -q -F /var/folders/d7/5n3h0yv95hs_wvnrsc_20mhh0000gn/T/SourceTreeTemp.JMhefC Creating simple test binary... Checking Quarantine bit... com.apple.quarantine: 0081;693eb6df;Sourcetree; Executing test binary... failed with exit code: 137 Completed with errors, see above
The above example creates a binary on the fly and tries to execute it. This succeedes when executed through git-cli from the command line but it fails when executed through Sourcetree.app
The pre-commit hook is this:
#!/bin/zsh echo "Creating test binary..." TEST_SWIFT="${TMPDIR}/test-$$.swift" cat > "$TEST_SWIFT" << 'EOF' print("success") EOF TEST_BINARY="${TMPDIR}/test-$$" swiftc "$TEST_SWIFT" -o "$TEST_BINARY" COMPILE_RESULT=$? if [ $COMPILE_RESULT -ne 0 ]; then echo "Compilation failed with exit code: $COMPILE_RESULT" rm -f "$TEST_SWIFT" exit 1 fi echo "" echo "Checking quarantine bit..." xattr -l "$TEST_BINARY" | grep com.apple.quarantine echo "" echo "Executing test binary..." "$TEST_BINARY" || echo "failed with exit code: $?" echo "" rm -f "$TEST_SWIFT" "$TEST_BINARY" exit 0
It's a common pattern in more complex scenarios where pre-commit hooks may download, build tooling on the fly or execute things by other means to fulfill their work. There are existing bug reports about this across the internet, e.g. here and here