1GIT-RECEIVE-PACK(1)               Git Manual               GIT-RECEIVE-PACK(1)
2
3
4

NAME

6       git-receive-pack - Receive what is pushed into the repository
7

SYNOPSIS

9       git-receive-pack <directory>
10
11

DESCRIPTION

13       Invoked by git send-pack and updates the repository with the
14       information fed from the remote end.
15
16       This command is usually not invoked directly by the end user. The UI
17       for the protocol is on the git send-pack side, and the program pair is
18       meant to be used to push updates to remote repository. For pull
19       operations, see git-fetch-pack(1).
20
21       The command allows for creation and fast-forwarding of sha1 refs
22       (heads/tags) on the remote end (strictly speaking, it is the local end
23       git-receive-pack runs, but to the user who is sitting at the send-pack
24       end, it is updating the remote. Confused?)
25
26       There are other real-world examples of using update and post-update
27       hooks found in the Documentation/howto directory.
28
29       git-receive-pack honours the receive.denyNonFastForwards config option,
30       which tells it if updates to a ref should be denied if they are not
31       fast-forwards.
32
33       A number of other receive.* config options are available to tweak its
34       behavior, see git-config(1).
35

OPTIONS

37       <directory>
38           The repository to sync into.
39

PRE-RECEIVE HOOK

41       Before any ref is updated, if $GIT_DIR/hooks/pre-receive file exists
42       and is executable, it will be invoked once with no parameters. The
43       standard input of the hook will be one line per ref to be updated:
44
45           sha1-old SP sha1-new SP refname LF
46
47       The refname value is relative to $GIT_DIR; e.g. for the master head
48       this is "refs/heads/master". The two sha1 values before each refname
49       are the object names for the refname before and after the update. Refs
50       to be created will have sha1-old equal to 0{40}, while refs to be
51       deleted will have sha1-new equal to 0{40}, otherwise sha1-old and
52       sha1-new should be valid objects in the repository.
53
54       When accepting a signed push (see git-push(1)), the signed push
55       certificate is stored in a blob and an environment variable
56       GIT_PUSH_CERT can be consulted for its object name. See the description
57       of post-receive hook for an example. In addition, the certificate is
58       verified using GPG and the result is exported with the following
59       environment variables:
60
61       GIT_PUSH_CERT_SIGNER
62           The name and the e-mail address of the owner of the key that signed
63           the push certificate.
64
65       GIT_PUSH_CERT_KEY
66           The GPG key ID of the key that signed the push certificate.
67
68       GIT_PUSH_CERT_STATUS
69           The status of GPG verification of the push certificate, using the
70           same mnemonic as used in %G?  format of git log family of commands
71           (see git-log(1)).
72
73       GIT_PUSH_CERT_NONCE
74           The nonce string the process asked the signer to include in the
75           push certificate. If this does not match the value recorded on the
76           "nonce" header in the push certificate, it may indicate that the
77           certificate is a valid one that is being replayed from a separate
78           "git push" session.
79
80       GIT_PUSH_CERT_NONCE_STATUS
81
82           UNSOLICITED
83               "git push --signed" sent a nonce when we did not ask it to send
84               one.
85
86           MISSING
87               "git push --signed" did not send any nonce header.
88
89           BAD
90               "git push --signed" sent a bogus nonce.
91
92           OK
93               "git push --signed" sent the nonce we asked it to send.
94
95           SLOP
96               "git push --signed" sent a nonce different from what we asked
97               it to send now, but in a previous session. See
98               GIT_PUSH_CERT_NONCE_SLOP environment variable.
99
100       GIT_PUSH_CERT_NONCE_SLOP
101           "git push --signed" sent a nonce different from what we asked it to
102           send now, but in a different session whose starting time is
103           different by this many seconds from the current session. Only
104           meaningful when GIT_PUSH_CERT_NONCE_STATUS says SLOP. Also read
105           about receive.certNonceSlop variable in git-config(1).
106
107       This hook is called before any refname is updated and before any
108       fast-forward checks are performed.
109
110       If the pre-receive hook exits with a non-zero exit status no updates
111       will be performed, and the update, post-receive and post-update hooks
112       will not be invoked either. This can be useful to quickly bail out if
113       the update is not to be supported.
114
115       See the notes on the quarantine environment below.
116

UPDATE HOOK

118       Before each ref is updated, if $GIT_DIR/hooks/update file exists and is
119       executable, it is invoked once per ref, with three parameters:
120
121           $GIT_DIR/hooks/update refname sha1-old sha1-new
122
123       The refname parameter is relative to $GIT_DIR; e.g. for the master head
124       this is "refs/heads/master". The two sha1 arguments are the object
125       names for the refname before and after the update. Note that the hook
126       is called before the refname is updated, so either sha1-old is 0{40}
127       (meaning there is no such ref yet), or it should match what is recorded
128       in refname.
129
130       The hook should exit with non-zero status if it wants to disallow
131       updating the named ref. Otherwise it should exit with zero.
132
133       Successful execution (a zero exit status) of this hook does not ensure
134       the ref will actually be updated, it is only a prerequisite. As such it
135       is not a good idea to send notices (e.g. email) from this hook.
136       Consider using the post-receive hook instead.
137

POST-RECEIVE HOOK

139       After all refs were updated (or attempted to be updated), if any ref
140       update was successful, and if $GIT_DIR/hooks/post-receive file exists
141       and is executable, it will be invoked once with no parameters. The
142       standard input of the hook will be one line for each successfully
143       updated ref:
144
145           sha1-old SP sha1-new SP refname LF
146
147       The refname value is relative to $GIT_DIR; e.g. for the master head
148       this is "refs/heads/master". The two sha1 values before each refname
149       are the object names for the refname before and after the update. Refs
150       that were created will have sha1-old equal to 0{40}, while refs that
151       were deleted will have sha1-new equal to 0{40}, otherwise sha1-old and
152       sha1-new should be valid objects in the repository.
153
154       The GIT_PUSH_CERT* environment variables can be inspected, just as in
155       pre-receive hook, after accepting a signed push.
156
157       Using this hook, it is easy to generate mails describing the updates to
158       the repository. This example script sends one mail message per ref
159       listing the commits pushed to the repository, and logs the push
160       certificates of signed pushes with good signatures to a logger service:
161
162           #!/bin/sh
163           # mail out commit update information.
164           while read oval nval ref
165           do
166                   if expr "$oval" : '0*$' >/dev/null
167                   then
168                           echo "Created a new ref, with the following commits:"
169                           git rev-list --pretty "$nval"
170                   else
171                           echo "New commits:"
172                           git rev-list --pretty "$nval" "^$oval"
173                   fi |
174                   mail -s "Changes to ref $ref" commit-list@mydomain
175           done
176           # log signed push certificate, if any
177           if test -n "${GIT_PUSH_CERT-}" && test ${GIT_PUSH_CERT_STATUS} = G
178           then
179                   (
180                           echo expected nonce is ${GIT_PUSH_NONCE}
181                           git cat-file blob ${GIT_PUSH_CERT}
182                   ) | mail -s "push certificate from $GIT_PUSH_CERT_SIGNER" push-log@mydomain
183           fi
184           exit 0
185
186
187       The exit code from this hook invocation is ignored, however a non-zero
188       exit code will generate an error message.
189
190       Note that it is possible for refname to not have sha1-new when this
191       hook runs. This can easily occur if another user modifies the ref after
192       it was updated by git-receive-pack, but before the hook was able to
193       evaluate it. It is recommended that hooks rely on sha1-new rather than
194       the current value of refname.
195

POST-UPDATE HOOK

197       After all other processing, if at least one ref was updated, and if
198       $GIT_DIR/hooks/post-update file exists and is executable, then
199       post-update will be called with the list of refs that have been
200       updated. This can be used to implement any repository wide cleanup
201       tasks.
202
203       The exit code from this hook invocation is ignored; the only thing left
204       for git-receive-pack to do at that point is to exit itself anyway.
205
206       This hook can be used, for example, to run git update-server-info if
207       the repository is packed and is served via a dumb transport.
208
209           #!/bin/sh
210           exec git update-server-info
211
212

QUARANTINE ENVIRONMENT

214       When receive-pack takes in objects, they are placed into a temporary
215       "quarantine" directory within the $GIT_DIR/objects directory and
216       migrated into the main object store only after the pre-receive hook has
217       completed. If the push fails before then, the temporary directory is
218       removed entirely.
219
220       This has a few user-visible effects and caveats:
221
222        1. Pushes which fail due to problems with the incoming pack, missing
223           objects, or due to the pre-receive hook will not leave any on-disk
224           data. This is usually helpful to prevent repeated failed pushes
225           from filling up your disk, but can make debugging more challenging.
226
227        2. Any objects created by the pre-receive hook will be created in the
228           quarantine directory (and migrated only if it succeeds).
229
230        3. The pre-receive hook MUST NOT update any refs to point to
231           quarantined objects. Other programs accessing the repository will
232           not be able to see the objects (and if the pre-receive hook fails,
233           those refs would become corrupted). For safety, any ref updates
234           from within pre-receive are automatically rejected.
235

SEE ALSO

237       git-send-pack(1), gitnamespaces(7)
238

GIT

240       Part of the git(1) suite
241
242
243
244Git 2.24.1                        12/10/2019               GIT-RECEIVE-PACK(1)
Impressum