Enforce Author Hook Rejects Cherrypicked Commit

The Enforce Author Hook is rejecting any cherry picked commits that I am trying to bring into a feature branch. For example, a bug is fixed on master and I need that fix asap so I cherry pick it into my feature branch. When I try to push, the Enforce Author Hook rejects it.

Is this the expected behavior (i.e. you cannot use cherry pick with this hook) or is it a bug?

2 answers

1 accepted

1 vote
Accepted answer

Hi Carolyn,

How do you know it was a cherry pick (or rebase or commit amend)? As far as Git is concerned they are completely different commits, based on the SHA. Sure the message is the same, but that doesn't necessarily mean anything.

This is the difficulty in trying to enforce a centralized workflow in the distributed world of Git. I've warned other people about this:


I might try to contact the vendor directly and see if they have any thoughts, but I'm fairly confident there's nothing technical you can do, at least not without making the plugin broken in other ways. For example you could make it so that you could amend the message with a magic keyword and it lets you through, but obviously that's bad for security.


I've pinged them on Twitter for you.

For now you could:

1. Disable the hook, push, and then enable it again.

2. Cherry-pick with --no-commit and then using your own details.

3. Filter-branch the commits and update them with you as the author.



Thanks Charles! I didn't know about the second option (cherry picking with --no-commit), that should work just fine for now. In the future, I will look into ditching this particular hook and switching to a hook that just checks the domain of the author's email, e.g. *@mycompany.com.

I initially enabled this hook because everyone is new to git and some people were getting their author information mixed up between their open source github repositories and their work repositories. This seemed like an easy way to detect that they had misconfigured their repo.

Hi Carolyn, I am the author of this plugin.

Charles is basically right. Cherry pick with --no-commit is the answer on this one, because from a strict audit perspective, while the original author made that commit on another branch, it was introduced on this branch by you. You may not need this type of strict checking if you don't have particularly stringent audit requirements.

If you need a starting point for writing a hook that only checks the email domain, you may be able to use the source code for the Enforce Author Hook, which is now available under the Apache License at https://github.com/RisingOak/stash-enforce-author-hook. It solves the painful parts of finding what new commits are part of the push, and looping over their author information, etc.

Thanks Cosmin, I appreciate the link to the original source. That will save me a ton of time! :-)

Thanks for jumping in Cosmin.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Feb 07, 2019 in Marketplace Apps

A Timeless Love Story

It started as any story starts, on a normal, rainy day.   Admin meets App, and her name was Klok2, and like any first relationship we were both trying to make it work but neither one knew what...

441 views 8 26
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you