Skip to content

fix(cli): add managed bin to hook path #1647

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
TheAlexLichter wants to merge 1 commit into
base: main
Choose a base branch
from
+89 −1
Open

fix(cli): add managed bin to hook path #1647

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions packages/cli/snap-tests-global/migration-add-git-hooks/snap.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,15 @@ i="${XDG_CONFIG_HOME:-$HOME/.config}/vite-plus/hooks-init.sh"

{ [ "${HUSKY-}" = "0" ] || [ "${VITE_GIT_HOOKS-}" = "0" ]; } && exit 0

if [ -n "${VP_HOME-}" ]; then
__vp_bin="$VP_HOME/bin"
elif [ -n "${HOME-}" ]; then
__vp_bin="$HOME/.vite-plus/bin"
else
__vp_bin=""
fi
[ -n "$__vp_bin" ] && [ -d "$__vp_bin" ] && export PATH="$__vp_bin:$PATH"

d="$(dirname "$(dirname "$(dirname "$0")")")"
export PATH="$d/node_modules/.bin:$PATH"
sh -e "$s" "$@"
Expand Down
9 changes: 9 additions & 0 deletions packages/cli/snap-tests-global/migration-composed-husky-custom-dir/snap.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,15 @@ i="${XDG_CONFIG_HOME:-$HOME/.config}/vite-plus/hooks-init.sh"

{ [ "${HUSKY-}" = "0" ] || [ "${VITE_GIT_HOOKS-}" = "0" ]; } && exit 0

if [ -n "${VP_HOME-}" ]; then
__vp_bin="$VP_HOME/bin"
elif [ -n "${HOME-}" ]; then
__vp_bin="$HOME/.vite-plus/bin"
else
__vp_bin=""
fi
[ -n "$__vp_bin" ] && [ -d "$__vp_bin" ] && export PATH="$__vp_bin:$PATH"

d="$(dirname "$(dirname "$(dirname "$(dirname "$0")")")")"
export PATH="$d/node_modules/.bin:$PATH"
sh -e "$s" "$@"
Expand Down
63 changes: 62 additions & 1 deletion packages/cli/src/config/__tests__/hooks.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import { execSync } from 'node:child_process';
import { existsSync, mkdtempSync, rmSync } from 'node:fs';
import { existsSync, mkdirSync, mkdtempSync, rmSync, writeFileSync } from 'node:fs';
import { tmpdir } from 'node:os';
import { join } from 'node:path';

Expand Down Expand Up @@ -73,4 +73,65 @@ describe('hookScript', () => {
expect(countDirnameCalls(withDot)).toBe(countDirnameCalls(withoutDot));
expect(countDirnameCalls(withDot)).toBe(3);
});

it.skipIf(process.platform === 'win32')(
'should add Vite+ managed bin to PATH before running user hook',
() => {
const tmp = mkdtempSync(join(tmpdir(), 'hooks-path-test-'));
try {
const hooksDir = join(tmp, '.vite-hooks');
const internalHooksDir = join(hooksDir, '_');
const nodeModulesBin = join(tmp, 'node_modules', '.bin');
const vpHomeBin = join(tmp, 'vp-home', 'bin');
const systemBin = join(tmp, 'system-bin');

mkdirSync(internalHooksDir, { recursive: true });
mkdirSync(nodeModulesBin, { recursive: true });
mkdirSync(vpHomeBin, { recursive: true });
mkdirSync(systemBin, { recursive: true });

writeFileSync(join(internalHooksDir, 'h'), hookScript('.vite-hooks'), { mode: 0o755 });
writeFileSync(
join(internalHooksDir, 'pre-commit'),
'#!/usr/bin/env sh\n. "$(dirname "$0")/h"',
{ mode: 0o755 },
);
writeFileSync(join(hooksDir, 'pre-commit'), 'vp staged\n');

writeFileSync(
join(nodeModulesBin, 'vp'),
'#!/bin/sh\nbasedir=$(dirname "$0")\nexec node "$basedir/../vite-plus/bin/vp" "$@"\n',
{ mode: 0o755 },
);
writeFileSync(
join(vpHomeBin, 'node'),
'#!/bin/sh\necho "fake-node $*" > "$VP_HOME/node-used"\n',
{ mode: 0o755 },
);

writeFileSync(join(systemBin, 'sh'), '#!/bin/sh\nexec /bin/sh "$@"\n', {
mode: 0o755,
});
writeFileSync(join(systemBin, 'dirname'), '#!/bin/sh\nexec /usr/bin/dirname "$@"\n', {
mode: 0o755,
});
writeFileSync(join(systemBin, 'basename'), '#!/bin/sh\nexec /usr/bin/basename "$@"\n', {
mode: 0o755,
});

execSync('sh .vite-hooks/_/pre-commit', {
cwd: tmp,
env: {
HOME: join(tmp, 'home'),
PATH: systemBin,
VP_HOME: join(tmp, 'vp-home'),
},
});

expect(existsSync(join(tmp, 'vp-home', 'node-used'))).toBe(true);
} finally {
rmSync(tmp, { recursive: true, force: true });
}
},
);
});
9 changes: 9 additions & 0 deletions packages/cli/src/config/hooks.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,15 @@ i="\${XDG_CONFIG_HOME:-$HOME/.config}/vite-plus/hooks-init.sh"
{ [ "\${HUSKY-}" = "0" ] || [ "\${VITE_GIT_HOOKS-}" = "0" ]; } && exit 0
if [ -n "\${VP_HOME-}" ]; then
__vp_bin="$VP_HOME/bin"
elif [ -n "\${HOME-}" ]; then
__vp_bin="$HOME/.vite-plus/bin"
else
__vp_bin=""
fi
[ -n "$__vp_bin" ] && [ -d "$__vp_bin" ] && export PATH="$__vp_bin:$PATH"
Copy link
Copy Markdown
Member

@fengmk2 fengmk2 May 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

export PATH="$PATH:$__vp_bin" Put at the end as a fallback, to avoid overriding the system's PATH priority.

d=${rootExpr}
Comment on lines +59 to 61
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot May 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Compute repo root before prepending VP_HOME/bin

Prepending VP_HOME/bin to PATH before evaluating d=${rootExpr} lets any shim in VP_HOME/bin override core utilities used in rootExpr (notably dirname), so users who installed a global package that exposes dirname can get an incorrect d and therefore an incorrect node_modules/.bin path. In that case local hook commands may resolve to the wrong binaries or fail with command not found; moving the d=${rootExpr} computation before this PATH mutation (or invoking dirname via a safe/system path) avoids this regression.

Useful? React with 👍 / 👎.

export PATH="$d/node_modules/.bin:$PATH"
sh -e "$s" "$@"
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot May 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Invoke a trusted shell instead of PATH-resolved sh

Because VP_HOME/bin is prepended to PATH, the final sh -e "$s" "$@" call now resolves sh through that user-controlled directory before the system path. If a global shim/binary named sh exists in VP_HOME/bin, the hook dispatcher runs that program instead of a POSIX shell, so hooks can fail or execute unintended logic. Using an absolute shell path (or computing and invoking a trusted shell before mutating PATH) prevents this breakage.

Useful? React with 👍 / 👎.

Expand Down
Loading