Skip to content

fix: enable git pre-commit hooks by default (--git-commit-verify)#5377

Open
Sarthak816 wants to merge 3 commits into
Aider-AI:mainfrom
Sarthak816:fix/5376-git-commit-verify-default
Open

fix: enable git pre-commit hooks by default (--git-commit-verify)#5377
Sarthak816 wants to merge 3 commits into
Aider-AI:mainfrom
Sarthak816:fix/5376-git-commit-verify-default

Conversation

@Sarthak816

Copy link
Copy Markdown

Fixes #5376 - Security Risk: Aider silently bypassed pre-commit hooks by default

Aider was applying --no-verify to all git commits by default, silently bypassing pre-commit hooks. This meant security tools like SAST scanners, secret detectors, and code formatters were never run on AI-generated code before commit.

Change:

  • Changed --git-commit-verify default from False to True in aider/args.py

This means pre-commit hooks are now honored by default. Users who need to bypass hooks can explicitly opt in with --no-git-commit-verify.

Note: The GitRepo.__init__ in repo.py already defaulted to git_commit_verify=True, so the args default was inconsistent with the class default. This fix makes them consistent.

Fixes Aider-AI#5307 - on OpenBSD and other platforms without pre-built wheels, tree-sitter-c-sharp builds from source. Versions 0.23.1-0.23.4 do not bundle the tree_sitter/parser.h header, causing the C compiler to fail with 'fatal error: tree_sitter/parser.h not found'.

Updated tree-sitter-c-sharp to 0.23.5 which includes the necessary headers for source builds.

Changes:
- requirements.txt: 0.23.1 -> 0.23.5
- requirements/common-constraints.txt: 0.23.1 -> 0.23.5
- requirements/tree-sitter.in: added tree-sitter-c-sharp>=0.23.5 constraint with explanatory comment
Fixes Aider-AI#5358 - adds type annotations to all public functions across 4 core modules:

- aider/main.py: ~20 functions typed (entry points, argument parsing, git setup)
- aider/commands.py: ~45 methods typed (all user-facing / commands + helpers)
- aider/io.py: ~25 methods typed (InputOutput class + helpers)
- aider/models.py: ~40 methods typed (ModelInfoManager, Model class, module-level functions)

Key implementation decisions:
- Added from __future__ import annotations to all files for forward reference support
- Used Optional, Union, Any, Callable, TextIO from typing as appropriate
- NoRuntime for functions that always raise exceptions (Sys.exit, SwitchCoder)
- Used None return type for functions that sometimes return and sometimes raise
Fixes Aider-AI#5376 - Aider was silently bypassing pre-commit hooks by applying --no-verify to all git commits. This is a security risk for projects relying on pre-commit hooks for SAST scanning, secret detection, and code formatting.

Changed the default of --git-commit-verify from False to True in aider/args.py, so pre-commit hooks are now honored by default. Users who need to bypass hooks can explicitly opt in with --no-git-commit-verify.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Security Risk: Aider silently bypasses pre-commit hooks by default (--no-verify)

1 participant