Chapter 10
Handling repository events with hooks

Mercurial offers a powerful mechanism to let you perform automated actions in response to events that occur in a repository. In some cases, you can even control Mercurial’s response to those events.

The name Mercurial uses for one of these actions is a hook. Hooks are called “triggers” in some revision control systems, but the two names refer to the same idea.

10.1 An overview of hooks in Mercurial

Here is a brief list of the hooks that Mercurial supports. We will revisit each of these hooks in more detail later, in section 10.8.

Each of the hooks whose description begins with the word “Controlling” has the ability to determine whether an activity can proceed. If the hook succeeds, the activity may proceed; if it fails, the activity is either not permitted or undone, depending on the hook.

10.2 Hooks and security

10.2.1 Hooks are run with your privileges

When you run a Mercurial command in a repository, and the command causes a hook to run, that hook runs on your system, under your user account, with your privilege level. Since hooks are arbitrary pieces of executable code, you should treat them with an appropriate level of suspicion. Do not install a hook unless you are confident that you know who created it and what it does.

In some cases, you may be exposed to hooks that you did not install yourself. If you work with Mercurial on an unfamiliar system, Mercurial will run hooks defined in that system’s global hgrc file.

If you are working with a repository owned by another user, Mercurial can run hooks defined in that user’s repository, but it will still run them as “you”. For example, if you hg pull” from that repository, and its .hg/hgrc defines a local outgoing hook, that hook will run under your user account, even though you don’t own that repository.

Note: This only applies if you are pulling from a repository on a local or network filesystem. If you’re pulling over http or ssh, any outgoing hook will run under whatever account is executing the server process, on the server.

XXX To see what hooks are defined in a repository, use the hg config hooks” command. If you are working in one repository, but talking to another that you do not own (e.g. using hg pull” or hg incoming”), remember that it is the other repository’s hooks you should be checking, not your own.

10.2.2 Hooks do not propagate

In Mercurial, hooks are not revision controlled, and do not propagate when you clone, or pull from, a repository. The reason for this is simple: a hook is a completely arbitrary piece of executable code. It runs under your user identity, with your privilege level, on your machine.

It would be extremely reckless for any distributed revision control system to implement revision-controlled hooks, as this would offer an easily exploitable way to subvert the accounts of users of the revision control system.

Since Mercurial does not propagate hooks, if you are collaborating with other people on a common project, you should not assume that they are using the same Mercurial hooks as you are, or that theirs are correctly configured. You should document the hooks you expect people to use.

In a corporate intranet, this is somewhat easier to control, as you can for example provide a “standard” installation of Mercurial on an NFS filesystem, and use a site-wide hgrc file to define hooks that all users will see. However, this too has its limits; see below.

10.2.3 Hooks can be overridden

Mercurial allows you to override a hook definition by redefining the hook. You can disable it by setting its value to the empty string, or change its behaviour as you wish.

If you deploy a system- or site-wide hgrc file that defines some hooks, you should thus understand that your users can disable or override those hooks.

10.2.4 Ensuring that critical hooks are run

Sometimes you may want to enforce a policy that you do not want others to be able to work around. For example, you may have a requirement that every changeset must pass a rigorous set of tests. Defining this requirement via a hook in a site-wide hgrc won’t work for remote users on laptops, and of course local users can subvert it at will by overriding the hook.

Instead, you can set up your policies for use of Mercurial so that people are expected to propagate changes through a well-known “canonical” server that you have locked down and configured appropriately.

One way to do this is via a combination of social engineering and technology. Set up a restricted-access account; users can push changes over the network to repositories managed by this account, but they cannot log into the account and run normal shell commands. In this scenario, a user can commit a changeset that contains any old garbage they want.

When someone pushes a changeset to the server that everyone pulls from, the server will test the changeset before it accepts it as permanent, and reject it if it fails to pass the test suite. If people only pull changes from this filtering server, it will serve to ensure that all changes that people pull have been automatically vetted.

10.3 Care with pretxn hooks in a shared-access repository

If you want to use hooks to do some automated work in a repository that a number of people have shared access to, you need to be careful in how you do this.

Mercurial only locks a repository when it is writing to the repository, and only the parts of Mercurial that write to the repository pay attention to locks. Write locks are necessary to prevent multiple simultaneous writers from scribbling on each other’s work, corrupting the repository.

Because Mercurial is careful with the order in which it reads and writes data, it does not need to acquire a lock when it wants to read data from the repository. The parts of Mercurial that read from the repository never pay attention to locks. This lockless reading scheme greatly increases performance and concurrency.

With great performance comes a trade-off, though, one which has the potential to cause you trouble unless you’re aware of it. To describe this requires a little detail about how Mercurial adds changesets to a repository and reads those changes.

When Mercurial writes metadata, it writes it straight into the destination file. It writes file data first, then manifest data (which contains pointers to the new file data), then changelog data (which contains pointers to the new manifest data). Before the first write to each file, it stores a record of where the end of the file was in its transaction log. If the transaction must be rolled back, Mercurial simply truncates each file back to the size it was before the transaction began.

When Mercurial reads metadata, it reads the changelog first, then everything else. Since a reader will only access parts of the manifest or file metadata that it can see in the changelog, it can never see partially written data.

Some controlling hooks (pretxncommit and pretxnchangegroup) run when a transaction is almost complete. All of the metadata has been written, but Mercurial can still roll the transaction back and cause the newly-written data to disappear.

If one of these hooks runs for long, it opens a window of time during which a reader can see the metadata for changesets that are not yet permanent, and should not be thought of as “really there”. The longer the hook runs, the longer that window is open.

10.3.1 The problem illustrated

In principle, a good use for the pretxnchangegroup hook would be to automatically build and test incoming changes before they are accepted into a central repository. This could let you guarantee that nobody can push changes to this repository that “break the build”. But if a client can pull changes while they’re being tested, the usefulness of the test is zero; an unsuspecting someone can pull untested changes, potentially breaking their build.

The safest technological answer to this challenge is to set up such a “gatekeeper” repository as unidirectional. Let it take changes pushed in from the outside, but do not allow anyone to pull changes from it (use the preoutgoing hook to lock it down). Configure a changegroup hook so that if a build or test succeeds, the hook will push the new changes out to another repository that people can pull from.

In practice, putting a centralised bottleneck like this in place is not often a good idea, and transaction visibility has nothing to do with the problem. As the size of a project—and the time it takes to build and test—grows, you rapidly run into a wall with this “try before you buy” approach, where you have more changesets to test than time in which to deal with them. The inevitable result is frustration on the part of all involved.

An approach that scales better is to get people to build and test before they push, then run automated builds and tests centrally after a push, to be sure all is well. The advantage of this approach is that it does not impose a limit on the rate at which the repository can accept changes.

10.4 A short tutorial on using hooks

It is easy to write a Mercurial hook. Let’s start with a hook that runs when you finish a hg commit”, and simply prints the hash of the changeset you just created. The hook is called commit.


1  $ hg init hook-test
2  $ cd hook-test
3  $ echo '[hooks]' >> .hg/hgrc
4  $ echo 'commit = echo committed $HG_NODE' >> .hg/hgrc
5  $ cat .hg/hgrc
6  [hooks]
7  commit = echo committed $HG_NODE
8  $ echo a > a
9  $ hg add a
10  $ hg commit -m 'testing commit hook'
11  committed e3d9500df84bc689a089684d424dc170499bcb59

Figure 10.1: A simple hook that runs when a changeset is committed

All hooks follow the pattern in example 10.1. You add an entry to the [hooks] section of your hgrcȮn the left is the name of the event to trigger on; on the right is the action to take. As you can see, you can run an arbitrary shell command in a hook. Mercurial passes extra information to the hook using environment variables (look for HGt4ht@95xNODE in the example).

10.4.1 Performing multiple actions per event

Quite often, you will want to define more than one hook for a particular kind of event, as shown in example 10.2. Mercurial lets you do this by adding an extension to the end of a hook’s name. You extend a hook’s name by giving the name of the hook, followed by a full stop (the “.” character), followed by some more text of your choosing. For example, Mercurial will run both commit.foo and commit.bar when the commit event occurs.


1  $ echo 'commit.when = echo -n "date of commit: "; date' >> .hg/hgrc
2  $ echo a >> a
3  $ hg commit -m 'i have two hooks'
4  committed 8f07c0fd923177a17a05a4f8d529db63fc643de9
5  date of commit: Thu Aug 21 18:22:21 GMT 2008

Figure 10.2: Defining a second commit hook

To give a well-defined order of execution when there are multiple hooks defined for an event, Mercurial sorts hooks by extension, and executes the hook commands in this sorted order. In the above example, it will execute commit.bar before commit.foo, and commit before both.

It is a good idea to use a somewhat descriptive extension when you define a new hook. This will help you to remember what the hook was for. If the hook fails, you’ll get an error message that contains the hook name and extension, so using a descriptive extension could give you an immediate hint as to why the hook failed (see section 10.4.2 for an example).

10.4.2 Controlling whether an activity can proceed

In our earlier examples, we used the commit hook, which is run after a commit has completed. This is one of several Mercurial hooks that run after an activity finishes. Such hooks have no way of influencing the activity itself.

Mercurial defines a number of events that occur before an activity starts; or after it starts, but before it finishes. Hooks that trigger on these events have the added ability to choose whether the activity can continue, or will abort.

The pretxncommit hook runs after a commit has all but completed. In other words, the metadata representing the changeset has been written out to disk, but the transaction has not yet been allowed to complete. The pretxncommit hook has the ability to decide whether the transaction can complete, or must be rolled back.

If the pretxncommit hook exits with a status code of zero, the transaction is allowed to complete; the commit finishes; and the commit hook is run. If the pretxncommit hook exits with a non-zero status code, the transaction is rolled back; the metadata representing the changeset is erased; and the commit hook is not run.


1  $ cat check_bug_id
2  #!/bin/sh
3  # check that a commit comment mentions a numeric bug id
4  hg log -r $1 --template {desc} | grep -q "<bug ⋆[0-9]"
5  $ echo 'pretxncommit.bug_id_required = ./check_bug_id $HG_NODE' >> .hg/hgrc
6  $ echo a >> a
7  $ hg commit -m 'i am not mentioning a bug id'
8  transaction abort!
9  rollback completed
10  abort: pretxncommit.bug_id_required hook exited with status 1
11  $ hg commit -m 'i refer you to bug 666'
12  committed 7f5326347c52aaed12d7fa424cab7716ffcd71d8
13  date of commit: Thu Aug 21 18:22:21 GMT 2008

Figure 10.3: Using the pretxncommit hook to control commits

The hook in example 10.3 checks that a commit comment contains a bug ID. If it does, the commit can complete. If not, the commit is rolled back.

10.5 Writing your own hooks

When you are writing a hook, you might find it useful to run Mercurial either with the -v option, or the verbose config item set to “true”. When you do so, Mercurial will print a message before it calls each hook.

10.5.1 Choosing how your hook should run

You can write a hook either as a normal program—typically a shell script—or as a Python function that is executed within the Mercurial process.

Writing a hook as an external program has the advantage that it requires no knowledge of Mercurial’s internals. You can call normal Mercurial commands to get any added information you need. The trade-off is that external hooks are slower than in-process hooks.

An in-process Python hook has complete access to the Mercurial API, and does not “shell out” to another process, so it is inherently faster than an external hook. It is also easier to obtain much of the information that a hook requires by using the Mercurial API than by running Mercurial commands.

If you are comfortable with Python, or require high performance, writing your hooks in Python may be a good choice. However, when you have a straightforward hook to write and you don’t need to care about performance (probably the majority of hooks), a shell script is perfectly fine.

10.5.2 Hook parameters

Mercurial calls each hook with a set of well-defined parameters. In Python, a parameter is passed as a keyword argument to your hook function. For an external program, a parameter is passed as an environment variable.

Whether your hook is written in Python or as a shell script, the hook-specific parameter names and values will be the same. A boolean parameter will be represented as a boolean value in Python, but as the number 1 (for “true”) or 0 (for “false”) as an environment variable for an external hook. If a hook parameter is named foo, the keyword argument for a Python hook will also be named foo, while the environment variable for an external hook will be named HGt4ht@95xFOO.

10.5.3 Hook return values and activity control

A hook that executes successfully must exit with a status of zero if external, or return boolean “false” if in-process. Failure is indicated with a non-zero exit status from an external hook, or an in-process hook returning boolean “true”. If an in-process hook raises an exception, the hook is considered to have failed.

For a hook that controls whether an activity can proceed, zero/false means “allow”, while non-zero/true/exception means “deny”.

10.5.4 Writing an external hook

When you define an external hook in your hgrc and the hook is run, its value is passed to your shell, which interprets it. This means that you can use normal shell constructs in the body of the hook.

An executable hook is always run with its current directory set to a repository’s root directory.

Each hook parameter is passed in as an environment variable; the name is upper-cased, and prefixed with the string “HGt4ht@95x”.

With the exception of hook parameters, Mercurial does not set or modify any environment variables when running a hook. This is useful to remember if you are writing a site-wide hook that may be run by a number of different users with differing environment variables set. In multi-user situations, you should not rely on environment variables being set to the values you have in your environment when testing the hook.

10.5.5 Telling Mercurial to use an in-process hook

The hgrc syntax for defining an in-process hook is slightly different than for an executable hook. The value of the hook must start with the text “python:”, and continue with the fully-qualified name of a callable object to use as the hook’s value.

The module in which a hook lives is automatically imported when a hook is run. So long as you have the module name and PYTHONPATH right, it should “just work”.

The following hgrc example snippet illustrates the syntax and meaning of the notions we just described.

1  [hooks]
2  commit.example = python:mymodule.submodule.myhook

When Mercurial runs the commit.example hook, it imports mymodule.submodule, looks for the callable object named myhook, and calls it.

10.5.6 Writing an in-process hook

The simplest in-process hook does nothing, but illustrates the basic shape of the hook API:

1  def myhook(ui, repo, ⋆⋆kwargs):
2      pass

The first argument to a Python hook is always a mercurial.ui.ui object. The second is a repository object; at the moment, it is always an instance of mercurial.localrepo.localrepository. Following these two arguments are other keyword arguments. Which ones are passed in depends on the hook being called, but a hook can ignore arguments it doesn’t care about by dropping them into a keyword argument dict, as with ⋆⋆kwargs above.

10.6 Some hook examples

10.6.1 Writing meaningful commit messages

It’s hard to imagine a useful commit message being very short. The simple pretxncommit hook of figure 10.4 will prevent you from committing a changeset with a message that is less than ten bytes long.


1  $ cat .hg/hgrc
2  [hooks]
3  pretxncommit.msglen = test ‘hg tip --template {desc} | wc -c‘ -ge 10
4  $ echo a > a
5  $ hg add a
6  $ hg commit -A -m 'too short'
7  transaction abort!
8  rollback completed
9  abort: pretxncommit.msglen hook exited with status 1
10  $ hg commit -A -m 'long enough'

Figure 10.4: A hook that forbids overly short commit messages

10.6.2 Checking for trailing whitespace

An interesting use of a commit-related hook is to help you to write cleaner code. A simple example of “cleaner code” is the dictum that a change should not add any new lines of text that contain “trailing whitespace”. Trailing whitespace is a series of space and tab characters at the end of a line of text. In most cases, trailing whitespace is unnecessary, invisible noise, but it is occasionally problematic, and people often prefer to get rid of it.

You can use either the precommit or pretxncommit hook to tell whether you have a trailing whitespace problem. If you use the precommit hook, the hook will not know which files you are committing, so it will have to check every modified file in the repository for trailing white space. If you want to commit a change to just the file foo, but the file bar contains trailing whitespace, doing a check in the precommit hook will prevent you from committing foo due to the problem with bar. This doesn’t seem right.

Should you choose the pretxncommit hook, the check won’t occur until just before the transaction for the commit completes. This will allow you to check for problems only the exact files that are being committed. However, if you entered the commit message interactively and the hook fails, the transaction will roll back; you’ll have to re-enter the commit message after you fix the trailing whitespace and run hg commit” again.


1  $ cat .hg/hgrc
2  [hooks]
3  pretxncommit.whitespace = hg export tip | (! egrep -q '̂+.⋆[ t]$')
4  $ echo 'a ' > a
5  $ hg commit -A -m 'test with trailing whitespace'
6  adding a
7  transaction abort!
8  rollback completed
9  abort: pretxncommit.whitespace hook exited with status 1
10  $ echo 'a' > a
11  $ hg commit -A -m 'drop trailing whitespace and try again'

Figure 10.5: A simple hook that checks for trailing whitespace

Figure 10.5 introduces a simple pretxncommit hook that checks for trailing whitespace. This hook is short, but not very helpful. It exits with an error status if a change adds a line with trailing whitespace to any file, but does not print any information that might help us to identify the offending file or line. It also has the nice property of not paying attention to unmodified lines; only lines that introduce new trailing whitespace cause problems.


1  $ cat .hg/hgrc
2  [hooks]
3  pretxncommit.whitespace = .hg/check_whitespace.py
4  $ echo 'a ' >> a
5  $ hg commit -A -m 'add new line with trailing whitespace'
6  a, line 2: trailing whitespace added
7  commit message saved to .hg/commit.save
8  transaction abort!
9  rollback completed
10  abort: pretxncommit.whitespace hook exited with status 1
11  $ sed -i 's, ⋆$,,' a
12  $ hg commit -A -m 'trimmed trailing whitespace'
13  a, line 2: trailing whitespace added
14  commit message saved to .hg/commit.save
15  transaction abort!
16  rollback completed
17  abort: pretxncommit.whitespace hook exited with status 1

Figure 10.6: A better trailing whitespace hook

The example of figure 10.6 is much more complex, but also more useful. It parses a unified diff to see if any lines add trailing whitespace, and prints the name of the file and the line number of each such occurrence. Even better, if the change adds trailing whitespace, this hook saves the commit comment and prints the name of the save file before exiting and telling Mercurial to roll the transaction back, so you can use hg commit -l filename” to reuse the saved commit message once you’ve corrected the problem.

As a final aside, note in figure 10.6 the use of perl’s in-place editing feature to get rid of trailing whitespace from a file. This is concise and useful enough that I will reproduce it here.

1  perl -pi -e 's,
s+$,,' filename

10.7 Bundled hooks

Mercurial ships with several bundled hooks. You can find them in the hgext directory of a Mercurial source tree. If you are using a Mercurial binary package, the hooks will be located in the hgext directory of wherever your package installer put Mercurial.

10.7.1 acl—access control for parts of a repository

The acl extension lets you control which remote users are allowed to push changesets to a networked server. You can protect any portion of a repository (including the entire repo), so that a specific remote user can push changes that do not affect the protected portion.

This extension implements access control based on the identity of the user performing a push, not on who committed the changesets they’re pushing. It makes sense to use this hook only if you have a locked-down server environment that authenticates remote users, and you want to be sure that only specific users are allowed to push changes to that server.

Configuring the acl hook

In order to manage incoming changesets, the acl hook must be used as a pretxnchangegroup hook. This lets it see which files are modified by each incoming changeset, and roll back a group of changesets if they modify “forbidden” files. Example:

1  [hooks]
2  pretxnchangegroup.acl = python:hgext.acl.hook

The acl extension is configured using three sections.

The [acl] section has only one entry, sources, which lists the sources of incoming changesets that the hook should pay attention to. You don’t normally need to configure this section.

The [acl.allow] section controls the users that are allowed to add changesets to the repository. If this section is not present, all users that are not explicitly denied are allowed. If this section is present, all users that are not explicitly allowed are denied (so an empty section means that all users are denied).

The [acl.deny] section determines which users are denied from adding changesets to the repository. If this section is not present or is empty, no users are denied.

The syntaxes for the [acl.allow] and [acl.deny] sections are identical. On the left of each entry is a glob pattern that matches files or directories, relative to the root of the repository; on the right, a user name.

In the following example, the user docwriter can only push changes to the docs subtree of the repository, while intern can push changes to any file or directory except source/sensitive.

1  [acl.allow]
2  docs/⋆⋆ = docwriter
3  
4  [acl.deny]
5  source/sensitive/⋆⋆ = intern

Testing and troubleshooting

If you want to test the acl hook, run it with Mercurial’s debugging output enabled. Since you’ll probably be running it on a server where it’s not convenient (or sometimes possible) to pass in the --debug option, don’t forget that you can enable debugging output in your hgrc:

1  [ui]
2  debug = true

With this enabled, the acl hook will print enough information to let you figure out why it is allowing or forbidding pushes from specific users.

10.7.2 bugzilla—integration with Bugzilla

The bugzilla extension adds a comment to a Bugzilla bug whenever it finds a reference to that bug ID in a commit comment. You can install this hook on a shared server, so that any time a remote user pushes changes to this server, the hook gets run.

It adds a comment to the bug that looks like this (you can configure the contents of the comment—see below):

1  Changeset aad8b264143a, made by Joe User <joe.user@domain.com> in
2  the frobnitz repository, refers to this bug.
3  
4  For complete details, see
5  http://hg.domain.com/frobnitz?cmd=changeset;node=aad8b264143a
6  
7  Changeset description:
8        Fix bug 10483 by guarding against some NULL pointers

The value of this hook is that it automates the process of updating a bug any time a changeset refers to it. If you configure the hook properly, it makes it easy for people to browse straight from a Bugzilla bug to a changeset that refers to that bug.

You can use the code in this hook as a starting point for some more exotic Bugzilla integration recipes. Here are a few possibilities:

Configuring the bugzilla hook

You should configure this hook in your server’s hgrc as an incoming hook, for example as follows:

1  [hooks]
2  incoming.bugzilla = python:hgext.bugzilla.hook

Because of the specialised nature of this hook, and because Bugzilla was not written with this kind of integration in mind, configuring this hook is a somewhat involved process.

Before you begin, you must install the MySQL bindings for Python on the host(s) where you’ll be running the hook. If this is not available as a binary package for your system, you can download it from [Dus].

Configuration information for this hook lives in the [bugzilla] section of your hgrc.

Mapping committer names to Bugzilla user names

By default, the bugzilla hook tries to use the email address of a changeset’s committer as the Bugzilla user name with which to update a bug. If this does not suit your needs, you can map committer email addresses to Bugzilla user names using a [usermap] section.

Each item in the [usermap] section contains an email address on the left, and a Bugzilla user name on the right.

1  [usermap]
2  jane.user@example.com = jane

You can either keep the [usermap] data in a normal hgrc, or tell the bugzilla hook to read the information from an external usermap file. In the latter case, you can store usermap data by itself in (for example) a user-modifiable repository. This makes it possible to let your users maintain their own usermap entries. The main hgrc file might look like this:

1  # regular hgrc file refers to external usermap file
2  [bugzilla]
3  usermap = /home/hg/repos/userdata/bugzilla-usermap.conf

While the usermap file that it refers to might look like this:

1  # bugzilla-usermap.conf - inside a hg repository
2  [usermap]
3  stephanie@example.com = steph

Configuring the text that gets added to a bug

You can configure the text that this hook adds as a comment; you specify it in the form of a Mercurial template. Several hgrc entries (still in the [bugzilla] section) control this behaviour.

In addition, you can add a baseurl item to the [web] section of your hgrc. The bugzilla hook will make this available when expanding a template, as the base string to use when constructing a URL that will let users browse from a Bugzilla comment to view a changeset. Example:

1  [web]
2  baseurl = http://hg.domain.com/

Here is an example set of bugzilla hook config information.

1  [bugzilla]
2  host = bugzilla.example.com
3  password = mypassword
4  version = 2.16
5  # server-side repos live in /home/hg/repos, so strip 4 leading
6  # separators
7  strip = 4
8  hgweb = http://hg.example.com/
9  usermap = /home/hg/repos/notify/bugzilla.conf
10  template = Changeset {node|short}, made by {author} in the {webroot}
11    repo, refers to this bug.
nFor complete details, see
12    {hgweb}{webroot}?cmd=changeset;node={node|short}
nChangeset
13    description:
n
t{desc|tabindent}

Testing and troubleshooting

The most common problems with configuring the bugzilla hook relate to running Bugzilla’s processmail script and mapping committer names to user names.

Recall from section 10.7.2 above that the user that runs the Mercurial process on the server is also the one that will run the processmail script. The processmail script sometimes causes Bugzilla to write to files in its configuration directory, and Bugzilla’s configuration files are usually owned by the user that your web server runs under.

You can cause processmail to be run with the suitable user’s identity using the sudo command. Here is an example entry for a sudoers file.

1  hg_user = (httpd_user) NOPASSWD: /var/www/html/bugzilla/processmail-wrapper %s

This allows the hgt4ht@95xuser user to run a processmail-wrapper program under the identity of httpdt4ht@95xuser.

This indirection through a wrapper script is necessary, because processmail expects to be run with its current directory set to wherever you installed Bugzilla; you can’t specify that kind of constraint in a sudoers file. The contents of the wrapper script are simple:

1  #!/bin/sh
2  cd ‘dirname $0‘ && ./processmail "$1" nobody@example.com

It doesn’t seem to matter what email address you pass to processmail.

If your [usermap] is not set up correctly, users will see an error message from the bugzilla hook when they push changes to the server. The error message will look like this:

1  cannot find bugzilla user id for john.q.public@example.com

What this means is that the committer’s address, john.q.public@example.com, is not a valid Bugzilla user name, nor does it have an entry in your [usermap] that maps it to a valid Bugzilla user name.

10.7.3 notify—send email notifications

Although Mercurial’s built-in web server provides RSS feeds of changes in every repository, many people prefer to receive change notifications via email. The notify hook lets you send out notifications to a set of email addresses whenever changesets arrive that those subscribers are interested in.

As with the bugzilla hook, the notify hook is template-driven, so you can customise the contents of the notification messages that it sends.

By default, the notify hook includes a diff of every changeset that it sends out; you can limit the size of the diff, or turn this feature off entirely. It is useful for letting subscribers review changes immediately, rather than clicking to follow a URL.

Configuring the notify hook

You can set up the notify hook to send one email message per incoming changeset, or one per incoming group of changesets (all those that arrived in a single pull or push).

1  [hooks]
2  # send one email per group of changes
3  changegroup.notify = python:hgext.notify.hook
4  # send one email per change
5  incoming.notify = python:hgext.notify.hook

Configuration information for this hook lives in the [notify] section of a hgrc file.

If you set the baseurl item in the [web] section, you can use it in a template; it will be available as webroot.

Here is an example set of notify configuration information.

1  [notify]
2  # really send email
3  test = false
4  # subscriber data lives in the notify repo
5  config = /home/hg/repos/notify/notify.conf
6  # repos live in /home/hg/repos on server, so strip 4 "/" chars
7  strip = 4
8  template = X-Hg-Repo: {webroot}
9    Subject: {webroot}: {desc|firstline|strip}
10    From: {author}
11  
12    changeset {node|short} in {root}
13    details: {baseurl}{webroot}?cmd=changeset;node={node|short}
14    description:
15      {desc|tabindent|strip}
16  
17  [web]
18  baseurl = http://hg.example.com/

This will produce a message that looks like the following:

1  X-Hg-Repo: tests/slave
2  Subject: tests/slave: Handle error case when slave has no buffers
3  Date: Wed,  2 Aug 2006 15:25:46 -0700 (PDT)
4  
5  changeset 3cba9bfe74b5 in /home/hg/repos/tests/slave
6  details: http://hg.example.com/tests/slave?cmd=changeset;node=3cba9bfe74b5
7  description:
8          Handle error case when slave has no buffers
9  diffs (54 lines):
10  
11  diff -r 9d95df7cf2ad -r 3cba9bfe74b5 include/tests.h
12  --- a/include/tests.h      Wed Aug 02 15:19:52 2006 -0700
13  +++ b/include/tests.h      Wed Aug 02 15:25:26 2006 -0700
14  @@ -212,6 +212,15 @@ static __inline__ void test_headers(void ⋆h)
15  [...snip...]

Testing and troubleshooting

Do not forget that by default, the notify extension will not send any mail until you explicitly configure it to do so, by setting test to false. Until you do that, it simply prints the message it would send.

10.8 Information for writers of hooks

10.8.1 In-process hook execution

An in-process hook is called with arguments of the following form:

1  def myhook(ui, repo, ⋆⋆kwargs):
2      pass

The ui parameter is a mercurial.ui.ui object. The repo parameter is a mercurial.localrepo.localrepository object. The names and values of the ⋆⋆kwargs parameters depend on the hook being invoked, with the following common features:

An in-process hook is called without a change to the process’s working directory (unlike external hooks, which are run in the root of the repository). It must not change the process’s working directory, or it will cause any calls it makes into the Mercurial API to fail.

If a hook returns a boolean “false” value, it is considered to have succeeded. If it returns a boolean “true” value or raises an exception, it is considered to have failed. A useful way to think of the calling convention is “tell me if you fail”.

Note that changeset IDs are passed into Python hooks as hexadecimal strings, not the binary hashes that Mercurial’s APIs normally use. To convert a hash from hex to binary, use the mercurial.node.bin function.

10.8.2 External hook execution

An external hook is passed to the shell of the user running Mercurial. Features of that shell, such as variable substitution and command redirection, are available. The hook is run in the root directory of the repository (unlike in-process hooks, which are run in the same directory that Mercurial was run in).

Hook parameters are passed to the hook as environment variables. Each environment variable’s name is converted in upper case and prefixed with the string “HGt4ht@95x”. For example, if the name of a parameter is “node”, the name of the environment variable representing that parameter will be “HGt4ht@95xNODE”.

A boolean parameter is represented as the string “1” for “true”, “0” for “false”. If an environment variable is named HGt4ht@95xNODE, HGt4ht@95xPARENT1 or HGt4ht@95xPARENT2, it contains a changeset ID represented as a hexadecimal string. The empty string is used to represent “null changeset ID” instead of a string of zeroes. If an environment variable is named HGt4ht@95xURL, it will contain the URL of a remote repository, if that can be determined.

If a hook exits with a status of zero, it is considered to have succeeded. If it exits with a non-zero status, it is considered to have failed.

10.8.3 Finding out where changesets come from

A hook that involves the transfer of changesets between a local repository and another may be able to find out information about the “far side”. Mercurial knows how changes are being transferred, and in many cases where they are being transferred to or from.

Sources of changesets

Mercurial will tell a hook what means are, or were, used to transfer changesets between repositories. This is provided by Mercurial in a Python parameter named source, or an environment variable named HGt4ht@95xSOURCE.

Where changes are going—remote repository URLs

When possible, Mercurial will tell a hook the location of the “far side” of an activity that transfers changeset data between repositories. This is provided by Mercurial in a Python parameter named url, or an environment variable named HGt4ht@95xURL.

This information is not always known. If a hook is invoked in a repository that is being served via http or ssh, Mercurial cannot tell where the remote repository is, but it may know where the client is connecting from. In such cases, the URL will take one of the following forms:

10.9 Hook reference

10.9.1 changegroup—after remote changesets added

This hook is run after a group of pre-existing changesets has been added to the repository, for example via a hg pull” or hg unbundle”. This hook is run once per operation that added one or more changesets. This is in contrast to the incoming hook, which is run once per changeset, regardless of whether the changesets arrive in a group.

Some possible uses for this hook include kicking off an automated build or test of the added changesets, updating a bug database, or notifying subscribers that a repository contains new changes.

Parameters to this hook:

See also: incoming (section 10.9.3), prechangegroup (section 10.9.5), pretxnchangegroup (section 10.9.9)

10.9.2 commit—after a new changeset is created

This hook is run after a new changeset has been created.

Parameters to this hook:

See also: precommit (section 10.9.6), pretxncommit (section 10.9.10)

10.9.3 incoming—after one remote changeset is added

This hook is run after a pre-existing changeset has been added to the repository, for example via a hg push”. If a group of changesets was added in a single operation, this hook is called once for each added changeset.

You can use this hook for the same purposes as the changegroup hook (section 10.9.1); it’s simply more convenient sometimes to run a hook once per group of changesets, while other times it’s handier once per changeset.

Parameters to this hook:

See also: changegroup (section 10.9.1) prechangegroup (section 10.9.5), pretxnchangegroup (section 10.9.9)

10.9.4 outgoing—after changesets are propagated

This hook is run after a group of changesets has been propagated out of this repository, for example by a hg push” or hg bundle” command.

One possible use for this hook is to notify administrators that changes have been pulled.

Parameters to this hook:

See also: preoutgoing (section 10.9.7)

10.9.5 prechangegroup—before starting to add remote changesets

This controlling hook is run before Mercurial begins to add a group of changesets from another repository.

This hook does not have any information about the changesets to be added, because it is run before transmission of those changesets is allowed to begin. If this hook fails, the changesets will not be transmitted.

One use for this hook is to prevent external changes from being added to a repository. For example, you could use this to “freeze” a server-hosted branch temporarily or permanently so that users cannot push to it, while still allowing a local administrator to modify the repository.

Parameters to this hook:

See also: changegroup (section 10.9.1), incoming (section 10.9.3), , pretxnchangegroup (section 10.9.9)

10.9.6 precommit—before starting to commit a changeset

This hook is run before Mercurial begins to commit a new changeset. It is run before Mercurial has any of the metadata for the commit, such as the files to be committed, the commit message, or the commit date.

One use for this hook is to disable the ability to commit new changesets, while still allowing incoming changesets. Another is to run a build or test, and only allow the commit to begin if the build or test succeeds.

Parameters to this hook:

If the commit proceeds, the parents of the working directory will become the parents of the new changeset.

See also: commit (section 10.9.2), pretxncommit (section 10.9.10)

10.9.7 preoutgoing—before starting to propagate changesets

This hook is invoked before Mercurial knows the identities of the changesets to be transmitted.

One use for this hook is to prevent changes from being transmitted to another repository.

Parameters to this hook:

See also: outgoing (section 10.9.4)

10.9.8 pretag—before tagging a changeset

This controlling hook is run before a tag is created. If the hook succeeds, creation of the tag proceeds. If the hook fails, the tag is not created.

Parameters to this hook:

If the tag to be created is revision-controlled, the precommit and pretxncommit hooks (sections 10.9.2 and 10.9.10) will also be run.

See also: tag (section 10.9.12)

10.9.9 pretxnchangegroup—before completing addition of remote changesets

This controlling hook is run before a transaction—that manages the addition of a group of new changesets from outside the repository—completes. If the hook succeeds, the transaction completes, and all of the changesets become permanent within this repository. If the hook fails, the transaction is rolled back, and the data for the changesets is erased.

This hook can access the metadata associated with the almost-added changesets, but it should not do anything permanent with this data. It must also not modify the working directory.

While this hook is running, if other Mercurial processes access this repository, they will be able to see the almost-added changesets as if they are permanent. This may lead to race conditions if you do not take steps to avoid them.

This hook can be used to automatically vet a group of changesets. If the hook fails, all of the changesets are “rejected” when the transaction rolls back.

Parameters to this hook:

See also: changegroup (section 10.9.1), incoming (section 10.9.3), prechangegroup (section 10.9.5)

10.9.10 pretxncommit—before completing commit of new changeset

This controlling hook is run before a transaction—that manages a new commit—completes. If the hook succeeds, the transaction completes and the changeset becomes permanent within this repository. If the hook fails, the transaction is rolled back, and the commit data is erased.

This hook can access the metadata associated with the almost-new changeset, but it should not do anything permanent with this data. It must also not modify the working directory.

While this hook is running, if other Mercurial processes access this repository, they will be able to see the almost-new changeset as if it is permanent. This may lead to race conditions if you do not take steps to avoid them.

Parameters to this hook:

See also: precommit (section 10.9.6)

10.9.11 preupdate—before updating or merging working directory

This controlling hook is run before an update or merge of the working directory begins. It is run only if Mercurial’s normal pre-update checks determine that the update or merge can proceed. If the hook succeeds, the update or merge may proceed; if it fails, the update or merge does not start.

Parameters to this hook:

See also: update (section 10.9.13)

10.9.12 tag—after tagging a changeset

This hook is run after a tag has been created.

Parameters to this hook:

If the created tag is revision-controlled, the commit hook (section 10.9.2) is run before this hook.

See also: pretag (section 10.9.8)

10.9.13 update—after updating or merging working directory

This hook is run after an update or merge of the working directory completes. Since a merge can fail (if the external hgmerge command fails to resolve conflicts in a file), this hook communicates whether the update or merge completed cleanly.

See also: preupdate (section 10.9.11)