• 24 Oct, 2024

Stop Pushing Debug Code to Production

A Developer's Guide to Pre-commit Hooks

This is fine precommit

Every developer has been there. You're deep into debugging, putting console.log() statements throughout your code, trying to track down that annoying bug. It's a natural part of the development process - nobody writes perfect code on the first try.

But here's where things get risky: those debugging statements sometimes survive into production. Despite code reviews and best intentions, they slip through. While this might seem like a minor oversight, it can have serious consequences:

  • Security Vulnerabilities
    • Exposed sensitive data
    • Leaked internal system information
    • Revealed application logic
  • Performance Impact
    • Unnecessary logging operations
    • Increased network traffic
    • Bloated application size
  • Maintenance Headaches
    • Cluttered logs
    • Confusion during production debugging
    • Inconsistent logging patterns

    • The solution: Pre-commit Hooks

    Hidden in your .git folder is a powerful tool that can prevent these issues: the pre-commit hook. As its name suggests, this script runs automatically before each commit, acting as your first line of defense against unwanted code reaching your repository.

    How it works?

    Pre-commit hooks are scripts that Git executes before committing changes. You can use them to:

    • Scan changed files for debugging statements
    • Block commits containing debug code
    • Provide immediate feedback to developers
    • Enforce consistent code quality

    Setting up your pre-commit hook

    1. Navigate to your project's .git/hooks directory: 
      cd your-project/.git/hooks
    2. Create a new file named pre-commit (no extension): 
      touch pre-commit
chmod +x pre-commit
    3. Add your checking logic. Here's a simple example: 
      #!/bin/bash
                                        
# Get all staged files
files=$(git diff --cached --name-only --diff-filter=ACM | grep -E '\.(js|jsx|ts|tsx)$')

# Check for debugging statements
for file in $files; do
    if grep -E 'console\.(log|debug|info)|debugger' "$file"; then
    echo "❌ Debugging statement found in $file"
    echo "Please remove debugging statements before committing"
    exit 1
    fi
done

exit 0

    This script will:

    • Check all staged JavaScript/TypeScript files
    • Look for common debugging patterns
    • Block the commit if it finds any matches
    • Provide clear feedback about what needs to be fixed

    Conclusion

    While debugging code is an essential part of development, it doesn't belong in production. By implementing a pre-commit hook, you create an automated safety net that catches these oversights before they become problems.

    Remember: The best code is not just functionally correct - it's also secure and maintainable. Take this simple step today to improve your development workflow and protect your production environment.

    Want to learn more about Git hooks? Check out the official Git documentation for detailed information.

    Related articles

    Be notified when we launch!

    Subscribe to updates on development process of OpenPledge.

    Divider