Revert "hardening: pre-push hook blocks tag pushes without release token"

This reverts commit e05d23f34e.
2026-05-08 11:30:24 -04:00
parent e05d23f34e
commit fa95e7fb62
2 changed files with 0 additions and 45 deletions
--- a/scripts/pre-push-release-guard
+++ b/scripts/pre-push-release-guard
@@ -1,34 +0,0 @@
-#!/bin/bash
-# Pre-push hook: block tag pushes without release token.
-# Tag pushes are blocked unless /tmp/passepartout-release-approved exists.
-# The token is consumed (deleted) on first successful push.
-#
-# Install:
-#   ln -sf ../../scripts/pre-push-release-guard .git/hooks/pre-push
-#
-# Returns 0 (pass) or 1 (blocked).
-
-set -euo pipefail
-
-BLOCKED=0
-
-while read -r local_ref local_oid remote_ref remote_oid; do
-    case "$remote_ref" in
-        refs/tags/*)
-            if [ ! -f /tmp/passepartout-release-approved ]; then
-                echo "" >&2
-                echo "============================================================" >&2
-                echo "  BLOCKED: tag push requires release token" >&2
-                echo "  Only the user may authorize a release." >&2
-                echo "  To grant permission: touch /tmp/passepartout-release-approved" >&2
-                echo "============================================================" >&2
-                echo "" >&2
-                BLOCKED=1
-            else
-                rm /tmp/passepartout-release-approved
-            fi
-            ;;
-    esac
-done
-
-exit $BLOCKED