chore(deps-dev): bump lefthook from 2.1.4 to 2.1.8

[dependabot]

Bumps lefthook from 2.1.4 to 2.1.8.

Release notes

Sourced from lefthook's releases.

v2.1.8

Changelog

• 488a5f99a5a496e5837f757f8ce3e6c6d1415792 fix: do not warn if local hooks path is equal to default hooks path (#1421)

v2.1.7

Changelog

• f415a9d3fce1d4f6af62622cf96c72e04ecf7bd3 chore: go mod tidy
• cf4ab9ea4580f5aeb0d4b61d4dd169533e5bb0c9 fix: always restore unstaged changes (#1416)
• 4c0e000d6fe9f35f42efefb9263b0b4cb5dfbd49 fix: apply stage_fixed only if it is safe (#1418)
• 76aa843ef5ceb6970f61cd2ff28d16dd2ec82272 fix: linter, sacrifice optimization for readability
• 9d53c36ed9a26d3bf66e341a9650a0ecac9b6a37 fix: separate fallback push branch from pathspecs (#1396)
• 22c9f773cf93b59005bd244c5b00caab2947a755 fix: try to always restore unstaged changes (#1417)
• 37d83986d8e6d6bf6792f57e22e7cbb1a9e28064 fix: use contrast colors (#1420)
• eb1064d0b8c6248627960bea1abf6891db5a21b1 refactor: add new logger without a global state (#1385)

v2.1.6

Changelog

• bf73ea2f1ea5468c9af7a6f06b5ef8cd43e66040 fix(packaging): do not pipe stdout and stderr (#1382)
• 04da00697cd8a6241023c1962feb720eeaa62698 fix(windows): normalize lefthook path for sh script (#1383)
• de9597a1bf456d2cf0fbcb8816858b6e5cf6b609 fix: log full scoped name for skipped jobs (#1291)
• eb3e70dbbd2442200ec8ff2140a3ee9daa7d9e70 fix: normalize root to always include trailing slash before path replacement (#1381)
• f90f3f570ef9227ddf345a79cec687dac41a5d31 fix: skip pty allocation when stdout is not a terminal (#1393)

v2.1.5

Changelog

• afac466157f88b5a5f9d03eb28acc90b095a4b5d chore(golangci-lint): upgrade to 2.11.4 (#1362)
• f8e73b947e2eefd6950d6a19c20bbde19070809d chore: fix golangci-lint version lookup
• 4564da343b1497f73f8a82f6104e1b5903f8a081 chore: move golangci-lint version to .tool-versions (#1349)
• 236a5bd07c650aaa882963d68ab5e5e654a47681 chore: small cleanup (#1370)
• 5ddf2206dd23e826c5434392e034fa7db523cd3d deps: April 2026 (#1375)
• e26c719f5a85e8ff35871e9724649714d6f05c13 fix: git repository merge issue (#1372)
• 3503a3b102c2b41c298e1e7dc6549181508518a6 fix: prevent lefthook run from overwriting global hooks (#1371)
• f3fc175f6c638fd54ab49b8d7c060898f936c934 fix: use pre-push stdin for push file detection (#1368)

Changelog

Sourced from lefthook's changelog.

2.1.8 (2026-05-19)

• fix: do not warn if local hooks path is equal to default hooks path (#1421) by @​mrexox

2.1.7 (2026-05-19)

• fix: use contrast colors (#1420) by @​mrexox
• fix: apply stage_fixed only if it is safe (#1418) by @​mrexox
• fix: try to always restore unstaged changes (#1417) by @​mrexox
• fix: always restore unstaged changes (#1416) by @​mrexox
• refactor: add new logger without a global state (#1385) by @​mrexox
• fix: linter, sacrifice optimization for readability by @​mrexox
• fix: separate fallback push branch from pathspecs (#1396) by @​lawrence3699

2.1.6 (2026-04-16)

• fix: normalize lefthook path for sh script (#1383) by @​AndrewKahr
• fix: normalize root to always include trailing slash before path replacement (#1381) by @​Copilot
• fix: skip pty allocation when stdout is not a terminal (#1393) by @​technicalpickles
• docs: upgrade docmd (#1391) by @​mrexox
• fix: log full scoped name for skipped jobs (#1291) by @​scop
• fix: do not pipe stdout and stderr (#1382) by @​mrexox

2.1.5 (2026-04-06)

• deps: April 2026 (#1375) by @​mrexox
• docs: update documentation and docs for claude (#1373) by @​mrexox
• fix: git repository merge issue (#1372) by @​mrexox
• fix: use pre-push stdin for push file detection (#1368) by @​supitsdu
• chore: small cleanup (#1370) by @​mrexox
• fix: prevent lefthook run from overwriting global hooks (#1371) by @​ivy
• chore: upgrade to 2.11.4 (#1362) by @​scop
• chore: fix golangci-lint version lookup by @​mrexox
• chore: move golangci-lint version to .tool-versions (#1349) by @​scop

Commits

• 9e75b21 2.1.8: reduce warning for core.hooksPath if it matches the default
• 488a5f9 fix: do not warn if local hooks path is equal to default hooks path (#1421)
• b5c8310 2.1.7: restore unstaged changes when possible
• 37d8398 fix: use contrast colors (#1420)
• 4c0e000 fix: apply stage_fixed only if it is safe (#1418)
• 22c9f77 fix: try to always restore unstaged changes (#1417)
• cf4ab9e fix: always restore unstaged changes (#1416)
• f415a9d chore: go mod tidy
• eb1064d refactor: add new logger without a global state (#1385)
• 76aa843 fix: linter, sacrifice optimization for readability
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	lefthook@​2.1.4 ⏵ 2.1.8	+8			+2

View full report

[dependabot]

Superseded by #952.