I want to warn a user if their code includes a certain string and alert people via email.

Right now I'm using a post-receive hook because the detection needs to be done on the server side.

I am updating a server-side repository and running something like git diff-tree -r --name-only --no-commit-id $2 | xargs grep foo to detect bad string "foo."

Problems with this approach:

• I don't like maintaining and entire working version of the repository server-side
• It scans the entire file, not just the changes. edit I solved this problem replacing the above with: git show $2 | grep ^+ ...

Is there a better way to do this?

If you are using gitolite V3 (or 'g3'), try instead to put your check in a VREF.

For every refex starting with VREF/FOO/ in a rule that applies to this user, a call to a program called FOO is triggered (stored in $LOCAL_CODE/VREF).
Note that the program isn't even called if the VREF rule doesn't apply to that user.

You can control exactly to which (group of) users you want to apply this warning.
You can reject the push if your condition (no bad string) isn't met.

however, that still requires updating a working directory first (since Gitolite only manages bare repo by default)