diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000000..e50ed3b91c --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,5 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.21.2 + hooks: + - id: gitleaks \ No newline at end of file diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 492158593e..3453e6b87b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -170,15 +170,20 @@ To protect the Hyperledger Cacti source code, GitHub pull requests are accepted git rebase main # Happy coding ! ``` -5. Commit changes to your branch. +5. Install the git hook scripts. (This command should only be run once) + ``` + yarn run tools:install-pre-commit-secret-detection + # Now pre-commit will run automatically on git commit + ``` +6. Commit changes to your branch. ``` # Commit and push your changes to your fork git add -A git commit -s -m "[optional scope]: " git push origin ``` -6. Once you've committed and pushed all of your changes to GitHub, go to the page for your fork on GitHub, select your development branch, and click the pull request button. -7. Repeat step 3 to 6 when you need to prepare posting new pull request. +7. Once you've committed and pushed all of your changes to GitHub, go to the page for your fork on GitHub, select your development branch, and click the pull request button. +8. Repeat step 3 to 7 when you need to prepare posting new pull request. NOTE: Once you submitted pull request to Cacti repository, step 6 is not necessary when you made further changes with `git commit --amend` since your amends will be sent automatically. diff --git a/package.json b/package.json index 2691af2018..1090821ea4 100644 --- a/package.json +++ b/package.json @@ -33,6 +33,8 @@ "set-yarn-version": "yarn set version stable", "enable-corepack": "npm i -g corepack && corepack enable && corepack prepare yarn@4.3.1 --activate", "custom-checks": "TS_NODE_PROJECT=./tools/tsconfig.json node --trace-deprecation --experimental-modules --abort-on-uncaught-exception --loader ts-node/esm --experimental-specifier-resolution=node ./tools/custom-checks/run-custom-checks.ts", + "tools:install-pre-commit-secret-detection": "pre-commit install && pre-commit autoupdate", + "tools:uninstall-pre-commit-secret-detection": "pre-commit uninstall", "tools:validate-bundle-names": "TS_NODE_PROJECT=./tools/tsconfig.json node --trace-deprecation --experimental-modules --abort-on-uncaught-exception --loader ts-node/esm --experimental-specifier-resolution=node ./tools/validate-bundle-names.js", "tools:bump-openapi-spec-dep-versions": "TS_NODE_PROJECT=./tools/tsconfig.json node --trace-deprecation --experimental-modules --abort-on-uncaught-exception --loader ts-node/esm --experimental-specifier-resolution=node ./tools/bump-openapi-spec-dep-versions.ts", "tools:bundle-open-api-tpl-files": "TS_NODE_PROJECT=./tools/tsconfig.json node --trace-deprecation --experimental-modules --abort-on-uncaught-exception --loader ts-node/esm --experimental-specifier-resolution=node ./tools/bundle-open-api-tpl-files.ts",