From 3253ff3117f0e201e8032bfc822573ed5f1b32cc Mon Sep 17 00:00:00 2001 From: Raul Date: Thu, 7 Aug 2025 20:15:30 -0500 Subject: [PATCH 1/2] Add pre-commit configuration with git-leaks This commit adds a pre-commit configuration that includes git-leaks to automatically scan for secrets and sensitive information before each commit. This helps prevent accidental commits of API keys, passwords, and other sensitive data. Features: - Automatic secret detection using git-leaks v8.28.0 - Verbose output for transparency - Redacted output to avoid exposing secrets in logs - Runs on every commit to ensure security compliance --- .pre-commit-config.yaml | 35 ++++------------------------------- 1 file changed, 4 insertions(+), 31 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 09a86a6..48d1b81 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,33 +1,6 @@ -# See https://pre-commit.com for more information -# See https://pre-commit.com/hooks.html for more hooks repos: - - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v5.0.0 + - repo: https://github.com/gitleaks/gitleaks + rev: v8.28.0 # latest version hooks: - - id: trailing-whitespace - - id: end-of-file-fixer - - id: check-yaml - - id: check-added-large-files - - id: check-json - - id: check-merge-conflict - - id: check-toml - - id: debug-statements - - id: mixed-line-ending - - - repo: https://github.com/psf/black - rev: 25.1.0 - hooks: - - id: black - language_version: python3 - - - repo: https://github.com/pycqa/isort - rev: 5.13.2 - hooks: - - id: isort - args: ["--profile", "black"] - - - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.8.4 - hooks: - - id: ruff - args: [--fix, --exit-non-zero-on-fix, --unsafe-fixes] + - id: gitleaks + args: ['--verbose', '--redact'] From 5ba5f665cc2d38c7d2eb0c195c78a718897330bf Mon Sep 17 00:00:00 2001 From: Yao Date: Fri, 8 Aug 2025 18:07:40 -0700 Subject: [PATCH 2/2] chore: merge configs --- .pre-commit-config.yaml | 32 ++++++++++++++++++++++++++++++++ package.json | 5 +++++ 2 files changed, 37 insertions(+) create mode 100644 package.json diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 48d1b81..9c3a8ff 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,4 +1,36 @@ +# See https://pre-commit.com for more information +# See https://pre-commit.com/hooks.html for more hooks repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v5.0.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - id: check-yaml + - id: check-added-large-files + - id: check-json + - id: check-merge-conflict + - id: check-toml + - id: debug-statements + - id: mixed-line-ending + + - repo: https://github.com/psf/black + rev: 25.1.0 + hooks: + - id: black + language_version: python3 + + - repo: https://github.com/pycqa/isort + rev: 5.13.2 + hooks: + - id: isort + args: ["--profile", "black"] + + - repo: https://github.com/astral-sh/ruff-pre-commit + rev: v0.8.4 + hooks: + - id: ruff + args: [--fix, --exit-non-zero-on-fix, --unsafe-fixes] - repo: https://github.com/gitleaks/gitleaks rev: v8.28.0 # latest version hooks: diff --git a/package.json b/package.json new file mode 100644 index 0000000..378e7a2 --- /dev/null +++ b/package.json @@ -0,0 +1,5 @@ +{ + "dependencies": { + "gitleaks": "^1.0.0" + } +}