-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlefthook.yml
33 lines (30 loc) · 1.12 KB
/
lefthook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
pre-commit:
parallel: true
commands:
secrets-audit:
run: >
talisman --githook pre-commit ||
(echo "Verify the content and fix it with: talisman --githook pre-commit --interactive"; exit 1)
post-commit:
parallel: true
scripts:
"secrets-checksum-test.sh":
runner: sh
tags: security
skip:
- rebase
fail_text: |
This commit has touched files which are known to include false positives of the secret scanner.
It does not mean you have introduced new secrets, but this are "old" reports.
But due to the file content change, the checksum Talisman is using for the verification has changed too.
Please double check the reported file(s) and update their checksums in the `.talismanrc` file.
Afterwards stage the file and amend this commit which was just created with `git commit --amend --no-edit`
pre-push:
parallel: true
scripts:
"secrets-audit.sh":
runner: sh
use_stdin: true
skip_output:
- meta # Skips lefthook version printing
- execution # Skips printing any execution logs (but prints if the execution failed)