Skip to content

Adding a Pre-Commit Hook #334

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: development
Choose a base branch
from
Open

Adding a Pre-Commit Hook #334

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
69 changes: 69 additions & 0 deletions .husky/pre-commit
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
#!/usr/bin/env sh
# Pre-commit hook to run Snyk and Talisman scans, completing both before deciding to commit

# Function to check if a command exists
command_exists() {
command -v "$1" >/dev/null 2>&1
}

# Check if Snyk is installed
if ! command_exists snyk; then
echo "Error: Snyk is not installed. Please install it and try again."
exit 1
fi

# Check if Talisman is installed
if ! command_exists talisman; then
echo "Error: Talisman is not installed. Please install it and try again."
exit 1
fi

# Allow bypassing the hook with an environment variable
if [ "$SKIP_HOOK" = "1" ]; then
echo "Skipping Snyk and Talisman scans (SKIP_HOOK=1)."
exit 0
fi

# Initialize variables to track scan results
snyk_failed=false
talisman_failed=false

# Run Snyk vulnerability scan
echo "Running Snyk vulnerability scan..."
snyk test --all-projects > snyk_output.log 2>&1
snyk_exit_code=$?

if [ $snyk_exit_code -eq 0 ]; then
echo "Snyk scan passed: No vulnerabilities found."
elif [ $snyk_exit_code -eq 1 ]; then
echo "Snyk found vulnerabilities. See snyk_output.log for details."
snyk_failed=true
else
echo "Snyk scan failed with error (exit code $snyk_exit_code). See snyk_output.log for details."
snyk_failed=true
fi

# Run Talisman secret scan (continues even if Snyk failed)
echo "Running Talisman secret scan..."
talisman --githook pre-commit > talisman_output.log 2>&1
talisman_exit_code=$?

if [ $talisman_exit_code -eq 0 ]; then
echo "Talisman scan passed: No secrets found."
else
echo "Talisman scan failed (exit code $talisman_exit_code). See talisman_output.log for details."
talisman_failed=true
fi

# Evaluate results after both scans
if [ "$snyk_failed" = true ] || [ "$talisman_failed" = true ]; then
echo "Commit aborted due to issues found in one or both scans."
[ "$snyk_failed" = true ] && echo "- Snyk issues: Check snyk_output.log"
[ "$talisman_failed" = true ] && echo "- Talisman issues: Check talisman_output.log"
exit 1
fi

# If both scans pass, allow the commit
echo "All scans passed. Proceeding with commit.cd ."
rm -f snyk_output.log talisman_output.log
exit 0
30 changes: 16 additions & 14 deletions .talismanrc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,18 @@
fileignoreconfig:
- filename: package-lock.json
checksum: 28f8e6d0e7856b4a568fd260dcc4deb531bcdbebbbff956b008ce7dd26a0475d
- filename: test/typescript/taxonomy.test.ts
checksum: e4bdf633e147fd60d929d379f20c814eed5f68b11421d7b53ec8826e9142de37
- filename: src/core/modules/taxonomy.js
checksum: 84589be9805c1be5fd6c56021c41d18365126cf82059ad2cbef1d418c70d08e0
- filename: src/core/lib/utils.js
checksum: 8a37566d0372573b8fe4ec506a43f1074981c5218e9adbc551c87922c8914922
- filename: src/core/modules/query.js
checksum: c88b336f9a271397ffedcf8c5085941ceb0bd1cd7e25ed9ada3acd8ce4f8970c
- filename: test/typescript/stack.test.ts
checksum: bbb3c425f8e1a63d4793f69ee9eaba9559294ff53f163a28f70ae54b1792276a
- filename: src/core/contentstack.js
checksum: 90a3b07300155a34f67dc3df87363107eec202123a21bc0cefda324e477a676d
- filename: package-lock.json
checksum: b9d3f334fcb23e80c5c48e4fc1068c53d9be7f9f6a3211352d14e37550071fcd
- filename: test/typescript/taxonomy.test.ts
checksum: e4bdf633e147fd60d929d379f20c814eed5f68b11421d7b53ec8826e9142de37
- filename: src/core/modules/taxonomy.js
checksum: 84589be9805c1be5fd6c56021c41d18365126cf82059ad2cbef1d418c70d08e0
- filename: src/core/lib/utils.js
checksum: 8a37566d0372573b8fe4ec506a43f1074981c5218e9adbc551c87922c8914922
- filename: src/core/modules/query.js
checksum: c88b336f9a271397ffedcf8c5085941ceb0bd1cd7e25ed9ada3acd8ce4f8970c
- filename: test/typescript/stack.test.ts
checksum: bbb3c425f8e1a63d4793f69ee9eaba9559294ff53f163a28f70ae54b1792276a
- filename: src/core/contentstack.js
checksum: 90a3b07300155a34f67dc3df87363107eec202123a21bc0cefda324e477a676d
- filename: .husky/pre-commit
checksum: 5baabd7d2c391648163f9371f0e5e9484f8fb90fa2284cfc378732ec3192c193
version: ""
17 changes: 17 additions & 0 deletions package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

22 changes: 12 additions & 10 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
"build": "npm run build:node && npm run build:web && npm run build:react-native && npm run build:native-script",
"generate-docs": "node_modules/.bin/jsdoc --configure docs-config.json --verbose",
"prepare": "npm run build",
"husky-check": "npm run build && husky && chmod +x .husky/pre-commit",
"pretest": "npm run build"
},
"repository": {
Expand Down Expand Up @@ -65,35 +66,36 @@
"tmp": "tmp/contentstack-3.15.0.tgz_1477830884275_0.9869455888401717"
},
"devDependencies": {
"@babel/core": "^7.26.0",
"@babel/preset-env": "^7.26.0",
"@babel/runtime": "^7.26.0",
"@slack/bolt": "^4.2.0",
"@babel/core": "^7.26.10",
"@babel/preset-env": "^7.26.9",
"@babel/runtime": "^7.27.0",
"@slack/bolt": "^4.2.1",
"@types/jest": "^26.0.24",
"babel-loader": "^9.2.1",
"clean-webpack-plugin": "^4.0.0",
"compression-webpack-plugin": "^11.1.0",
"dotenv": "^16.4.7",
"dotenv": "^16.5.0",
"es3ify-loader": "0.2.0",
"http-proxy-agent": "^7.0.2",
"husky": "^9.1.7",
"jest": "^29.7.0",
"jest-html-reporters": "^3.1.7",
"jquery": "^3.7.1",
"jsdoc": "^4.0.4",
"jsdom": "^26.0.0",
"jsdom": "^26.1.0",
"jshint": "^2.13.6",
"minami": "^1.2.3",
"node-request-interceptor": "^0.6.3",
"nodemailer": "^6.9.16",
"nodemailer": "^6.10.1",
"string-replace-loader": "^3.1.0",
"tap-html": "^1.1.0",
"tap-json": "1.0.0",
"tape": "4.17.0",
"terser-webpack-plugin": "^5.3.11",
"ts-jest": "^29.2.5",
"terser-webpack-plugin": "^5.3.14",
"ts-jest": "^29.3.2",
"typescript": "^4.9.5",
"uglify-js": "3.19.3",
"webpack": "^5.97.1",
"webpack": "^5.99.5",
"webpack-cli": "^6.0.1",
"webpack-md5-hash": "0.0.6",
"webpack-merge": "6.0.1",
Expand Down
Loading