-
Notifications
You must be signed in to change notification settings - Fork 0
/
lefthook.yml
36 lines (36 loc) · 1.48 KB
/
lefthook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
commit-msg:
commands:
lint-commit-msg:
run: npx --yes commitlint --config ./commitlint.config.cjs --edit
pre-commit:
commands:
check-format:
tags: style
run: npm run format:check
pre-push:
commands:
secrets-audit:
# NOTE: there's one caveat with this hook! When pushing, it will only correctly scan the range of
# outgoing commits when pushing to a matching branch on the remote (e.g. `git push`) - pushing to a
# different ref on the remote like `git push origin master:foreign` does not work..
#
# For this to work the following issue will need to be fixed (in short: Lefthook does not pass on stdin
# to the hook script, whereas pre-push is one of the few hooks which retrieves information from there):
# https://github.com/evilmartians/lefthook/issues/1471
#
# The hook configuration would then turn into:
#
# pre-push:
# scripts:
# secrets-audit:
# runner: sh
#
# with a file .lefthook/pre-push/secrets-audit looking something like:
#
# while read -r local_ref local_sha remote_ref remote_sha; do
# echo "$local_ref $local_sha $remote_ref $remote_sha" | talisman --githook pre-push
# done
#
# exit 0
tags: security
run: currentbranch=$(git rev-parse --abbrev-ref HEAD); echo "refs/heads/$currentbranch HEAD refs/heads/$currentbranch $(git log -1 origin/$currentbranch --format='%H')" | talisman --githook pre-push