Add check: security or style violations

Question

Add check: security or style violations

Closed this issue 11 years ago · 7 comments

I'd like to add a check for some basic security violations. For example, we shouldn't hard-code email addresses in code. I could write a very specific email check. Or I could write a more general grep -v check that gets configured in the proposed configuration file.

Answer 1 · 2013-12-26T23:23:13.000Z

I would say such tool would be best as a separate executable/gem that does not have to depend on pre-commit, it could be used in number of other situations and it still can easily integrate with pre-commit using plugins introduced in #104 ... please let me know if you need any help with it

@jish do we want to create organization to host "official" gem/plugins for pre-commit?

Answer 2 · 2013-12-30T21:31:50.000Z

Yea, I guess this is the question of the future of plugins.

Do plugins all live in this repository, and we avoid loading them unless they're asked for? Do we come up with a system of loading them via gems? Does pluginator solve this?

Even then, how to you use a plugin as a gem? Do you have to install it and configure it? Just configure it? Just install the gem?

Answer 3 · 2013-12-30T21:33:11.000Z

The point about an organization is interesting, I didn't realize that you can create a free open source organization. That's pretty cool! (:

If we do go down the plugins-as-gems route, it would probably make sense to store all of the repositories under an organization.

Answer 4 · 2013-12-30T21:58:02.000Z

pluginator was primarily designed to load plugins from gems, as you use it in a gem then the gem itself can be source of plugins, it was not planned in first place and appeared to be very useful side effect of proper design :)

yes opensource organizations are great and are free, creating them is quite easy, you can define different access groups or manually assign developers to repositories, let me know if you need any help with it (I'm already in few groups and got some experience).

Answer 5 · 2014-01-15T01:11:03.000Z

ping @jamesarosen any insides on the task, what would it exactly do? still interested in it?

Answer 6 · 2014-01-15T01:18:48.000Z

I don't really have any ideas. I guess the simplest thing that could possibly work would be a collection of regular expressions to run against the diff lines. Something like

style_checks = {
  'Secret Token' => /\bsecret.?token\b/i,
}

Answer 7 · 2014-03-24T00:57:47.000Z

closing as there was no feedback in two months, for details see https://github.com/jish/pre-commit/blob/master/CONTRIBUTING.md#closing-old-issues

if you are interested in adding the check just open a PR with your proposed code