Closed ahayden closed 4 years ago
@ahayden what does this script do? I assume some sort of sanitization to make sure credentials aren't being pushed to GitHub.. but can't tell for sure.
It runs a regex against the commit to find AWS key ids and secrets. It is matches, it interrupts the commit and informs the user, allows different ways to override, etc.
@ahayden there is no mechanism to enforce this to take place on all commits? Instead, the user has to carry the onus of preparing their environment correctly?
I don't think there's a way to force execution in a commiter's environment, by design. Otherwise people would be owned through git all the time. Each person has to set it up... but for repos connected to CI, like travis, we can force the VM to run pre-commits... so we can make sure some checks like parsing and style fail after.
It's simple, but this is probably all we need to do for repos like this... Installing this pre-commit script in this repository will overwrite scripts that people may already be using, but I don't think we'll run into that issue.