As noted in #37, it is possible to have local git hooks and gitleaks co-exist, but the tests run by make audit assume that is not possible. To fix this behavior, this PR:
Adds a test to prove that local git hooks and gitleaks both run on a test repo
Removes the test that fails make audit if a repo has a custom .git/hooks/pre-commit hook, since this scenario does not actually prevent gitleaks from running
Adds a test to prove that core.hooksPath is not overridden at the repo level, which would prevent gitleaks from running
Other unrelated fixes in the PR include:
Updates to README to remove outdated information
Refactor shell scripts based on shellcheck recommendations
security considerations
This PR should be correcting a misunderstanding of how git hooks work but not actually introducing any chance that the global git hook for gitleaks won't run. However, the changes should be audited carefully to avoid any possible regression
Changes proposed in this pull request:
Addresses #37
As noted in #37, it is possible to have local git hooks and gitleaks co-exist, but the tests run by
make audit
assume that is not possible. To fix this behavior, this PR:make audit
if a repo has a custom.git/hooks/pre-commit
hook, since this scenario does not actually prevent gitleaks from runningcore.hooksPath
is not overridden at the repo level, which would prevent gitleaks from runningOther unrelated fixes in the PR include:
security considerations
This PR should be correcting a misunderstanding of how git hooks work but not actually introducing any chance that the global git hook for gitleaks won't run. However, the changes should be audited carefully to avoid any possible regression