search

thoughtworks / talisman

Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.
https://thoughtworks.github.io/talisman/
MIT License
1.91k stars 242 forks source link

SchemaStore entry for .talismanrc #380

Closed revolunet closed 2 years ago

revolunet commented 2 years ago

Hi,

Is your feature request related to a problem? Please describe. Not a problem, just a possible enhancement.

Describe the solution you'd like SchemaStore allows to publish a json-schema definition of the .talismanrc so we can have completion, validation and documentation builtin into many code editors.

Would be nice to have such a definition published on your repo as a json-schema object. Maybe from a go to jsonschema conversion ?

Describe alternatives you've considered Split screen with talismanrc and the talisman source code :)

Thanks for talisman !

revolunet commented 2 years ago

Here's the schema if you want to host it on your repo; then one could add a schemastore entry pointing to that json and we're good for editor integration :)

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "title": "schema for .talismanrc",
  "type": "object",
  "plop": true,
  "additionalProperties": false,
  "properties": {
    "fileignoreconfig": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "filename": {
            "type": "string",
            "description": "Fully qualified filename"
          },
          "checksum": {
            "type": "string",
            "description": "This field should always have the value specified by Talisman message"
          },
          "ignore_detectors": {
            "type": "array",
            "description": "Disable specific detectors for a particular file",
            "items": {
              "type": "string",
              "enum": ["filecontent", "filename", "filesize"]
            }
          },
          "allowed_patterns": {
            "type": "array",
            "description": "Keywords to ignore to reduce the number of false positives",
            "items": {
              "type": "string"
            }
          }
        },
        "required": ["filename"]
      }
    },
    "scopeconfig": {
      "type": "array",
      "description": "Talisman is configured to ignore certain files based on the specified scopes",
      "items": {
        "type": "object",
        "properties": {
          "scope": {
            "type": "string"
          }
        },
        "required": ["scope"]
      }
    },
    "allowed_patterns": {
      "type": "array",
      "description": "Keywords to ignore to reduce the number of false positives",
      "items": {
        "type": "string"
      }
    },
    "custom_patterns": {
      "type": "array",
      "description": "You can specify custom regex patterns to look for in the current repository",
      "items": {
        "type": "string"
      }
    },
    "custom_severities": {
      "type": "array",
      "description": "Custom detectors severities",
      "items": {
        "type": "object",
        "properties": {
          "detector": {
            "type": "string"
          },
          "severity": {
            "type": "string",
            "enum": ["low", "medium", "high"]
          }
        },
        "required": ["detector", "severity"]
      }
    },
    "threshold": {
      "type": "string",
      "description": "Default minimal threshold",
      "enum": ["low", "medium", "high"]
    }
  },
  "required": []
}
svishwanath-tw commented 2 years ago

@revolunet : This is great work. I'd love for this to be a PR. That way we can attribute this contribution directly to your github id in our next release.

revolunet commented 2 years ago

Thanks @svishwanath-tw 🤗 will do. can i put it at /schema.json in the repo ?

svishwanath-tw commented 2 years ago

@revolunet : Fair question. I'm thinking this could be /third-party/schema-store-talismanrc.json. I think there's a .pre-commit-hooks.yaml hook at the root, which I might move into the /third-party folder. You are welcome to choose a more fitting directory name. I thought of /integrations but it isn't so much talisman integrating but a file with hints for linters in editors/IDEs.

revolunet commented 2 years ago

upcoming : https://github.com/SchemaStore/schemastore/pull/2387

revolunet commented 2 years ago

To test without any editor extension, add this comment to your .talismanrc : 

# yaml-language-server: $schema=https://raw.githubusercontent.com/thoughtworks/talisman/main/third-party/schema-store-talismanrc.json