Here are a few more thoughts about how we will implement a pre-commit hook:
Have a less verbose logging scheme and only show what is causing the issue
Can throw a nonzero exit code so pre-commit can fail when discovering secrets.We already support this
Have a way to dump the findings to JSON
Can point out what is causing the pre-commit fail. For example, if we discover an AWS credential, it would be nice to show what file, pattern, and regex match is causing the issue. Related to #61
The PC hook should also allow filtering signatures we need (which we already have) and specifying signatures we want to ignore (which we don't have).
We can create a pre-commit hook for this project. Will be very useful to avoid leaking secrets at the time of code commits.