Scripts for finding accidental secrets in the repo.
This adds the following: - A detect-secrets dependency and a related script (`script/detect_secrets`) to find and alert developers to secrets added to the code. By default, the script will search staged and new, unstaged files. It can optionally search only staged files. - A whitelist, `.secrets.baseline`, that tracks instances of secrets or false positives already in the repo. - Modifies `script/test` to detect secrets as part of the test suite. - Updates to the README regarding the use of detect-secrets.
This commit is contained in:
dandds
@@ -24,5 +24,8 @@ RUN_JS_TESTS="true"
|
||||
# Check python formatting
|
||||
source ./script/format check
|
||||
|
||||
# Check for secrets
|
||||
./script/detect_secrets
|
||||
|
||||
# Run the shared test script
|
||||
source ./script/include/run_test
|
||||
|
||||
Reference in New Issue
Block a user