mirror of
https://github.com/codeflash-ai/codeflash-internal.git
synced 2026-05-04 18:25:18 +00:00
43b15c68da
### **User description**
### To Test this PR##
1. Clone and switch to the branch and Run `npm install`
2. Fork into a new branch to avoid pushing to this open PR
3. Add a file anywhere like test_secret.py and below code
```
def test_function():
# This is a fake API key for testing purposes
api_key = "12345-ABCDE-67890-FGHIJ"
print("Testing secret detection.")
````
4. Add and try commiting the changes
### **User description**
closes #
https://linear.app/codeflash-ai/issue/CF-442/implement-a-secrets-scanning-solution-pre-commit-on-pr-deployments
___
### **PR Type**
enhancement, configuration changes
___
### **Description**
- Added Secretlint configuration to scan for secrets using recommended
rules.
- Introduced a shell script to run Ruff linting for Python projects.
- Updated README with setup instructions and prerequisites for Node.js,
npm, Python, and Mamba.
- Configured Lefthook for pre-commit hooks to perform secret scanning
and code linting.
- Created `package.json` with scripts for Lefthook installation and
Secretlint execution, and added relevant development dependencies.
___
### **Changes walkthrough** 📝
<table><thead><tr><th></th><th align="left">Relevant
files</th></tr></thead><tbody><tr><td><strong>Configuration
changes</strong></td><td><table>
<tr>
<td>
<details>
<summary><strong>secretlint.config.js</strong><dd><code>Add Secretlint
configuration with recommended rules</code>
</dd></summary>
<hr>
secretlint.config.js
<li>Added configuration for Secretlint.<br> <li> Included a rule preset
for recommended secret scanning.<br>
</details>
</td>
<td><a
href="https://github.com/codeflash-ai/codeflash/pull/1201/files#diff-134b2fd8c53958449a6b2a9f828d28149ffa192f0864afa76e82aa68a9c6cc20">+7/-0</a>
</td>
</tr>
<tr>
<td>
<details>
<summary><strong>lefthook.yml</strong><dd><code>Configure Lefthook for
pre-commit secret and code linting</code></dd></summary>
<hr>
lefthook.yml
<li>Added Lefthook configuration for pre-commit hooks.<br> <li>
Configured secret scanning, Python linting, and JS linting commands.<br>
</details>
</td>
<td><a
href="https://github.com/codeflash-ai/codeflash/pull/1201/files#diff-ad6a01e589b8b1b214ca310dbb8d2e4314f6c612b921050c73c97455de43884d">+20/-0</a>
</td>
</tr>
<tr>
<td>
<details>
<summary><strong>package.json</strong><dd><code>Add package.json with
scripts and dev dependencies</code>
</dd></summary>
<hr>
package.json
<li>Added project metadata and scripts for Lefthook and Secretlint.<br>
<li> Included development dependencies for Lefthook, Secretlint, and
<br>ESLint.<br>
</details>
</td>
<td><a
href="https://github.com/codeflash-ai/codeflash/pull/1201/files#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519">+23/-0</a>
</td>
</tr>
</table></td></tr><tr><td><strong>Enhancement</strong></td><td><table>
<tr>
<td>
<details>
<summary><strong>run_ruff.sh</strong><dd><code>Add shell script for Ruff
linting in Python projects</code>
</dd></summary>
<hr>
run_ruff.sh
<li>Added a shell script to run Ruff linting.<br> <li> Configured
environment activation and linting command.<br>
</details>
</td>
<td><a
href="https://github.com/codeflash-ai/codeflash/pull/1201/files#diff-08d9b9bfc882fa06fe0a67bf49f0512f2ea2202f99286e1d826bb94d6af5e333">+12/-0</a>
</td>
</tr>
</table></td></tr><tr><td><strong>Documentation</strong></td><td><table>
<tr>
<td>
<details>
<summary><strong>README.md</strong><dd><code>Update README with project
setup and prerequisites</code>
</dd></summary>
<hr>
README.md
<li>Updated project setup instructions.<br> <li> Added prerequisites for
Node.js, npm, Python, and Mamba.<br>
</details>
</td>
<td><a
href="https://github.com/codeflash-ai/codeflash/pull/1201/files#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5">+8/-0</a>
</td>
</tr>
</table></td></tr></tr></tbody></table>
___
> 💡 **PR-Agent usage**: Comment `/help "your question"` on any pull
request to receive relevant information
___
### **PR Type**
Enhancement, Configuration changes
___
### **Description**
- Added Secretlint configuration to scan for secrets using recommended
rules.
- Introduced a shell script to run Ruff linting for Python projects.
- Updated README with setup instructions and prerequisites for Node.js,
npm, Python, and Mamba.
- Configured Lefthook for pre-commit hooks to perform secret scanning
and code linting.
- Created `package.json` with scripts for Lefthook installation and
Secretlint execution, and added relevant development dependencies.
___
### **Changes walkthrough** 📝
<table><thead><tr><th></th><th align="left">Relevant
files</th></tr></thead><tbody><tr><td><strong>Configuration
changes</strong></td><td><table>
<tr>
<td>
<details>
<summary><strong>secretlint.config.js</strong><dd><code>Add Secretlint
configuration for secret scanning</code>
</dd></summary>
<hr>
secretlint.config.js
<li>Added Secretlint configuration file.<br> <li> Configured with
recommended rules for secret scanning.<br>
</details>
</td>
<td><a
href="https://github.com/codeflash-ai/codeflash/pull/1201/files#diff-134b2fd8c53958449a6b2a9f828d28149ffa192f0864afa76e82aa68a9c6cc20">+7/-0</a>
</td>
</tr>
<tr>
<td>
<details>
<summary><strong>lefthook.yml</strong><dd><code>Configure Lefthook for
pre-commit secret scanning and linting</code></dd></summary>
<hr>
lefthook.yml
<li>Configured Lefthook for pre-commit hooks.<br> <li> Added commands
for secret scanning and code linting.<br>
</details>
</td>
<td><a
href="https://github.com/codeflash-ai/codeflash/pull/1201/files#diff-ad6a01e589b8b1b214ca310dbb8d2e4314f6c612b921050c73c97455de43884d">+20/-0</a>
</td>
</tr>
<tr>
<td>
<details>
<summary><strong>package.json</strong><dd><code>Add package.json with
scripts and dependencies</code>
</dd></summary>
<hr>
package.json
<li>Created <code>package.json</code> for the monorepo.<br> <li> Added
scripts for Lefthook and Secretlint.<br> <li> Included development
dependencies.<br>
</details>
</td>
<td><a
href="https://github.com/codeflash-ai/codeflash/pull/1201/files#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519">+23/-0</a>
</td>
</tr>
</table></td></tr><tr><td><strong>Enhancement</strong></td><td><table>
<tr>
<td>
<details>
<summary><strong>run_ruff.sh</strong><dd><code>Introduce shell script
for Ruff linting in Python</code>
</dd></summary>
<hr>
run_ruff.sh
<li>Created a shell script to run Ruff linting.<br> <li> Script
navigates to the Python project directory.<br> <li> Activates Mamba
environment for linting.<br>
</details>
</td>
<td><a
href="https://github.com/codeflash-ai/codeflash/pull/1201/files#diff-08d9b9bfc882fa06fe0a67bf49f0512f2ea2202f99286e1d826bb94d6af5e333">+12/-0</a>
</td>
</tr>
</table></td></tr><tr><td><strong>Documentation</strong></td><td><table>
<tr>
<td>
<details>
<summary><strong>README.md</strong><dd><code>Update README with setup
instructions and prerequisites</code> </dd></summary>
<hr>
README.md
<li>Added project setup instructions.<br> <li> Listed prerequisites for
Node.js, npm, Python, and Mamba.<br>
</details>
</td>
<td><a
href="https://github.com/codeflash-ai/codeflash/pull/1201/files#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5">+8/-0</a>
</td>
</tr>
</table></td></tr></tr></tbody></table>
___
> 💡 **PR-Agent usage**: Comment `/help "your question"` on any pull
request to receive relevant information
14 lines
474 B
YAML
14 lines
474 B
YAML
pre-commit:
|
|
parallel: true
|
|
commands:
|
|
secret-scan:
|
|
runner: "node"
|
|
glob: "*"
|
|
exclude: "node_modules/**|venv/**|.venv/**|__pycache__/**|dist/**|build/**"
|
|
command: "./node_modules/.bin/secretlint {staged_files} --maskSecrets --config ./secretlint.config.js"
|
|
|
|
js-lint:
|
|
runner: "node"
|
|
glob: "*.js"
|
|
exclude: "node_modules/**|build/**|dist/**"
|
|
command: "./node_modules/.bin/eslint {staged_files} --ignore-path .gitignore"
|