Git without secrets
Project description
git-secret
Git without secrets
Prerequisites
Python 3 is required. Python 2 is not supported.
Second, Python 3's bin directory needs to be in your PATH environment variable. For example, if you are using the
python.org install on macOS, you will need to add the following to your ~/.profile.
PATH="/Library/Frameworks/Python.framework/Versions/3.*/bin:${PATH}"
Installation
git-secrets is located on PyPI.
To install, run the following.
$ pip3 install qpp-git-secrets
sudo may be needed if your Python 3 installation is in a protected directory. This will put the command the bin
directory of your Python 3 installation.
To update git-secrets to the latest version, run the following.
$ pip3 install --upgrade qpp-git-secrets
Again, sudo may be required.
Usage
Currently, git-secrets only checks the added lines of staged files. AKA, only the added lines that are about to be
committed will be checked.
Installing the Pre-commit Hook
Run the following when the PWD is in the repository you want to add a pre-commit hook...
$ git secrets install
If there exists a pre-commit.d directory, this will add a bash script into that directory. If that directory doesn't
exist, the pre-commit bash script will be created directly. If the pre-commit script already exists, git-secrets
will exit with an error since it chooses to not remove the previous pre-commit script.
Manually scanning
If you want to manually scan a repository, you can run the following while your PWD is in the repository...
$ git secrets scan
Secrets are then scanned.
Specifying Secrets
There are two locations that git-secrets checks for secret specifications. The secrets from the two locations are
merged together.
- A
.gitsecretsfile in the top level directory of the repository. ~/.gitsecrets.
Each line in these files should contain a regular expression. The regular expression syntax is based off what the
Python 3 re module supports.
Example Secrets
TINs that don't start with 000 or 999 or don't have 00 for the middle number group.
(\D|^)(?!000)(?!999)\d{3}\s(?!00)\d{2}\s\d{4}(\D|$)
(\D|^)(?!000)(?!999)\d{3}-(?!00)\d{2}-\d{4}(\D|$)
(\D|^)(?!000)(?!999)\d{3}(?!00)\d{2}\d{4}(\D|$)
Development
I accept PRs! Check out the issues.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file qpp-git-secrets-1.1.1.tar.gz.
File metadata
- Download URL: qpp-git-secrets-1.1.1.tar.gz
- Upload date:
- Size: 5.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.20.1 setuptools/40.6.2 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/3.7.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | da3c7648977e7f38f69394f3934bdf6a717ead60261b21a993c53a2269dc6219 |
|
| MD5 | a7566988d2d3cfc312d5be05ec707255 |
|
| BLAKE2b-256 | a7532a3302269cf5eacbad1ed61afec9701ba9afa46d8df3fd355ee26c92bc7d |
File details
Details for the file qpp_git_secrets-1.1.1-py3-none-any.whl.
File metadata
- Download URL: qpp_git_secrets-1.1.1-py3-none-any.whl
- Upload date:
- Size: 20.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.20.1 setuptools/40.6.2 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/3.7.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 5952bd4194cf41d8a048475a4ae89da405349857c4c273ff8e13de1f677b1e34 |
|
| MD5 | 96284f494c82308aa23c813b92114fdc |
|
| BLAKE2b-256 | c8972256c9d38b727d7efbcc168535e63a005ad7dca9413dd3be8243b7d7024e |
