A linter for security commit messages
Project description
SECOMlint
Linter to measure compliance against SECOM convention. SECOM is a convention for making security commit messages more readable and structured. Check the CONFIG.md file to know how to configure the template in your repository.
Installation
pip install secomlint
python -m spacy download en_core_web_lg
From the source code:
git clone https://github.com/TQRG/secomlint.git
cd secomlint
pip install .
python -m spacy download en_core_web_lg
Usage
secomlint --help
Usage: secomlint [OPTIONS]
Linter to check compliance against SECOM (https://tqrg.github.io/secom/).
Options:
--no-compliance Show missing compliance.
--is-body-informative Checks body for security information.
--score Show compliance score.
--config TEXT Rule configuration file path name.
--help Show this message and exit.
Run tool
git log -1 --pretty=%B | secomlint where git log -1 --pretty=%B gets the commit message of the local commit.
- Check only the rules that are not in compliance:
git log -1 --pretty=%B | secomlint --no-compliance - Calculate compliance score:
git log -1 --pretty=%B | secomlint --no-compliance --score
Configuration
The linter has a default configuration that can be overridden with a .yml file using the following syntax:
rule_name:
active: {true | false}
type: {0 - warning | 1 - error}
value: {string | regex}
An example would be:
header_starts_with_type:
active: true
type: 0
value: 'fix'
metadata_has_detection:
active: false
(The rule header_starts_with_type is active, outputs warnings and checks if header starts with type fix. The rule metadata_has_detection was deactivated.)
git log -1 --pretty=%B | secomlint --config=config.yml
Check if the message's body is informative enough
It is important that the body of security commit messages are somehow informative; SECOMlint checks the message's body for security-related keywords.
git log -1 --pretty=%B | secomlint --is-body-informative
👍 Good to go! Extractor found the following security related words in the message's body:
- protocols
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file secomlint-0.1.1.tar.gz.
File metadata
- Download URL: secomlint-0.1.1.tar.gz
- Upload date:
- Size: 26.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.8.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
672864eab624eef5ae013418119ff7be199db50a25ddf7141dac8255560e12cc
|
|
| MD5 |
534dad98d62485bf2b80ec11fc70a772
|
|
| BLAKE2b-256 |
930f5fbc00131e729591f4111923e8ecd98a21a7fbf4965b7028d8eadfac9ebd
|
File details
Details for the file secomlint-0.1.1-py3-none-any.whl.
File metadata
- Download URL: secomlint-0.1.1-py3-none-any.whl
- Upload date:
- Size: 27.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.8.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2301bf309f93530a19187bf23920467d23eb32913b815a2de8a6edd5b6f98ee6
|
|
| MD5 |
ffa85be1d4feba615c0ceecd6c60c4a1
|
|
| BLAKE2b-256 |
4574c34ddc9d633f83a636a11210d65a3a2aed902a7b806e0e978ae6015aff06
|
