olmesm / husky-talisman

Validates the outgoing changeset for things that look suspicious - such as authorisation tokens and private keys.

Home Page:https://www.npmjs.com/package/husky-talisman

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

husky-talisman

PRs Welcome


Update 2021-11-03: I wrote this over 3 years ago in while on a very security-strict client. I'm glad that this has seen some use and that there is still a demand.

I still believe there is a need for a node-wrapped taliman package with zero dependencies. I will update this package shortly. In the meanwhile node-talisman may offer some relief, although it's obviously not acceptable for zero-dependecy environments.

TODO


NOTE: this package doesn't actually require husky to run, but plans full support.

This is an npm package that downloads and sets up Thoughtwork's talisman tool for use in your node project.

Requires

Features

  • husky supported
  • Linux, MacOS and Windows (PowerShell) support
  • Zero npm package dependencies

To Install

The following is recommended to keep compatibility across various OS's.

If you have a preferred method feel free to use it.

  1. Add package

    npm install --save-dev husky-talisman
  2. Add a script to package.json

    {
      "scripts" : {
        "husky-talisman": "husky-talisman",
        ...
      }
      ...
    }
  3. Add githook

    Run the following via your githook tool

    npm run husky-talisman [pre-commit|pre-push]

    Alternatively add to your husky githooks in your package.json or .huskyrc file.

    {
      ...
      "husky": {
        "hooks": {
          ...
          "pre-commit": "npm run husky-talisman -- pre-commit",
          "pre-push": "npm run husky-talisman -- pre-push"
        }
      }
    }

Resources

About

Validates the outgoing changeset for things that look suspicious - such as authorisation tokens and private keys.

https://www.npmjs.com/package/husky-talisman

License:MIT License


Languages

Language:JavaScript 100.0%