Added 'detect-secrets' check as part of pre-commit hooks

[whutomo]

I have added .pre-commit-config.yaml file which performs a pre-commit hook to perform detect-secrets .This will prevent from developers to accidentally committing code changes with potential secrets in it

Please run brew install detect-secrets and brew install pre-commit to enable the the pre-commit hook operation in your local machine.

if you have issues with installing the dependencies above please find more information here:

• https://pre-commit.com/
• https://github.com/Yelp/detect-secrets
• https://github.com/pre-commit/pre-commit-hooks

to test it out after installation, perform the following:

• you either can edit an existing file or create a new one and add a new line (e.g. const password = 1234)
• stage the change
• try to commit the change
• you should be seeing errors
  

[rifont]

Hey @whutomo, is it possible to use the pre-commit NPM package, to keep installations purely to NPM? This will also add support for Windows devices which won't have brew available.

[whutomo]

Hey @whutomo, is it possible to use the pre-commit NPM package, to keep installations purely to NPM? This will also add support for Windows devices which won't have brew available.

Hi @richardfontein, I have tried to be using the npm version of detect-secrets but it does not run at all. I also notice that the npm package isn't well maintained lirantal/detect-secrets#11. This could be the reason why.

Although windows does not support brew, these packages (detect-secrets & pre-commit) are available via pip too.

if supporting window OS is a priority for us I am happy to take another look at different libraries like https://www.npmjs.com/package/truffle-security