Skip to content

Commit b24604c

Browse files
cs-rajcs-raj
committed
Pre-commit hook updated
1 parent c77da75 commit b24604c

File tree

4 files changed

+581
-596
lines changed

4 files changed

+581
-596
lines changed

.husky/pre-commit

Lines changed: 26 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -1,34 +1,46 @@
11
#!/usr/bin/env sh
2-
# Pre-commit hook to run Snyk and Talisman scans, completing both before deciding to commit
2+
# Pre-commit hook to run Talisman and Snyk scans, completing both before deciding to commit
33

44
# Function to check if a command exists
55
command_exists() {
66
command -v "$1" >/dev/null 2>&1
77
}
88

9-
# Check if Snyk is installed
10-
if ! command_exists snyk; then
11-
echo "Error: Snyk is not installed. Please install it and try again."
12-
exit 1
13-
fi
14-
159
# Check if Talisman is installed
1610
if ! command_exists talisman; then
1711
echo "Error: Talisman is not installed. Please install it and try again."
1812
exit 1
1913
fi
2014

15+
# Check if Snyk is installed
16+
if ! command_exists snyk; then
17+
echo "Error: Snyk is not installed. Please install it and try again."
18+
exit 1
19+
fi
20+
2121
# Allow bypassing the hook with an environment variable
2222
if [ "$SKIP_HOOK" = "1" ]; then
23-
echo "Skipping Snyk and Talisman scans (SKIP_HOOK=1)."
23+
echo "Skipping Talisman and Snyk scans (SKIP_HOOK=1)."
2424
exit 0
2525
fi
2626

2727
# Initialize variables to track scan results
28-
snyk_failed=false
2928
talisman_failed=false
29+
snyk_failed=false
30+
31+
# Run Talisman secret scan
32+
echo "Running Talisman secret scan..."
33+
talisman --githook pre-commit > talisman_output.log 2>&1
34+
talisman_exit_code=$?
35+
36+
if [ $talisman_exit_code -eq 0 ]; then
37+
echo "Talisman scan passed: No secrets found."
38+
else
39+
echo "Talisman scan failed (exit code $talisman_exit_code). See talisman_output.log for details."
40+
talisman_failed=true
41+
fi
3042

31-
# Run Snyk vulnerability scan
43+
# Run Snyk vulnerability scan (continues even if Talisman failed)
3244
echo "Running Snyk vulnerability scan..."
3345
snyk test --all-projects --fail-on=all > snyk_output.log 2>&1
3446
snyk_exit_code=$?
@@ -43,27 +55,15 @@ else
4355
snyk_failed=true
4456
fi
4557

46-
# Run Talisman secret scan (continues even if Snyk failed)
47-
echo "Running Talisman secret scan..."
48-
talisman --githook pre-commit > talisman_output.log 2>&1
49-
talisman_exit_code=$?
50-
51-
if [ $talisman_exit_code -eq 0 ]; then
52-
echo "Talisman scan passed: No secrets found."
53-
else
54-
echo "Talisman scan failed (exit code $talisman_exit_code). See talisman_output.log for details."
55-
talisman_failed=true
56-
fi
57-
5858
# Evaluate results after both scans
59-
if [ "$snyk_failed" = true ] || [ "$talisman_failed" = true ]; then
59+
if [ "$talisman_failed" = true ] || [ "$snyk_failed" = true ]; then
6060
echo "Commit aborted due to issues found in one or both scans."
61-
[ "$snyk_failed" = true ] && echo "- Snyk issues: Check snyk_output.log"
6261
[ "$talisman_failed" = true ] && echo "- Talisman issues: Check talisman_output.log"
62+
[ "$snyk_failed" = true ] && echo "- Snyk issues: Check snyk_output.log"
6363
exit 1
6464
fi
6565

6666
# If both scans pass, allow the commit
67-
echo "All scans passed. Proceeding with commit.cd ."
68-
rm -f snyk_output.log talisman_output.log
67+
echo "All scans passed. Proceeding with commit."
68+
rm -f talisman_output.log snyk_output.log
6969
exit 0

.talismanrc

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -85,10 +85,6 @@ fileignoreconfig:
8585
checksum: 1c1f05989f22d06b600fba7456c1935a385997292c770d573165b9a07e1a3b8a
8686
- filename: packages/contentstack-import/test/integration/auth-token-modules/webhooks.test.js
8787
checksum: f41c4c354482293e4d6e52923d451266b150ba675e61681e21ba83ebf5dd8382
88-
- filename: pnpm-lock.yaml
89-
checksum: 8bc914084e311432154f0e3bd05e2bbb60516460e09b9f8a6356c69d335b38b2
90-
- filename: package-lock.json
91-
checksum: 64cca4648257efc253c34babd3d857eadc2e4a42c8e84959f2005ec4dae0ed8a
9288
- filename: packages/contentstack-launch/src/commands/launch/environments.ts
9389
checksum: a9f5fc3fad1915ca8812f1159c4019b957db59f7b4c8e2da0d214e45b8835ef7
9490
- filename: packages/contentstack-launch/tsconfig.tsbuildinfo
@@ -109,4 +105,12 @@ fileignoreconfig:
109105
checksum: e345a745f027c76081df71e4fe9872c1f4adac076689b036e195b84041807b59
110106
- filename: packages/contentstack-launch/src/util/create-git-meta.ts
111107
checksum: 8cbd32dbbd2989c7c082f8a0b7615916125d211bce25531e9a882b8ebd5674af
108+
- filename: .husky/pre-commit
109+
checksum: b7cfe41015e9a2e2acb3a374389beddcd812d93bfceec90ce06dce54b0ed9e2b
110+
- filename: packages/contentstack/package.json
111+
checksum: 9b0fdd100effcdbb5ee3809f7f102bfd11c88dd76e49db5103434f3aa29473dd
112+
- filename: pnpm-lock.yaml
113+
checksum: c05453cf95a43e5fd5913808d6438ba7fb087a89838ac2f6ad1966957907c21c
114+
- filename: package-lock.json
115+
checksum: 7d7b7d6d7de87a58347c4772acc536006be8459df9a4232258f6976fe2704f89
112116
version: ""

0 commit comments

Comments
 (0)