diff --git a/.gitallowed b/.gitallowed deleted file mode 100644 index 685229f..0000000 --- a/.gitallowed +++ /dev/null @@ -1,12 +0,0 @@ -token: ?"?\$\{\{\s*secrets\.GITHUB_TOKEN\s*\}\}"? -.*\.gitallowed.* -id-token: write -password: \${{ secrets\.GITHUB_TOKEN }} -def __init__\(self, token: str, owner: str, repo: str.* -self\.token = token -token = os\.environ\.get\(\"GH_TOKEN\"\) -poetry\.lock -\-Dsonar\.token=\"\$SONAR_TOKEN\" -token: "\${{ steps\.generate-token\.outputs\.token }}" -id-token: 'write' -id-token: "write" diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2e5156c..67f7359 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -20,7 +20,7 @@ repos: - id: grype-scan-local name: Grype scan local changes entry: make - args: ["grype-scan-local"] + args: [ "grype-scan-local" ] language: system pass_filenames: false always_run: true @@ -45,30 +45,31 @@ repos: pass_filenames: false always_run: true - - id: git-secrets - name: Git Secrets - description: git-secrets scans commits, commit messages, and --no-ff merges to prevent adding secrets into your git repositories. + - id: gitleaks + name: Git Leaks + description: gitleaks scans commits, commit messages, and --no-ff merges to + prevent adding secrets into your git repositories. entry: bash args: - -c - - "git-secrets --pre_commit_hook" + - "gitleaks git --pre-commit --redact --staged --verbose" language: system - id: lint-githubactions name: Lint github actions entry: make - args: ["lint-githubactions"] + args: [ "lint-githubactions" ] language: system files: ^.github - types_or: [yaml] + types_or: [ yaml ] pass_filenames: false - id: lint-githubaction-scripts name: Lint github action scripts entry: make - args: ["lint-githubaction-scripts"] + args: [ "lint-githubaction-scripts" ] language: system files: ^.github/scripts - types_or: [sh, shell] + types_or: [ sh, shell ] pass_filenames: false fail_fast: true