Added detect-secrets hook

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
2026-04-03 00:51:13 -04:00 · 2024-05-20 11:16:37 -04:00
parent 2db920b0f4
commit ff9c8678bb
3 changed files with 26 additions and 1 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -20,3 +20,8 @@ repos:
    -   id: detect-private-key
    -   id: end-of-file-fixer
    -   id: mixed-line-ending
+-   repo: https://github.com/Yelp/detect-secrets
+    rev: v1.5.0
+    hooks:
+    -   id: detect-secrets
+        args: ['--baseline', '.secrets.baseline']
--- a/poetry.lock
+++ b/poetry.lock
@@ -1041,6 +1041,25 @@ wrapt = ">=1.10,<2"
 [package.extras]
 dev = ["PyTest", "PyTest-Cov", "bump2version (<1)", "sphinx (<2)", "tox"]

+[[package]]
+name = "detect-secrets"
+version = "1.5.0"
+description = "Tool for detecting secrets in the codebase"
+optional = false
+python-versions = "*"
+files = [
+    {file = "detect_secrets-1.5.0-py3-none-any.whl", hash = "sha256:e24e7b9b5a35048c313e983f76c4bd09dad89f045ff059e354f9943bf45aa060"},
+    {file = "detect_secrets-1.5.0.tar.gz", hash = "sha256:6bb46dcc553c10df51475641bb30fd69d25645cc12339e46c824c1e0c388898a"},
+]
+
+[package.dependencies]
+pyyaml = "*"
+requests = "*"
+
+[package.extras]
+gibberish = ["gibberish-detector"]
+word-list = ["pyahocorasick"]
+
 [[package]]
 name = "distlib"
 version = "0.3.8"
@@ -4729,4 +4748,4 @@ multidict = ">=4.0"
 [metadata]
 lock-version = "2.0"
 python-versions = "^3.12.2"
-content-hash = "a2dbec1a5e78a8082150fd0951a67cde6f133f3d7b600a8303f7075498e07f8d"
+content-hash = "426ae986eeb1ef7f25aecdb3c6e092edb27be70ce32b5ddf3f616d9d607e95f0"
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -105,6 +105,7 @@ requests-mock = "^1.11.0"
 setuptools = "^69.0.3"
 sqlalchemy-utils = "^0.41.2"
 vulture = "^2.10"
+detect-secrets = "^1.5.0"


 [build-system]