SHARE
TWEET

Untitled

a guest Mar 26th, 2019 81 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/sh
  2.  
  3. # stash before we mess around
  4. STASH_NAME="pre-commit-$(date +%s)"
  5. git stash save -q --keep-index $STASH_NAME
  6.  
  7. # regexes to find keys
  8. TWILIO_KEY="\bAC[a-z0-9]{32}\b"
  9. TWILIO_SECRET="\b[a-z0-9]{32}\b"
  10. API_REGEXPS=( $TWILIO_KEY $TWILIO_SECRET )
  11.  
  12. # search committed files for potential api keys
  13. found_keys=() # list containing ponential matches
  14. check_files=($(git diff --name-only --cached))
  15. for file in ${check_files[@]}
  16. do
  17.     # for each file check against regex
  18.     for key_regex in ${API_REGEXPS[@]}
  19.     do
  20.         found=$(grep --with-filename -r -n -E $key_regex $file | tr -d [:space:])
  21.  
  22.         # append potential keys to list
  23.         if [ ! -z $file ]
  24.         then
  25.             found_keys+=($found)
  26.             git reset HEAD $file
  27.         fi
  28.     done
  29. done
  30.  
  31. # if no keys, pop the stash and commit, otherwise show error
  32. if [ ${#found_keys[@]} -eq 0 ];
  33. then
  34.     STASHES=$(git stash list)
  35.     if [[ $STASHES == "$STASH_NAME" ]]; then
  36.       git stash pop -q
  37.     fi
  38.     exit 0
  39. else
  40.     echo "\033[1;31;7mCOMMIT FAILED, FOUND POTENTIAL KEYS:\033[0m"
  41.     for key in ${found_keys[@]}
  42.     do
  43.         echo "\t\033[7m${key}\033[0m"
  44.     done
  45.     exit 1
  46. fi
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top