UNPKG

ban-sensitive-files

Version:

Checks filenames to be committed against a library of filename rules to prevent sensitive files in Git

github.com/bahmutov/ban-sensitive-files

bahmutov/ban-sensitive-files

59 lines (50 loc) 1.38 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
const la = require('lazy-ass') const is = require('check-more-types') const log = require('debug')('ban') const ggit = require('ggit') const R = require('ramda') const fs = require('fs') const getName = R.prop('name') function isFile (filename) { if (fs.existsSync(filename)) { return fs.lstatSync(filename).isFile() } // assume non-existent or deleted files could be files return true } function collectFilenamesInGitRepo (info) { let filenames = [] if (info.A) { filenames = filenames.concat(info.A.map(getName)) } if (info.M) { filenames = filenames.concat(info.M.map(getName)) } if (info.C) { filenames = filenames.concat(info.C.map(getName)) } return filenames } function printFilenames (names) { log('checking %d filenames', names.length) log(names) return names } function findAllRepoFiles () { return ggit.trackedFiles(process.cwd(), '**', { dot: true }) .then(names => names.filter(isFile)) } function collectFiles (options) { options = options || {} const start = options.all ? findAllRepoFiles() : ggit.changedFiles().then(collectFilenamesInGitRepo) return start.then(printFilenames) } module.exports = collectFiles if (!module.parent) { collectFiles({ all: true }) .then(R.tap(list => la(is.array(list)))) .then(console.log.bind(console)) .catch(console.error.bind(console)) }