• PlexSheep@infosec.pub
    link
    fedilink
    arrow-up
    9
    ·
    4 months ago

    This sounds like a really useful solution, how do you implement something like this? Especially with linter integration

    • danA
      link
      fedilink
      arrow-up
      7
      ·
      edit-2
      4 months ago

      I’m not sure, sorry. The source control team at work set it up a long time ago. I don’t know how it works - I’m just a user of it.

      The linter probably just runs git diff | grep @nocommit or similar.

      • PlexSheep@infosec.pub
        link
        fedilink
        arrow-up
        4
        ·
        4 months ago

        PRs? Isn’t the point of @nocommit that something does not get committed, and therefore no credentials are stored in the git repository? Even if the PR does not get merged, the file is still stored as a hit object and can be restored.

        • zqwzzle@lemmy.ca
          link
          fedilink
          English
          arrow-up
          2
          ·
          4 months ago

          I read the lint part and my brain forgot about everything else. You could stick the danger call in a pre commit hook though.