Soverein/sanasto-wiki
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

run some lint and security check before pushing code

Browse Source
This commit is contained in:
Runar Ingebrigtsen
2026-01-31 11:49:25 +01:00
parent 803c1371b7
commit 8ec8f15857
3 changed files with 88 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/hooks/pre-push
Executable
+42
View File
@@ -0,0 +1,42 @@
#!/bin/bash
# Pre-push hook that runs security scans (brakeman + bundler-audit)
echo "Running security scans..."
echo ""
# Run brakeman
echo "🔍 Running brakeman..."
bundle exec brakeman --no-pager --quiet
BRAKEMAN_EXIT=$?
if [ $BRAKEMAN_EXIT -ne 0 ]; then
echo ""
echo "❌ Brakeman found security issues."
echo " Run 'bundle exec brakeman' for detailed output."
echo ""
fi
# Run bundler-audit
echo "🔍 Running bundler-audit..."
bundle exec bundler-audit check --update
BUNDLER_AUDIT_EXIT=$?
if [ $BUNDLER_AUDIT_EXIT -ne 0 ]; then
echo ""
echo "❌ Bundler-audit found vulnerable dependencies."
echo " Run 'bundle exec bundler-audit check' for detailed output."
echo ""
fi
# If either scan failed, prevent push
if [ $BRAKEMAN_EXIT -ne 0 ] || [ $BUNDLER_AUDIT_EXIT -ne 0 ]; then
echo "❌ Security scans failed. Please fix the issues before pushing."
echo " To skip this hook, use 'git push --no-verify'"
exit 1
fi
echo ""
echo "✅ All security scans passed!"
exit 0