-
Notifications
You must be signed in to change notification settings - Fork 10
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Add git blacklist documentation * Update readme to add reference to git blacklist documentation * Update readme to list new pimcore project type availability * Update changelog based on PR feedback * Add additional merge conflict check to git blacklist * Update phpinfo check in git blacklist to be more robust
- Loading branch information
Stefan Boonstra
committed
Nov 15, 2022
1 parent
0b7a86e
commit 78baa90
Showing
5 changed files
with
94 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
# Git commit keyword validation | ||
|
||
## Purpose | ||
Every commit, blacklisted phrases are scanned within scanned files containing a specified file extension.\ | ||
The purpose of these checks is to prevent committing production-breaking or sensative system information. | ||
|
||
## Keywords used | ||
**_Note:_** some example configuration is below. Specific packages might override the default configuration. | ||
|
||
To prevent accidental commits of specific syntax that may cause issues, the testing suite sniffs\ | ||
several keywords in your commits. | ||
|
||
### Preventing production logs, debug statements and leaking sensitive system information | ||
```yaml | ||
- "die(" | ||
- "dd(" | ||
- "var_dump(" | ||
- "console.log(" | ||
- "alert(" | ||
- "print_r(" | ||
- "phpinfo(" | ||
``` | ||
|
||
### Preventing accidental committing of merge conflicts | ||
```yaml | ||
- "<<<<<" | ||
- ">>>>>" | ||
- "=====" | ||
``` | ||
|
||
### Preventing statements that have better alternatives | ||
```yaml | ||
- "<?php echo" | ||
``` | ||
|
||
* The magento2 coding standards extend this with invocation of the ObjectManager. | ||
|
||
## Files scanned | ||
The following files are scanned for blacklisted keywords in a default configuration. | ||
|
||
**_Note:_** different project types might override the files scanned. | ||
```yaml | ||
- .php | ||
- .js | ||
``` | ||
* Magento2 project types extend this with .phtml files. | ||
* Pimcore project types extend this with .twig files. | ||
|
||
## Override the configuration | ||
To override the default git blacklist with your own, override the configuration in the `grumphp.yml` file\ | ||
in your local project. An example configuration can be found below. | ||
|
||
Full details of available configuration options can be found [here](https://github.com/phpro/grumphp/blob/master/doc/tasks/git_blacklist.md). | ||
|
||
Note: configuration keys are **overwritten, not merged**. | ||
|
||
```yaml | ||
imports: | ||
- resource: 'vendor/youwe/testing-suite/config/default/grumphp.yml' | ||
|
||
parameters: | ||
git_blacklist.keywords: | ||
- "die(" | ||
- "dd(" | ||
- "var_dump(" | ||
- "console.log(" | ||
- "alert(" | ||
- "print_r(" | ||
- "phpinfo(" | ||
- "exit;" | ||
- "<<<<<" | ||
- ">>>>>" | ||
- "=====" | ||
- "<?php echo" | ||
- "My additional keyword" | ||
git_blacklist.triggered_by: [ 'php', 'js', 'additional_file_extension_here' ] | ||
``` |