prevent-forbidden-code
v1.1.0
Published
prevents unintentional commiting of undesirable code to a project.
Downloads
2,732
Maintainers
Readme
prevent-forbidden-code
This module is intended as a ghooks compatible plugin that prevents unwanted code from being committed into your repository.
Prerequisites
- git
- Node >= 4.4.x
- ghooks
Make sure you have a git repository (git init
) BEFORE installing ghooks, otherwise you have to take extra steps if you install ghooks before running git init
.
Installing
npm install prevent-forbidden-code ghooks --save-dev
Basic Configuration
// inside package.json
...
"config": {
"ghooks": {
"pre-commit": "prevent-forbidden-code",
}
}
...
How it works, and default settings
By default, prevent-forbidden-code
screens for the following array of commands in your code:
[
"console.log(",
"console.info(",
"console.error(",
"console.warn(",
"debugger",
"var_dump",
"print_r",
"fdescribe(",
"fit(",
"ddescribe(",
"iit("
]
With each commit, the committed files are scanned for any lines containing these commands. If found, prevent-forbidden-code
alerts you as to the type of offending command found, and where they were found:
[ >>> BEGIN PRE-COMMIT FORBIDDEN CODE CHECK ]
FAILURE: You left a console.log( in README.md
[ >>> COMMIT REJECTED ]
If you absolutely need to commit this use git commit --no-verify (-n)
Note: You can prevent the scan entirely by using the --no-verify
flag on your commit, as mentioned in the output sample above.
Configuration Options
Exclusions
Adding exclusions to your configuration allows prevent-forbidden-code
to skip one or more matching files from the scan. Under the hood, prevent-forbidden-code
uses the excellent minimatch module to convert glob expressions in the array into regular expressions for file name matching. In the following configuration sample, all usages of the normally prevented commands in any markdown file would would be allowed.
// inside package.json
...
"config": {
"ghooks": {
"pre-commit": "prevent-forbidden-code",
},
"prevent-forbidden-code": {
"exclude": ["*.md"]
}
}
...
Rejecting Custom Lists of Commands
To override the default list of forbidden commands, just add your own forbid
parameter to the config as an array of commands strings. The following example would scan files only for describe.only(
and it.only(
usages.
// inside package.json
...
"config": {
"ghooks": {
"pre-commit": "prevent-forbidden-code",
},
"prevent-forbidden-code": {
"forbid": ["describe.only(", "it.only("]
"exclude": ["*.md"]
}
}
...
License
This software is licensed under the MIT license.