| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 |
- package main
- import (
- "bufio"
- "fmt"
- "os"
- "os/exec"
- "strings"
- )
- func commandExists(cmd string) bool {
- _, err := exec.LookPath(cmd)
- return err == nil
- }
- func checkDependencies() error {
- requiredTools := []string{"git", "find", "grep"}
- optionalTools := []string{"gitleaks"}
- var missing []string
- log("Checking dependencies...")
- for _, tool := range requiredTools {
- if !commandExists(tool) {
- missing = append(missing, tool)
- }
- }
- for _, tool := range optionalTools {
- if !commandExists(tool) {
- warn("Optional tool missing: %s (recommended for security scanning)", tool)
- } else {
- log("✓ Found: %s", tool)
- }
- }
- if len(missing) > 0 {
- errorLog("Missing required tools: %s", strings.Join(missing, ", "))
- errorLog("Please install missing dependencies")
- return fmt.Errorf("missing dependencies")
- }
- log("✓ All required dependencies found")
- return nil
- }
- func runSecurityScan() error {
- log("Running security scan...")
- if !commandExists("gitleaks") {
- warn("GitLeaks not installed - skipping security scan")
- warn("Install with: paru -S gitleaks")
- fmt.Println()
- fmt.Print("Continue without security scan? (y/N): ")
- reader := bufio.NewReader(os.Stdin)
- answer, _ := reader.ReadString('\n')
- answer = strings.TrimSpace(strings.ToLower(answer))
- if answer != "y" && answer != "yes" {
- errorLog("Push cancelled for security")
- return fmt.Errorf("security scan cancelled")
- }
- return nil
- }
- log("Using GitLeaks for secret detection...")
- cmd := exec.Command("gitleaks", "detect", "--verbose", "--exit-code", "1")
- if err := cmd.Run(); err != nil {
- errorLog("❌ Secrets detected! Review before pushing.")
- return fmt.Errorf("secrets detected")
- }
- log("✅ No secrets detected")
- return nil
- }
|
