Skip to content

Add catch_dotenv hook to prevent committing .env files #1188

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 10 commits into from
Closed

Add catch_dotenv hook to prevent committing .env files #1188

wants to merge 10 commits into from

Conversation

@rwbot
Copy link

@rwbot rwbot commented Aug 29, 2025

This pull request introduces a new pre-commit hook to prevent accidental commits of .env files containing sensitive information, along with supporting documentation, configuration, and testing resources. The main addition is the catch-dotenv hook, which blocks .env files from being committed, optionally generates a sanitized .env.example, and ensures .env is listed in .gitignore.

New pre-commit hook for dotenv protection:

  • Added the catch-dotenv hook implementation in pre_commit_hooks/catch_dotenv.py, which blocks commits of .env files, can generate a .env.example with only variable names, and ensures .env is present in .gitignore.
  • Registered the new hook in .pre-commit-hooks.yaml with a description and configuration options.
  • Documented usage, options, and benefits of catch-dotenv in README.md.

Integration and testing resources:

  • Added catch-dotenv to the setup.cfg entry points to enable command-line usage and integration with pre-commit.
  • Included a sample .env file with dummy secrets in testing/resources/test.env for testing.

rwbot and others added 10 commits August 28, 2025 19:50
@rwbot
Add catch_dotenv hook and corresponding tests to manage .env files
25a3d2e
@rwbot
Refactor catch_dotenv hook and tests for improved error handling and …
33746f5 
…clarity
@rwbot
Improve error handling and clarity in catch_dotenv hook and tests
989ac68
@rwbot
Refactor catch_dotenv hook and tests for improved readability and con…
c7f0dae 
…sistency
@rwbot
register catch-dotenv hook
3e8b0c9
@rwbot
add catch-dotenv hook to README and improve test clarity
476396a
@rwbot
Refactor env_file fixture to dynamically locate repository root and i…
206d0a3 
…mprove test isolation
@rwbot
Merge pull request #1 from rwbot/catch-dotenv
34d2957
@rwbot
Add tests for error handling in env file operations and example creat…
423fd23 
…ion for 100% cov
@rwbot
Merge branch 'catch-dotenv' of https://github.com/rwbot/pre-commit-hooks
b7435a3 
 into catch-dotenv
@asottile
Copy link
Member

asottile commented Aug 29, 2025

hi in the future please discuss features before spending time on them

you don't really need any code for this. this can be done trivially with a language: fail hook

@asottile asottile closed this Aug 29, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rwbot @asottile