Skip to content

Add catch-dotenv hook and corresponding tests to manage .env files #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Aug 29, 2025
Merged

Add catch-dotenv hook and corresponding tests to manage .env files #1

merged 7 commits into from
Aug 29, 2025

Conversation

@rwbot
Copy link
Owner

@rwbot rwbot commented Aug 29, 2025

This pull request introduces a new pre-commit hook to block .env files from being committed to the repository and optionally generate a sanitized .env.example file. It also ensures .env is added to .gitignore automatically, helping prevent accidental exposure of secrets. The hook is registered in the project configuration and includes a comprehensive test .env file for validation.

New pre-commit hook for dotenv protection:

  • Added a catch-dotenv hook to .pre-commit-hooks.yaml that blocks commits containing .env files and can generate a value-sanitized .env.example file.
  • Implemented the pre_commit_hooks/catch_dotenv.py script, which blocks .env file commits, updates .gitignore with a canonical banner and .env entry, and generates .env.example with only variable names.
  • Registered the new hook as a console script in setup.cfg for CLI use.

Testing resources:

  • Added a sample testing/resources/test.env file with dummy secrets and various environment variables for testing the hook’s behavior.

@rwbot rwbot requested a review from Copilot August 29, 2025 03:10

This comment was marked as outdated.

Sign in to view

@rwbot rwbot marked this pull request as ready for review August 29, 2025 03:27
@rwbot rwbot requested a review from Copilot August 29, 2025 03:27
Copilot AI reviewed Aug 29, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces a new pre-commit hook called catch-dotenv that prevents committing .env files to version control, helping protect secrets from accidental exposure. The hook automatically adds .env to .gitignore and can optionally generate a sanitized .env.example file with variable names but no values.

Key changes:

  • Implemented the catch-dotenv hook with atomic file operations and gitignore normalization
  • Added comprehensive test suite covering edge cases, concurrency, and error scenarios
  • Created a test resource file with realistic environment variable examples for validation

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
pre_commit_hooks/catch_dotenv.py Core hook implementation with gitignore management and example file generation
tests/catch_dotenv_test.py Comprehensive test suite covering functionality and edge cases
testing/resources/test.env Test resource file with dummy environment variables for validation
setup.cfg Added console script entry point for the new hook
.pre-commit-hooks.yaml Registered the new hook configuration
README.md Added documentation for the catch-dotenv hook

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@rwbot rwbot merged commit 34d2957 into main Aug 29, 2025
@rwbot rwbot deleted the catch-dotenv branch August 29, 2025 03:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rwbot