A simple precommit hook that checks for the presence of an Ethereum private key in your codebase.
- Install the package
yarn add -D priv-key-precommit
- Create a script in your
package.json
"scripts": {
"priv-key-check": "priv-key-precommit"
}
- Install husky (or a similar pre-commit hook manager)
npx husky-init && yarn
- Edit the contents of
.husky/pre-commit
#!/bin/sh
. "$(dirname "$0")/_/husky.sh"
npm run priv-key-check
- Try commiting your code. It won't let you commit your code if it finds a private key in your codebase.
❯ git commit -m 'test'
> priv:check
> priv-key-precommit
🚨 Found 1 instance(s) of private keys. Aborting commit.
=> .env.example
husky - pre-commit hook exited with code 1 (error)