forked from G-Research-Forks/git-proxy
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcheckCommitMessages.ts
More file actions
94 lines (76 loc) · 3.23 KB
/
checkCommitMessages.ts
File metadata and controls
94 lines (76 loc) · 3.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
/**
* Copyright 2026 GitProxy Contributors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import { Action, Step } from '../../actions';
import { getCommitConfig } from '../../../config';
const isMessageAllowed = (commitMessage: string, step: Step): boolean => {
try {
const commitConfig = getCommitConfig();
// Commit message is empty, i.e. '', null or undefined
if (!commitMessage) {
step.log('No commit message included.');
return false;
}
// Validation for configured block pattern(s) check...
if (typeof commitMessage !== 'string') {
step.log('A non-string value has been captured for the commit message.');
return false;
}
// Configured blocked literals and patterns
const blockedLiterals: string[] = commitConfig.message?.block?.literals ?? [];
const blockedPatterns: string[] = commitConfig.message?.block?.patterns ?? [];
// Find all instances of blocked literals and patterns in commit message
const positiveLiterals = blockedLiterals.map((literal: string) =>
commitMessage.toLowerCase().includes(literal.toLowerCase()),
);
const positivePatterns = blockedPatterns.map((pattern: string) =>
commitMessage.match(new RegExp(pattern, 'gi')),
);
// Flatten any positive literal and pattern results into a 1D array
const literalMatches = positiveLiterals.flat().filter((result) => !!result);
const patternMatches = positivePatterns.flat().filter((result) => !!result);
// Commit message matches configured block pattern(s)
if (literalMatches.length || patternMatches.length) {
step.log('Commit message is blocked via configured literals/patterns.');
return false;
}
} catch (error) {
step.log('Invalid regex pattern.');
return false;
}
return true;
};
// Execute if the repo is approved
const exec = async (req: any, action: Action): Promise<Action> => {
const step = new Step('checkCommitMessages');
const uniqueCommitMessages = [...new Set(action.commitData?.map((commit) => commit.message))];
const illegalMessages = uniqueCommitMessages.filter(
(message) => !isMessageAllowed(message, step),
);
if (illegalMessages.length > 0) {
step.error = true;
step.log(`The following commit messages are illegal: ${illegalMessages}`);
step.setError(
`\n\n\nYour push has been blocked.\nPlease ensure your commit message(s) does not contain sensitive information or URLs.\n\nThe following commit messages are illegal: ${JSON.stringify(illegalMessages)}\n\n`,
);
action.addStep(step);
return action;
}
step.log(`The following commit messages are legal: ${uniqueCommitMessages}`);
action.addStep(step);
return action;
};
exec.displayName = 'checkCommitMessages.exec';
export { exec };