Marius Mutu
6b13ffa183
Modern ERP Reports Application with microservices architecture Tech Stack: - Backend: FastAPI + python-oracledb (Oracle DB integration) - Frontend: Vue.js 3 + PrimeVue + Vite - Telegram Bot: python-telegram-bot + SQLite - Infrastructure: Shared database pool, JWT authentication, SSH tunnel Features: - FastAPI backend with async Oracle connection pool - Vue.js 3 responsive frontend with PrimeVue components - Telegram bot alternative interface - Microservices architecture with shared components - Complete deployment support (Linux Docker + Windows IIS) - Comprehensive testing (Playwright E2E + pytest) Repository Structure: - reports-app/ - Main application (backend, frontend, telegram-bot) - shared/ - Shared components (database pool, auth, utils) - deployment/ - Deployment scripts (Linux & Windows) - docs/ - Project documentation - security/ - Security scanning and git hooks
60 lines
1.5 KiB
Bash
60 lines
1.5 KiB
Bash
#!/bin/bash
|
|
#
|
|
# 🔒 ROA2WEB Commit Message Hook
|
|
# Validates commit messages and warns about potential security issues
|
|
#
|
|
# Installation:
|
|
# cp security/git_hooks/commit-msg .git/hooks/commit-msg
|
|
# chmod +x .git/hooks/commit-msg
|
|
#
|
|
|
|
set -e
|
|
|
|
commit_msg_file="$1"
|
|
commit_msg=$(cat "$commit_msg_file")
|
|
|
|
# Colors
|
|
RED='\033[0;31m'
|
|
YELLOW='\033[1;33m'
|
|
GREEN='\033[0;32m'
|
|
NC='\033[0m'
|
|
|
|
echo -e "${GREEN}🔒 ROA2WEB Commit Message Check${NC}"
|
|
|
|
# Patterns that might indicate accidental secret commits
|
|
SUSPICIOUS_COMMIT_PATTERNS=(
|
|
"password"
|
|
"secret"
|
|
"credential"
|
|
"token"
|
|
"key"
|
|
"auth"
|
|
"config"
|
|
"env"
|
|
)
|
|
|
|
# Check for suspicious patterns in commit message
|
|
violations=0
|
|
|
|
for pattern in "${SUSPICIOUS_COMMIT_PATTERNS[@]}"; do
|
|
if echo "$commit_msg" | grep -qi "$pattern"; then
|
|
echo -e "${YELLOW}⚠️ WARNING: Commit message contains potentially sensitive keyword: '$pattern'${NC}"
|
|
echo -e "${YELLOW} Make sure you're not accidentally committing secrets${NC}"
|
|
violations=$((violations + 1))
|
|
fi
|
|
done
|
|
|
|
# Check commit message quality
|
|
if [[ ${#commit_msg} -lt 10 ]]; then
|
|
echo -e "${YELLOW}⚠️ WARNING: Very short commit message${NC}"
|
|
fi
|
|
|
|
if [[ $violations -gt 0 ]]; then
|
|
echo -e "${YELLOW}"
|
|
echo "⚠️ $violations potential security-related keywords found in commit message"
|
|
echo "Please double-check that you're not committing sensitive information"
|
|
echo -e "${NC}"
|
|
fi
|
|
|
|
echo -e "${GREEN}✅ Commit message check completed${NC}"
|
|
exit 0 |