Add a basic check to look for .env files

[wesley-dean-gsa]

Changes proposed in this pull request

This is an extremely simple check that makes sure we don't accidentally commit a file named .env even if it doesn't have any secrets. Literally all that it does is look for a file named .env and fails if it finds one.

security considerations

This ought to help us keep a little safer, even if we don't actively use .env files.

[wesley-dean-gsa]

Preview This Branch

You may view the preview version of the site with the following URL:

https://federalist-a2423046-fe43-4e75-a2ef-2651e5e123ca.sites.pages.cloud.gov/preview/gsa-tts/tts.gsa.gov/pre-commit-no-env/

It may take a minute before changes in this Pull Request (PR) show up ⏱️

[wesley-dean-gsa]

Coverage report

St.❔	Category	Percentage	Covered / Total
🟡	Statements	74.92% (-0.24% 🔻)	230/307
🟡	Branches	75.8%	166/219
🟢	Functions	80.65% (-2.69% 🔻)	25/31
🟡	Lines	74.92% (-0.24% 🔻)	230/307

Show files with reduced coverage 🔻

St.❔	File	Statements	Branches	Functions	Lines
🟢	global.js	91.89% (-0.84% 🔻)	91.74%	88.89% (-5.23% 🔻)	91.89% (-0.84% 🔻)

Test suite run failed

Failed tests: 2/83. Failed suites: 1/22.

  ● imageShortcode › should generate an img tag with the correct src and alt, using default class

    TypeError: imageShortcode is not a function

      12 |
      13 |     // Call imageShortcode and capture the result
    > 14 |     const result = await imageShortcode("test-image.jpg", "Test Image");
         |                          ^
      15 |
      16 |     // Ensure the result matches the expected HTML string
      17 |     expect(result).toBe(mockResult); // Check if the result matches the mocked output

      at Object.imageShortcode (_tests/imageShortcode.js:14:26)

  ● imageShortcode › should throw an error if image processing fails

    TypeError: imageShortcode is not a function

      26 |
      27 |     // Test that the error is thrown correctly
    > 28 |     await expect(imageShortcode("test-image.jpg", "Test Image")).rejects.toThrow("Image processing failed");
         |                  ^
      29 |   });
      30 | });
      31 |

      at Object.imageShortcode (_tests/imageShortcode.js:28:18)

Report generated by 🧪jest coverage report action from 6fe5eab

[wesley-dean-gsa]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ REPOSITORY	checkov	yes		no	13.51s
✅ REPOSITORY	gitleaks	yes		no	0.2s
✅ REPOSITORY	git_diff	yes		no	0.14s
✅ REPOSITORY	grype	yes		no	9.76s
✅ REPOSITORY	secretlint	yes		no	2.13s
✅ REPOSITORY	trivy	yes		no	5.39s
✅ REPOSITORY	trufflehog	yes		no	2.31s
✅ YAML	prettier	1	0	0	0.49s
✅ YAML	v8r	1		0	2.17s
✅ YAML	yamllint	1		0	0.22s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by