# 🔍 Gitleaks Pre-commit Hook

This custom pre-commit hook runs [Gitleaks](https://github.com/gitleaks/gitleaks) to generate reports in **HTML** (using customizable templates) or **JSON**, with optional rules.

## 🚀 Usage

Add this repo to your `.pre-commit-config.yaml`:

```yaml
- repo: https://git.fridu.us/heckyel/gitleaks-pre-commit-hook
  rev: v1.0.0
  hooks:
    - id: gitleaks-template-report
      # Basic usage (default gitleaks rules)
      args: ["--format=html"]

      # With internal rules from this repo
      # args: ["--format=html", "--rules-internal"]

      # With external rules
      # args: ["--format=html", "--rules-external", "--config=path/to/gitleaks.toml"]
```

> ⚠️ When using `--format=json`, the `--template` option is ignored.

---

### 🧩 Available parameters

| Parameter             | Description                                                                     |
| --------------------- | ------------------------------------------------------------------------------- |
| `--template=NAME`     | Choose the HTML report template (default: `leet`)                               |
| `--format=html\|json` | Output format (`html` by default, or `json`)                                    |
| `--redact`            | Redacts detected secrets (replaces them with `***`) in reports                  |
| `--force`             | Forces the reinstallation of Gitleaks (useful for debugging or broken versions) |
| `--version=VERSION`   | Specifies the version of Gitleaks to install (default: `v8.27.0`)               |
| `--rules-internal`    | Uses the internal rules file (`rules/gitleaks.toml`)                            |
| `--rules-external`    | Requires `--config` to specify an external rules file                           |
| `--config=FILE`       | Path to custom rules file (requires `--rules-external`)                         |

**Rules Behavior:**

- By default: Uses gitleaks' built-in rules only
- With `--rules-internal`: Uses the internal rules file
- With `--rules-external --config=FILE`: Uses the specified external rules file

---

### 🎨 Available HTML templates (`--format=html`)

| Template name | Output file                   |
| ------------- | ----------------------------- |
| `leet`        | `.pre-commit/gitleaks/report/index.html` |
| `basic`       | `.pre-commit/gitleaks/report/index.html` |
| `myspace`     | `.pre-commit/gitleaks/report/index.html` |
| `w98`         | `.pre-commit/gitleaks/report/index.html` |
| `wxp`         | `.pre-commit/gitleaks/report/index.html` |

> ⚠️ The output file is always named `index.html` regardless of the selected template.

---

### 📂 Output files

**HTML format:**

```sh
.pre-commit/gitleaks/report/
├── index.html
```

**JSON format:**

```sh
.pre-commit/gitleaks/report/
├── report.json
```

---

## ✅ Requirements

- `gitleaks` must be installed and available in your `PATH`
- The rules file must exist if specified via `--config` with `--rules-external`

---

## 🛠️ Dev setup

```bash
pre-commit install
pre-commit run --all-files
```

---

## 📝 License

[GNUv3 or later](LICENSE)