Skip to content

fix(hooks): use strings for binary file scanning in pre-push#266

Merged
John-David Dalton (jdalton) merged 1 commit intomainfrom
fix/hooks-strings-binary-scanning
Apr 14, 2026
Merged

fix(hooks): use strings for binary file scanning in pre-push#266
John-David Dalton (jdalton) merged 1 commit intomainfrom
fix/hooks-strings-binary-scanning

Conversation

@jdalton
Copy link
Copy Markdown
Collaborator

@jdalton John-David Dalton (jdalton) commented Apr 14, 2026

Summary

  • Use strings command for binary files (WASM, .lockb, etc) instead of raw grep to properly detect embedded paths and secrets
  • Guard strings/cat command substitutions with || echo "" to prevent set -e silent abort if strings is not installed (e.g. minimal Docker/CI images)

Test plan

  • Verify pre-push hook runs without error on normal push
  • Verify hook correctly scans binary files for embedded secrets

@jdalton
fix(hooks): guard strings/cat against set -e abort in pre-push
9de3cfc 
Add || echo "" fallback to strings and cat command substitutions.
Without this, if strings is not installed (e.g. minimal Docker/CI
images), set -e silently aborts the script with exit 127, blocking
the push with no message.
@jdalton John-David Dalton (jdalton) force-pushed the fix/hooks-strings-binary-scanning branch from ae37fe2 to 9de3cfc Compare April 14, 2026 01:38
@jdalton John-David Dalton (jdalton) merged commit b1e3b70 into main Apr 14, 2026
13 checks passed
@jdalton John-David Dalton (jdalton) deleted the fix/hooks-strings-binary-scanning branch April 14, 2026 01:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jdalton