build: use brew regular detect-secrets (#7036)

.secrets.baseline

@@ -20,6 +20,9 @@
     {
       "name": "CloudantDetector"
     },
+    {
+      "name": "GitHubTokenDetector"
+    },
     {
       "name": "HexHighEntropyString",
       "limit": 3.0
@@ -46,6 +49,9 @@
     {
       "name": "PrivateKeyDetector"
     },
+    {
+      "name": "SendGridDetector"
+    },
     {
       "name": "SlackDetector"
     },
@@ -66,10 +72,6 @@
     {
       "path": "detect_secrets.filters.allowlist.is_line_allowlisted"
     },
-    {
-      "path": "detect_secrets.filters.common.is_baseline_file",
-      "filename": ".secrets.baseline"
-    },
     {
       "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
       "min_level": 2
@@ -356,6 +358,15 @@
         "line_number": 26
       }
     ],
+    "package.json": [
+      {
+        "type": "Secret Keyword",
+        "filename": "package.json",
+        "hashed_secret": "ab9283467434ff078b2cc39edb809de04870b19d",
+        "is_verified": false,
+        "line_number": 40
+      }
+    ],
     "src/app/Scenes/MyCollection/Screens/ArtworkForm/MyCollectionArtworkForm.tests.tsx": [
       {
         "type": "Hex High Entropy String",
@@ -414,5 +425,5 @@
       }
     ]
   },
-  "generated_at": "2022-06-27T13:25:17Z"
+  "generated_at": "2022-07-06T07:59:43Z"
 }

.tool-versions

@@ -1,4 +1,3 @@
 nodejs 14.17.6
 ruby 2.7.4
 java adoptopenjdk-11.0.14+101
-python 3.10.5

Brewfile

@@ -1 +1,2 @@
 brew "jq"
+brew "detect-secrets"

HACKS.md

@@ -14,6 +14,16 @@ Explain why the hack was added.
 
 👀 See comment on top of file for template.
 
+## cleanup-detect-secrets script in postinstall
+
+#### When can we remove this:
+
+We can remove at any point after 20 july 2022.
+
+#### Explanation/Context:
+
+This is just a cleanup script that removes the artsy detect secrets formula from brew, and the python one, both of which we used at some point, but not anymore. good to make sure other devs have the right tool installed in their PATH, and remove any old deps we had.
+
 ## EchoNew.json
 
 #### When can we remove this:

package.json

@@ -36,7 +36,8 @@
     "lint": "tslint 'src/**/*.{ts,tsx}'",
     "open-sim": "open -a Simulator",
     "open-url": "npx uri-scheme open",
-    "postinstall": "yarn init-metaflags; prettier --write package.json; ./scripts/update-echo",
+    "postinstall": "yarn init-metaflags; prettier --write package.json; ./scripts/update-echo; yarn cleanup-detect-secrets",
+    "cleanup-detect-secrets": "brew uninstall artsy/formulas/detect_secrets || true; pip uninstall detect-secrets || true",
     "prepare": "patch-package && husky install",
     "prettier-project": "yarn run prettier-write 'src/**/*.{ts,tsx}'",
     "prettier-write": "prettier --write",

scripts/doctor.js

@@ -123,27 +123,6 @@ const checkPodDependenciesAreUpToDate = () => {
   }
 }
 
-const checkPythonExists = () => {
-  try {
-    exec("python --version")
-    YES(`Your ${g`python`} is ready to go.`)
-  } catch (e) {
-    NO(`You don't have ${r`python`}.`, `Install ${g`python`} first.`)
-  }
-}
-
-const checkPythonDependenciesAreUpToDate = () => {
-  const output = exec("pip freeze -r requirements.txt 2>&1") // the `2>&1` part is so that we bring stderr output to stdout. pip sends errors to stderr, and we need to read them.
-  if (output.includes("is not installed")) {
-    NO(
-      `Your ${r`python dependencies`} are out of sync.`,
-      `Run ${g`yarn install:all`} or ${g`pip install -r requirements.txt`} first.`
-    )
-  } else {
-    YES(`Your ${g`python dependencies`} are ready to go.`)
-  }
-}
-
 const checkDetectSecretsExists = () => {
   try {
     exec("detect-secrets-hook --version")
@@ -168,8 +147,6 @@ const main = async () => {
   await checkNodeDependenciesAreUpToDate()
   // checkPodDependenciesAreUpToDate() // this is broken right now.. pod check is always reporting an error.
 
-  checkPythonExists()
-  checkPythonDependenciesAreUpToDate()
   checkDetectSecretsExists()
 }
 

scripts/install

@@ -6,4 +6,3 @@ bundle check || bundle install
 brew bundle
 yarn install
 yarn pod-install
-pip install -r requirements.txt