diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 00000000..f7d672a7
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,7 @@
+repos:
+    -   repo: git@github.com:Yelp/detect-secrets
+        rev: v0.13.1
+        hooks:
+        -   id: detect-secrets
+            args: ['--baseline', '.secrets.baseline']
+            exclude: .*/tests/.*
diff --git a/.secrets.baseline b/.secrets.baseline
new file mode 100644
index 00000000..c36875fa
--- /dev/null
+++ b/.secrets.baseline
@@ -0,0 +1,76 @@
+{
+  "exclude": {
+    "files": "package-lock.json",
+    "lines": ".*integrity.*"
+  },
+  "generated_at": "2020-07-20T18:09:58Z",
+  "plugins_used": [
+    {
+      "name": "AWSKeyDetector"
+    },
+    {
+      "name": "ArtifactoryDetector"
+    },
+    {
+      "base64_limit": 4.5,
+      "name": "Base64HighEntropyString"
+    },
+    {
+      "name": "BasicAuthDetector"
+    },
+    {
+      "name": "CloudantDetector"
+    },
+    {
+      "hex_limit": 3,
+      "name": "HexHighEntropyString"
+    },
+    {
+      "name": "IbmCloudIamDetector"
+    },
+    {
+      "name": "IbmCosHmacDetector"
+    },
+    {
+      "name": "JwtTokenDetector"
+    },
+    {
+      "keyword_exclude": null,
+      "name": "KeywordDetector"
+    },
+    {
+      "name": "MailchimpDetector"
+    },
+    {
+      "name": "PrivateKeyDetector"
+    },
+    {
+      "name": "SlackDetector"
+    },
+    {
+      "name": "SoftlayerDetector"
+    },
+    {
+      "name": "StripeDetector"
+    },
+    {
+      "name": "TwilioKeyDetector"
+    }
+  ],
+  "results": {
+    "jest.config.js": [
+      {
+        "hashed_secret": "3b8e4fd74bac59d2a0d13f0345013d0d14a344d0",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 15,
+        "type": "Base64 High Entropy String"
+      }
+    ]
+  },
+  "version": "0.13.1",
+  "word_list": {
+    "file": null,
+    "hash": null
+  }
+}