-
Notifications
You must be signed in to change notification settings - Fork 1
/
.pre-commit-config.yaml
178 lines (158 loc) · 5.21 KB
/
.pre-commit-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
---
# See https://pre-commit.com for more information
# See https://pre-commit.com/hooks.html for more hooks
default_language_version:
python: python3.11
default_stages:
- commit
- push
fail_fast: false
repos:
# ----------------------------------------------------------------------------
# goplicate-start:always
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: check-added-large-files
args:
- --maxkb=500
- --enforce-all
- id: check-case-conflict
- id: check-merge-conflict
- id: check-toml
- id: check-xml
- id: check-yaml
args:
- --allow-multiple-documents
- id: destroyed-symlinks
- id: detect-private-key
- id: end-of-file-fixer
- id: fix-byte-order-marker
- id: mixed-line-ending
args:
- --fix=lf
- id: trailing-whitespace
- repo: https://github.com/skyzyx/git-hooks
rev: 4a2f0dc93e5c5353ed5e619599b0d15e34df88db
hooks:
- id: git-check
- repo: https://github.com/igorshubovych/markdownlint-cli
rev: v0.39.0
hooks:
- id: markdownlint
args:
- --ignore=node_modules
- --ignore=.github
- --ignore=.templates
- --fix
- '**/*.md'
- repo: local
hooks:
- id: editorconfig-checker
name: editorconfig-checker
description: Double-check editorconfig compliance
entry: bash -c 'editorconfig-checker'
language: system
stages: [commit, push]
- id: trufflehog
name: TruffleHog
description: Detect secrets in your data.
entry: bash -c 'trufflehog git file://. --since-commit HEAD --only-verified --fail --json 2>/dev/null | jq "."'
language: system
stages: [commit, push]
- id: trivy-vuln
name: Trivy (Vulnerabilities)
description: Check for security vulnerabilities. (https://trivy.dev)
entry: bash -c 'trivy fs --config trivy-vuln.yaml .'
language: system
stages: [commit, push]
# goplicate-end:always
# ----------------------------------------------------------------------------
# goplicate-start:shell
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: check-executables-have-shebangs
- repo: https://github.com/skyzyx/git-hooks
rev: 4a2f0dc93e5c5353ed5e619599b0d15e34df88db
hooks:
- id: script-must-have-extension
- id: shellcheck
- id: shfmt
args:
- --simplify
- --write
- --language-dialect=auto
- --indent=4
- --case-indent
- --space-redirects
# goplicate-end:shell
# ----------------------------------------------------------------------------
# goplicate-start:python
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: fix-encoding-pragma
args:
- --remove
- id: requirements-txt-fixer
- repo: https://github.com/asottile/pyupgrade
rev: c21b4c4d153be0633357686c7697f539ac194868
hooks:
- id: pyupgrade
args:
- --py311-plus
- repo: https://github.com/asottile/reorder_python_imports
rev: c4fe43d9809f1507508b3aba24ad1a72b5407f58
hooks:
- id: reorder-python-imports
args:
- --py311-plus
# goplicate-end:python
# ----------------------------------------------------------------------------
# goplicate-start:golang
- repo: https://github.com/skyzyx/git-hooks
rev: 4a2f0dc93e5c5353ed5e619599b0d15e34df88db
hooks:
- id: gofumpt
- id: golangci-lint
- repo: local
hooks:
- id: go-consistent
name: 'Go: Consistent Patterns'
description: Analyzes Go packages to identify unnecessary type conversions.
entry: bash -c 'go-consistent ./...'
language: system
stages: [commit, push]
- id: unconvert
name: 'Go: unconvert (current GOOS/GOARCH)'
description: Analyzes Go packages to identify unnecessary type conversions.
entry: bash -c 'unconvert -fastmath -tests -v ./...'
language: system
stages: [commit, push]
- id: smrcptr
name: 'Go: Same Receiver Pointer'
description: Don't mix receiver types. Choose either pointers or struct types for all available methods.
entry: bash -c 'smrcptr -skip-std=true --constructor=true ./...'
language: system
stages: [commit, push]
- id: govulncheck
name: 'Go: Vulnerability check'
description: Check for Go security vulnerabilities. (https://go.dev/blog/vuln)
entry: bash -c 'govulncheck -test ./...'
language: system
stages: [commit, push]
- id: osvscanner
name: OSV Scanner
description: Check for security vulnerabilities. (https://osv.dev)
entry: bash -c 'osv-scanner -r .'
language: system
stages: [commit, push]
# goplicate-end:golang
# ----------------------------------------------------------------------------
# goplicate-start:terraform
- repo: https://github.com/skyzyx/git-hooks
rev: 4a2f0dc93e5c5353ed5e619599b0d15e34df88db
hooks:
- id: terraform-fmt
# goplicate-end:terraform