@@ -3462,15 +3462,6 @@ lib.escapeShellArgs (lib.concatMap (ext: [ "--ghc-opt" "-X${ext}" ]) hooks.ormol
34623462 ) ;
34633463 files = "(\\ .json$)|(\\ .toml$)|(\\ .mli?$)" ;
34643464 } ;
3465- trim-trailing-whitespace =
3466- {
3467- name = "trim-trailing-whitespace" ;
3468- description = "Trim trailing whitespace." ;
3469- types = [ "text" ] ;
3470- stages = [ "commit" "push" "manual" ] ;
3471- package = tools . pre-commit-hooks ;
3472- entry = "${ hooks . trim-trailing-whitespace . package } /bin/trailing-whitespace-fixer" ;
3473- } ;
34743465 treefmt =
34753466 let
34763467 inherit ( hooks . treefmt ) packageOverrides settings ;
@@ -3496,6 +3487,32 @@ lib.escapeShellArgs (lib.concatMap (ext: [ "--ghc-opt" "-X${ext}" ]) hooks.ormol
34963487 packageOverrides = { treefmt = tools . treefmt ; } ;
34973488 entry = "${ hooks . treefmt . package } /bin/treefmt --fail-on-change" ;
34983489 } ;
3490+ trim-trailing-whitespace =
3491+ {
3492+ name = "trim-trailing-whitespace" ;
3493+ description = "Trim trailing whitespace." ;
3494+ types = [ "text" ] ;
3495+ stages = [ "commit" "push" "manual" ] ;
3496+ package = tools . pre-commit-hooks ;
3497+ entry = "${ hooks . trim-trailing-whitespace . package } /bin/trailing-whitespace-fixer" ;
3498+ } ;
3499+ trufflehog =
3500+ {
3501+ name = "trufflehog" ;
3502+ description = "Secrets scanner" ;
3503+ entry =
3504+ let
3505+ script = pkgs . writeShellScript "precommit-trufflehog" ''
3506+ set -e
3507+ ${ hooks . trufflehog . package } /bin/trufflehog --no-update git "file://$(git rev-parse --show-top-level)" --since-commit HEAD --only-verified --fail
3508+ '' ;
3509+ in
3510+ builtins . toString script ;
3511+ package = tools . trufflehog ;
3512+
3513+ # trufflehog expects to run across the whole repo, not particular files
3514+ pass_filenames = false ;
3515+ } ;
34993516 typos =
35003517 {
35013518 name = "typos" ;
0 commit comments