-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.pre-commit-config.yaml
153 lines (136 loc) · 4.54 KB
/
.pre-commit-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
---
# See https://pre-commit.com for more information
# See https://pre-commit.com/hooks.html for more hooks
default_language_version:
python: python3.11
default_stages:
- commit
- push
fail_fast: false
repos:
# ----------------------------------------------------------------------------
# goplicate-start:always
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: check-added-large-files
args:
- --maxkb=500
- --enforce-all
- id: check-case-conflict
- id: check-merge-conflict
- id: check-toml
- id: check-xml
- id: check-yaml
args:
- --allow-multiple-documents
- id: destroyed-symlinks
- id: detect-private-key
- id: end-of-file-fixer
- id: fix-byte-order-marker
- id: mixed-line-ending
args:
- --fix=lf
- id: trailing-whitespace
- repo: https://github.com/skyzyx/git-hooks
rev: 4a2f0dc93e5c5353ed5e619599b0d15e34df88db
hooks:
- id: git-check
- repo: https://github.com/igorshubovych/markdownlint-cli
rev: v0.39.0
hooks:
- id: markdownlint
args:
- --ignore=node_modules
- --ignore=.github
- --ignore=.templates
- --fix
- '**/*.md'
- repo: local
hooks:
- id: editorconfig-checker
name: editorconfig-checker
description: Double-check editorconfig compliance
entry: bash -c 'editorconfig-checker'
language: system
stages: [commit, push]
- id: trufflehog
name: TruffleHog
description: Detect secrets in your data.
entry: bash -c 'trufflehog git file://. --since-commit HEAD --only-verified --fail --json 2>/dev/null | jq "."'
language: system
stages: [commit, push]
- id: trivy-vuln
name: Trivy (Vulnerabilities)
description: Check for security vulnerabilities. (https://trivy.dev)
entry: bash -c 'trivy fs --config trivy-vuln.yaml .'
language: system
stages: [commit, push]
# goplicate-end:always
# ----------------------------------------------------------------------------
# goplicate-start:shell
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: check-executables-have-shebangs
- repo: https://github.com/skyzyx/git-hooks
rev: 4a2f0dc93e5c5353ed5e619599b0d15e34df88db
hooks:
- id: script-must-have-extension
- id: shellcheck
- id: shfmt
args:
- --simplify
- --write
- --language-dialect=auto
- --indent=4
- --case-indent
- --space-redirects
# goplicate-end:shell
# ----------------------------------------------------------------------------
# goplicate-start:golang
- repo: https://github.com/skyzyx/git-hooks
rev: 4a2f0dc93e5c5353ed5e619599b0d15e34df88db
hooks:
- id: gofumpt
- id: golangci-lint
- repo: local
hooks:
- id: go-consistent
name: 'Go: Consistent Patterns'
description: Analyzes Go packages to identify unnecessary type conversions.
entry: bash -c 'go-consistent ./...'
language: system
stages: [commit, push]
- id: unconvert
name: 'Go: unconvert (current GOOS/GOARCH)'
description: Analyzes Go packages to identify unnecessary type conversions.
entry: bash -c 'unconvert -fastmath -tests -v ./...'
language: system
stages: [commit, push]
- id: smrcptr
name: 'Go: Same Receiver Pointer'
description: Don't mix receiver types. Choose either pointers or struct types for all available methods.
entry: bash -c 'smrcptr -skip-std=true --constructor=true ./...'
language: system
stages: [commit, push]
- id: govulncheck
name: 'Go: Vulnerability check'
description: Check for Go security vulnerabilities. (https://go.dev/blog/vuln)
entry: bash -c 'govulncheck -test ./...'
language: system
stages: [commit, push]
- id: osvscanner
name: OSV Scanner
description: Check for security vulnerabilities. (https://osv.dev)
entry: bash -c 'osv-scanner -r .'
language: system
stages: [commit, push]
# goplicate-end:golang
# ----------------------------------------------------------------------------
# goplicate-start:terraform
- repo: https://github.com/skyzyx/git-hooks
rev: 4a2f0dc93e5c5353ed5e619599b0d15e34df88db
hooks:
- id: terraform-fmt
# goplicate-end:terraform