diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 3a4072a..8daac43 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v5.0.0 + rev: v6.0.0 hooks: - id: check-added-large-files - id: check-case-conflict @@ -13,21 +13,45 @@ repos: - id: trailing-whitespace exclude: \.md$ - id: no-commit-to-branch + - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.11.12 + rev: v0.14.6 hooks: - id: ruff-check args: [--fix] + files: \.py$ - id: ruff-format + files: \.py$ + + - repo: https://github.com/trufflesecurity/trufflehog + rev: v3.91.1 + hooks: + - id: trufflehog + name: TruffleHog Secrets Scanner + entry: trufflehog + language: golang + types_or: [python, yaml, json, text] + args: + [ + "filesystem", + "src", + "tests", + ".github/workflows", + "--results=verified,unknown", + "--exclude-paths=.venv", + "--fail" + ] + stages: ["pre-commit", "pre-push"] - repo: local hooks: - id: ty - name: ty check + name: type checking using ty entry: uvx ty check . language: system types: [python] pass_filenames: false + files: \.py$ - repo: local hooks: @@ -39,19 +63,13 @@ repos: grep -v "^D" | cut -f2- | while IFS= read -r file; do - if [ -f "$file" ] && ["$file" != ".pre-commit-config.yaml"] && grep -q "pruna_pro" "$file"; then - echo "Error: pruna_pro found in staged file $file" - exit 1 - fi + if [ -f "$file" ] && [ "$file" != ".pre-commit-config.yaml" ] && grep -q "pruna_pro" "$file"; then + echo "Error: pruna_pro found in staged file $file" + exit 1 + fi done ' language: system stages: [pre-commit] types: [python] - exclude: "^docs/" - - id: trufflehog - name: TruffleHog - description: Detect secrets in your data. - entry: bash -c 'git diff --cached --name-only | xargs -I {} trufflehog filesystem {} --fail --no-update' - language: system - stages: ["pre-commit", "pre-push"] + files: \.py$