-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy path.pre-commit-config.yaml
More file actions
73 lines (60 loc) · 2.41 KB
/
.pre-commit-config.yaml
File metadata and controls
73 lines (60 loc) · 2.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# Added pre-commit to check if __init__.py is added to the src folder
# install using `pre-commit install`
# skip using `git commit -m "message" --no-verify`
default_stages: [pre-commit, pre-push]
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: check-ast # checks python files for parseable syntax.
- id: check-vcs-permalinks # ensures that links to files in VCS repos are permalinks.
- id: debug-statements # checks for print, pdb, and ipdb statements.
- id: check-yaml # checks yaml files for parseable syntax.
- id: check-json # checks json files for parseable syntax
- id: check-added-large-files # check for files above certain size (as likely to be data files)
args: ['--maxkb=500']
exclude: (^uv\.lock$|.*\.ipynb$|.*\.png$|.*\.jpg$)
- id: detect-private-key # detects the presence of private keys.
- id: check-case-conflict # check for files that would conflict in case-insensitive file systems.
- id: check-merge-conflict # check for files that contain merge conflict strings.
- id: detect-private-key # detects the presence of private keys.
- repo: https://github.com/Yelp/detect-secrets
rev: v1.5.0
hooks:
- id: detect-secrets
- repo: https://github.com/kynan/nbstripout
rev: 0.7.1
hooks:
- id: nbstripout
- repo: https://github.com/astral-sh/ruff-pre-commit
rev: v0.13.2
hooks:
# Run the linter.
- id: ruff-check
args: [ --fix ]
# Run the formatter.
- id: ruff-format
- repo: local
hooks:
- id: deptry-uv
name: deptry (uv)
language: system
pass_filenames: false # deptry expects a project path, not filenames
entry: uv run deptry --per-rule-ignores "DEP003=plum,DEP004=quartodoc|numpydoc" .
- id: forbid-new-init
name: Check if __init__.py is added to the src folder
entry: python
language: fail
files: ^src/__init__.py$
- id: local-vulnerability-detection
name: scan code with bandit
entry: make check-python-security
language: system
- id: setup-gitleaks
name: Grab the gitleaks Docker image
entry: make setup-gitleaks
language: system
- id: run-gitleaks
name: Check commits for secrets, using gitleaks Docker image
entry: make run-gitleaks
language: system