.pre-commit-config.yaml•4.11 kB
repos:
# Pre-commit hooks for general files
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.6.0
hooks:
- id: trailing-whitespace
exclude: \.md$
- id: end-of-file-fixer
exclude: \.md$
- id: check-merge-conflict
- id: check-case-conflict
- id: check-json
exclude: ^\.vscode/
- id: check-yaml
args: ['--unsafe'] # Allow custom YAML tags
- id: check-toml
- id: check-xml
- id: mixed-line-ending
args: ['--fix=lf']
- id: check-executables-have-shebangs
- id: check-shebang-scripts-are-executable
- id: detect-private-key
- id: check-added-large-files
args: ['--maxkb=1000']
# Prettier for code formatting
- repo: https://github.com/pre-commit/mirrors-prettier
rev: v4.0.0-alpha.8
hooks:
- id: prettier
types_or: [javascript, ts, json, yaml, markdown]
exclude: |
(?x)^(
package-lock\.json|
\.vscode/.*|
examples/.*|
CHANGELOG\.md
)$
# ESLint for TypeScript/JavaScript linting
- repo: local
hooks:
- id: eslint
name: ESLint
entry: pnpm run lint
language: system
types: [ts, javascript]
require_serial: true
pass_filenames: false
# TypeScript type checking
- repo: local
hooks:
- id: typescript-check
name: TypeScript Check
entry: pnpm run typecheck
language: system
types: [ts]
require_serial: true
pass_filenames: false
# Tests (quick run for changed files)
- repo: local
hooks:
- id: vitest-related
name: Test Related Files
entry: pnpm run test
language: system
types: [ts, javascript]
require_serial: true
pass_filenames: false
args: [--run, --reporter=verbose, --passWithNoTests]
# Actionlint for GitHub Actions
# - repo: https://github.com/rhymond/actionlint
# rev: v1.7.4
# hooks:
# - id: actionlint
# args: [-color, -verbose]
# Security scanning
- repo: https://github.com/Yelp/detect-secrets
rev: v1.5.0
hooks:
- id: detect-secrets
args: ['--baseline', '.secrets.baseline']
exclude: |
(?x)^(
\.secrets\.baseline|
package-lock\.json|
examples/.*
)$
# Conventional Commits
- repo: https://github.com/compilerla/conventional-pre-commit
rev: v3.6.0
hooks:
- id: conventional-pre-commit
stages: [commit-msg]
args: [optional-scope]
# Dockerfile linting (if we add Dockerfiles later)
- repo: https://github.com/hadolint/hadolint
rev: v2.13.0-beta
hooks:
- id: hadolint
args: [--ignore, DL3008, --ignore, DL3009]
# Shell script linting
- repo: https://github.com/shellcheck-py/shellcheck-py
rev: v0.10.0.1
hooks:
- id: shellcheck
args: [-e, SC1091] # Ignore sourcing of non-existent files
# Python script linting (for our changelog generator)
- repo: https://github.com/psf/black
rev: 24.8.0
hooks:
- id: black
language_version: python3
types: [python]
# Additional security checks (optional - requires GitGuardian account)
# - repo: https://github.com/gitguardian/ggshield
# rev: v1.32.0
# hooks:
# - id: ggshield
# name: GitGuardian Security Check
# entry: ggshield secret scan pre-commit
# language: python
# stages: [commit]
# pass_filenames: false
# Configure pre-commit behavior
default_install_hook_types: [pre-commit, commit-msg, pre-push]
default_stages: [pre-commit]
# Additional configuration
minimum_pre_commit_version: '3.0.0'
ci:
autofix_commit_msg: |
[pre-commit.ci] auto fixes from pre-commit hooks
for more information, see https://pre-commit.ci
autofix_prs: true
autoupdate_branch: ''
autoupdate_commit_msg: '[pre-commit.ci] pre-commit autoupdate'
autoupdate_schedule: weekly
skip: []
submodules: false