fail_fast: false
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: check-toml
- id: check-yaml
args: ["--unsafe"] # only check syntax for yaml files
- id: check-json
- id: mixed-line-ending
files: "\\.(py|txt|yaml|json|md|toml|lock|cfg|html|sh|js|yml)$"
- id: trailing-whitespace
files: "\\.(py|txt|yaml|json|md|toml|lock|cfg|html|sh|js|yml)$"
- id: end-of-file-fixer
- id: check-added-large-files
args: ["--maxkb=1000"]
- id: check-case-conflict
- id: requirements-txt-fixer
- repo: https://github.com/psf/black
rev: 23.10.1
hooks:
- id: black
args: [--config=pyproject.toml]
- repo: https://github.com/charliermarsh/ruff-pre-commit
# Ruff version.
rev: "v0.1.2"
hooks:
- id: ruff
args: [--fix, --exit-non-zero-on-fix, "--config=pyproject.toml"] # enable autofix
- repo: https://github.com/pre-commit/mirrors-mypy
rev: v1.6.1
hooks:
- id: mypy
args: ["--config-file=pyproject.toml"]
exclude: ^tests/
- repo: https://github.com/crate-ci/typos
rev: typos-dict-v0.11.2
hooks:
- id: typos
args: [--config=pyproject.toml]
pass_filenames: false
- repo: https://github.com/PyCQA/bandit
rev: 1.7.8
hooks:
- id: bandit
args: ["--config=pyproject.toml"]
additional_dependencies: ["bandit[toml]"]
- repo: local
hooks:
- id: trufflehog
name: TruffleHog
description: Detect secrets in your data.
entry: bash -c 'docker run --rm -v "$(pwd):/workdir" -i --rm trufflesecurity/trufflehog:latest git file:///workdir --since-commit HEAD --only-verified --fail'
language: system
stages: ["pre-commit", "pre-push"]
