-
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.pre-commit-config.yaml
More file actions
103 lines (93 loc) · 3.59 KB
/
.pre-commit-config.yaml
File metadata and controls
103 lines (93 loc) · 3.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
repos:
- repo: builtin
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-json
- id: check-toml
- id: check-yaml
- id: check-merge-conflict
- id: detect-private-key
- id: check-executables-have-shebangs
- repo: https://github.com/Lucas-C/pre-commit-hooks
rev: ad1b27d73581aa16cca06fc4a0761fc563ffe8e8 # frozen: v1.5.6
hooks:
- id: remove-tabs
args: [--whitespaces-count, "2"]
exclude: ^(.+/)*(.+\.go|go\..+|Makefile|.+\.plist)$
- repo: https://github.com/crate-ci/typos
rev: 7c572958218557a3272c2d6719629443b5cc26fd # frozen: v1.45.2
hooks:
- id: typos
- repo: https://github.com/betterleaks/betterleaks
rev: 31746c9420b19a592848b21d6d8977d53cc6da0e # frozen: v1.1.2
hooks:
- id: betterleaks
- repo: https://github.com/rhysd/actionlint
rev: 914e7df21a07ef503a81201c76d2b11c789d3fca # frozen: v1.7.12
hooks:
- id: actionlint
language: golang
additional_dependencies:
- github.com/wasilibs/go-shellcheck/cmd/shellcheck@4e7020840c303923eb1ab846fc446d77be892570 # frozen: v0.11.1
- repo: local
hooks:
- id: pinact
name: Pin versions of Actions and reusable workflows
description: Pin versions of GitHub Actions and reusable workflows
entry: pinact run
args: [--verify]
language: golang
additional_dependencies:
- github.com/suzuki-shunsuke/pinact/v3/cmd/pinact@f8a8e5121cd646e0866ff15f15ad927675b33c8d # frozen: v3.9.2
types: [yaml]
files: ^(\.github/workflows/.+|(.+/)*action)\.ya?ml$
- repo: local
hooks:
- id: ghalint
name: Validate GitHub Actions workflows
description: Check GitHub Actions workflows for security policy compliance
entry: ghalint run
language: golang
additional_dependencies:
- github.com/suzuki-shunsuke/ghalint/cmd/ghalint@99b0e63be7fbd4c30c6d0b3da5b4a94a19ad55e6 # frozen: v1.5.5
types: [yaml]
files: ^\.github/workflows/.+\.ya?ml$
- id: ghalint-act
name: Validate GitHub Actions
description: Check GitHub Actions for security policy compliance
entry: ghalint act
language: golang
additional_dependencies:
- github.com/suzuki-shunsuke/ghalint/cmd/ghalint@99b0e63be7fbd4c30c6d0b3da5b4a94a19ad55e6 # frozen: v1.5.5
types: [yaml]
files: ^(.+/)*action\.ya?ml$
- repo: https://github.com/zizmorcore/zizmor-pre-commit
rev: a4727cbbcd26d7098e96b9cb738169b59711ae51 # frozen: v1.24.1
hooks:
- id: zizmor
args: [--no-config]
- repo: https://github.com/renovatebot/pre-commit-hooks
rev: cbf190d5e31b9e0845b3fb1c0af190927b46e5e3 # frozen: 43.141.2
hooks:
- id: renovate-config-validator
language: bun
language_version: default
files: (^|/).?(renovate(?:rc)?|default|labels)(?:\.json5?)?$
args: [--strict]
- repo: https://github.com/rvben/rumdl-pre-commit
rev: 337703f1835d886f24ee31f27f1f6ef9d909b88f # frozen: v0.1.84
hooks:
- id: rumdl
args: [--fail-on, warning, --disable, "MD013,MD024,MD033,MD036"]
- repo: local
hooks:
- id: shellcheck
name: ShellCheck
description: Static analysis tool for shell scripts
entry: shellcheck
language: golang
additional_dependencies:
- github.com/wasilibs/go-shellcheck/cmd/shellcheck@4e7020840c303923eb1ab846fc446d77be892570 # frozen: v0.11.1
types: [shell]
args: [-e, "SC1071,SC1072,SC1073,SC1090,SC1091,SC2015,SC2148,SC2154"]