-
Notifications
You must be signed in to change notification settings - Fork 0
/
.pre-commit-config.yaml
111 lines (111 loc) · 4.16 KB
/
.pre-commit-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
# git hooks by default run on pre-commit
# specify the stage to run the hook on
# https://stackoverflow.com/questions/63820683/with-pre-commit-how-to-use-some-hooks-before-commit-and-others-before-push
# https://medium.com/@iyerajiv/enforcing-conventional-commit-shift-left-5b9771cdaf47
#
# Stages: [commit, commit-msg, push]
# commit[pre-commit]: run the hook on pre-commit, before the commit is made
# commit-msg[commit-msg]: run the hook on commit-msg, after the commit message is written but before the commit is made
# push[pre-push]: run the hook on pre-push, before the push is made
#
# See https://pre-commit.com for more information
# See https://pre-commit.com/hooks.html for more hooks
repos:
# built in hooks from pre-commit
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: d0293ebc40f6c0606d624ee4c638c7597f8044d2 # pragma: allowlist secret
hooks:
# on spotless
- id: trailing-whitespace
stages: [commit]
# yaml and json in spotless too for format
- id: check-yaml
stages: [commit]
- id: check-xml
stages: [commit]
- id: check-toml
stages: [commit]
- id: check-json
stages: [commit]
- id: end-of-file-fixer
stages: [commit]
- id: check-added-large-files
stages: [commit]
- id: check-case-conflict
stages: [commit]
- id: check-illegal-windows-names
stages: [commit]
- id: check-executables-have-shebangs
stages: [commit]
# - id: check-illegal-windows-names # not working
- id: check-merge-conflict
stages: [commit]
- id: check-shebang-scripts-are-executable
stages: [commit]
- id: detect-private-key
stages: [commit]
# gitleaks and detect-secrets hooks
- repo: https://github.com/gitleaks/gitleaks
rev: 79cac73f7267f4a48f4bc73db11e105a6098a836 # pragma: allowlist secret
hooks:
- id: gitleaks
stages: [commit]
- repo: https://github.com/Yelp/detect-secrets
rev: 52759b86b8e311a8ba0e8d464001b1bf353f54f8 # pragma: allowlist secret
hooks:
- id: detect-secrets
stages: [commit]
args: ['--baseline', '.secrets.baseline']
exclude: package.lock.json
# WARN: archive, broken
# prettier and eslint hooks should be run with lint-staged
# - repo: https://github.com/pre-commit/mirrors-prettier
# rev: '' # Use the sha or tag you want to point at
# hooks:
# - id: prettier
# stages: [commit]
# Custom hooks, local scripts
# https://stackoverflow.com/questions/59499061/how-to-run-custom-shell-script-file-before-pre-commit-hook
- repo: local
hooks:
# lint commit messages to prevent bad commits
# since we aren't intercepting commits, we can't prevent bad messages
# It is recommended to commit by using `npm run commit` to enforce the commit message format
- id: commit-lint
name: commit-lint
entry: pnpm commitlint
language: system
stages: [commit-msg]
# gradle - java specific hooks
# We could use spotlessApply to format the code automatically
# but it's bad practice to modify code before commit
# (changing the intention and content of the commit).
# it's better to tell the developer to run spotlessApply before commit
# and make sure everything is ok
# ---- PRE PUSH ----
# executes check, checks everything (spotless, checkstyle)
# - id: gradle-check
# name: gradle-check
# entry: node scripts/gradlew.cjs --lint
# pass_filenames: false
# language: system
# stages: [commit]
- id: lint-staged
name: lint-staged
entry: pnpm lint-staged
pass_filenames: false
language: system
stages: [commit]
# executes the build (which includes tests and check)
# - id: gradle-check-build
# name: gradle-check-build
# entry: node scripts/gradlew.cjs --build
# pass_filenames: false
# language: system
# stages: [push]
- id: lint-test-build
name: lint-test-build
entry: pnpm lint-all
pass_filenames: false
language: system
stages: [push]