-
Notifications
You must be signed in to change notification settings - Fork 16
Expand file tree
/
Copy path.pre-commit-config.yaml
More file actions
116 lines (105 loc) · 3.22 KB
/
.pre-commit-config.yaml
File metadata and controls
116 lines (105 loc) · 3.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
# Pre-commit hooks configuration for OpenTranscribe
# See https://pre-commit.com for more information
repos:
# General pre-commit hooks
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
hooks:
- id: trailing-whitespace
exclude: ^security-reports/
- id: end-of-file-fixer
exclude: ^security-reports/
- id: check-yaml
args: [--unsafe] # Allow custom YAML tags in docker-compose
- id: check-json
exclude: ^security-reports/
- id: check-added-large-files
args: [--maxkb=10240] # 10MB max file size
- id: check-merge-conflict
- id: check-toml
- id: mixed-line-ending
args: [--fix=lf]
exclude: ^security-reports/
- id: check-executables-have-shebangs
- id: check-shebang-scripts-are-executable
# Python formatting and linting with Ruff (replaces Black, isort, flake8)
- repo: https://github.com/astral-sh/ruff-pre-commit
rev: v0.14.0
hooks:
- id: ruff
args: [--fix, --show-fixes]
files: ^backend/
- id: ruff-format
files: ^backend/
# Python type checking
- repo: https://github.com/pre-commit/mirrors-mypy
rev: v1.8.0
hooks:
- id: mypy
files: ^backend/
additional_dependencies:
- types-requests
- types-python-dateutil
- types-pyyaml
- types-redis
args: [--ignore-missing-imports, --check-untyped-defs]
# Frontend formatting with Prettier
- repo: https://github.com/pre-commit/mirrors-prettier
rev: v3.1.0
hooks:
- id: prettier
files: ^frontend/
types_or: [javascript, jsx, ts, tsx, json, yaml, html, css, scss, markdown]
args: [--write, --ignore-unknown]
# Frontend type checking and build verification
- repo: local
hooks:
- id: frontend-check
name: Frontend Build Verification
entry: scripts/frontend-check.sh
language: system
files: ^frontend/src/
types_or: [svelte, ts, javascript, css, html]
pass_filenames: false
stages: [pre-commit]
verbose: true
# Dockerfile linting
- repo: https://github.com/hadolint/hadolint
rev: v2.12.0
hooks:
- id: hadolint-docker
name: Lint Dockerfiles
files: Dockerfile.*
entry: hadolint
language: system
# Secret detection
- repo: https://github.com/gitleaks/gitleaks
rev: v8.18.1
hooks:
- id: gitleaks
args: [--verbose, --no-banner]
exclude: ^security-reports/
# Python security linting
- repo: https://github.com/PyCQA/bandit
rev: 1.7.7
hooks:
- id: bandit
files: ^backend/
args: [-c, pyproject.toml, -r, backend/]
additional_dependencies: ["bandit[toml]"]
# Shell script linting
- repo: https://github.com/shellcheck-py/shellcheck-py
rev: v0.9.0.6
hooks:
- id: shellcheck
args: [--severity=warning]
# Commit message linting (optional)
- repo: https://github.com/compilerla/conventional-pre-commit
rev: v3.0.0
hooks:
- id: conventional-pre-commit
stages: [commit-msg]
args: [--force-scope]
# Configuration for specific hooks
default_stages: [pre-commit]
fail_fast: false