dotfiles-core/.pre-commit-config.yaml at master · RandomGenericUsername/dotfiles-core · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
# Pre-commit hooks configuration
# Runs automated checks before each commit to catch issues early
# Install: pre-commit install
# Run manually: pre-commit run --all-files

repos:
  # Basic file checks
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v4.5.0
    hooks:
      - id: trailing-whitespace
        name: Trim trailing whitespace
      - id: end-of-file-fixer
        name: Fix end of file
      - id: check-yaml
        name: Check YAML syntax
      - id: check-json
        name: Check JSON syntax
      - id: check-toml
        name: Check TOML syntax
      - id: check-merge-conflict
        name: Check for merge conflicts
      - id: detect-private-key
        name: Detect private keys
      - id: check-case-conflict
        name: Check for case conflicts
      - id: check-symlinks
        name: Check for broken symlinks

  # Python formatting and linting
  - repo: https://github.com/psf/black
    rev: 24.10.0
    hooks:
      - id: black
        name: Format code with Black
        language_version: python3.12
        args: [--line-length=88]
        stages: [pre-commit]

  # Import sorting
  - repo: https://github.com/PyCQA/isort
    rev: 5.13.2
    hooks:
      - id: isort
        name: Sort imports with isort
        args: [--profile=black, --line-length=88]
        stages: [pre-commit]

  # Ruff linting (checks only, no import sorting)
  - repo: https://github.com/astral-sh/ruff-pre-commit
    rev: v0.8.4
    hooks:
      - id: ruff
        name: Lint with Ruff
        args: [--fix, --line-length=88]
        stages: [pre-commit]
      - id: ruff-format
        name: Format with Ruff (fallback)
        stages: [pre-commit]

  # Type checking with mypy
  - repo: https://github.com/pre-commit/mirrors-mypy
    rev: v1.13.0
    hooks:
      - id: mypy
        name: Type check with mypy
        language_version: python3.12
        args: [--ignore-missing-imports, --disable-error-code=import-untyped]
        stages: [pre-commit]
          # add project-specific type stubs here
          # e.g. types-requests, types-PyYAML, types-toml
        # Exclude test directories to avoid duplicate module errors
        exclude: ^(packages|src)/.*/tests/

  # Security scanning with Bandit
  - repo: https://github.com/PyCQA/bandit
    rev: 1.8.0
    hooks:
      - id: bandit
        name: Security check with Bandit
        args: [-ll]
        stages: [pre-commit]
        # Skip test directories and files
        exclude: ^(packages|src)/.*/tests/|test_.*\.py$
        files: ^(packages|src)/.*\.py$
        additional_dependencies: [pbr]

  # File size checks
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v4.5.0
    hooks:
      - id: check-added-large-files
        name: Check for large files
        args: [--maxkb=1000]
        exclude: ^tests/fixtures/

  # Commit message format enforcement
  - repo: https://github.com/commitizen-tools/commitizen
    rev: v3.29.0
    hooks:
      - id: commitizen
        name: Validate commit message format
        stages: [commit-msg]

  # Branch naming enforcement and full pipeline validation
  - repo: local
    hooks:
      - id: validate-branch-name
        name: Validate branch name
        entry: scripts/hooks/validate-branch.sh
        language: script
        stages: [pre-commit]
        always_run: true
        pass_filenames: false

      - id: validate-ticket-docs
        name: Validate ticket documents exist
        entry: scripts/hooks/validate-ticket-docs.sh
        language: script
        stages: [pre-commit]
        always_run: true
        pass_filenames: false

      - id: pipeline-validation
        name: Validate pipeline locally
        entry: bash -c 'make pipeline'
        language: system
        stages: [manual]  # Run with: pre-commit run pipeline-validation --all-files
        pass_filenames: false
        always_run: true

# Files to exclude from all hooks
exclude: |
  (?x)^(
    _archive_old_implementation|
    htmlcov|
    \.venv|
    venv|
    __pycache__|
    \.pytest_cache|
    \.mypy_cache|
    \.git|
    dist|
    build|
    .*\.egg-info
  )

# Configuration for pre-commit behavior
default_stages: [pre-commit]
fail_fast: false  # Run all hooks even if one fails