forked from semgrep/semgrep
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.pre-commit-config.yaml
130 lines (115 loc) · 3.91 KB
/
.pre-commit-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
exclude: "^semgrep/tests/e2e/(targets|snapshots)|semgrep-core/tests|.*\\.md"
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.1.0
hooks:
- id: check-yaml
args: [--allow-multiple-documents]
exclude: ^semgrep/tests/.+$
- id: end-of-file-fixer
- id: trailing-whitespace
args: [--markdown-linebreak-ext=md]
- id: check-case-conflict
- id: check-added-large-files
- id: check-executables-have-shebangs
- id: check-merge-conflict
- id: check-symlinks
- repo: https://github.com/psf/black
rev: 19.10b0
hooks:
- id: black
- repo: https://github.com/asottile/reorder_python_imports
rev: v2.3.0
hooks:
- id: reorder-python-imports
args: [--py36-plus]
- repo: https://github.com/pre-commit/mirrors-mypy
rev: "v0.782"
hooks:
- id: mypy
exclude: ^semgrep\/tests\/.+$|^setup.py$
args: [--config, mypy.ini]
- repo: https://github.com/pre-commit/mirrors-mypy
rev: "v0.782"
hooks:
- id: mypy
alias: mypy-test
name: mypy (test files)
files: ^semgrep\/tests\/.+$
args: [--config, mypy-tests.ini]
- repo: https://gitlab.com/pycqa/flake8
rev: "3.8.3"
hooks:
- id: flake8
additional_dependencies: ["flake8-bugbear==20.1.4"]
args: ["--select=B,E9,F63,F7,F82"]
- repo: https://github.com/returntocorp/semgrep
rev: 'v0.18.0'
hooks:
- id: semgrep
name: Semgrep Python
types: [python]
exclude: "^semgrep/tests/.+$|^scripts/.+$|^semgrep/setup.py$"
args: ['--config', 'https://semgrep.dev/p/python', '--error']
- repo: https://github.com/returntocorp/semgrep
rev: 'v0.18.0'
hooks:
- id: semgrep
name: Semgrep Bandit
types: [python]
exclude: "^semgrep/tests/.+$|^scripts/.+$|^semgrep/setup.py$"
args: ['--config', 'https://semgrep.dev/p/bandit', '--error']
- repo: https://github.com/returntocorp/semgrep
rev: 'v0.18.0'
hooks:
- id: semgrep
name: Semgrep Local
types: [python]
exclude: "^semgrep/tests/.+$|^scripts/.+$|^semgrep/setup.py$"
# Managed at https://semgrep.dev/mschwager:semgrep-local
args: ['--config', 'https://semgrep.dev/mschwager:semgrep-local', '--error']
- repo: local
hooks:
- id: shellcheck
name: shellcheck
language: docker_image
entry: koalaman/shellcheck:v0.7.1
files: "[.]sh$"
- repo: local
hooks:
- id: hadolint
name: hadolint
language: docker_image
files: "Dockerfile"
entry: hadolint/hadolint:v1.18.0 hadolint
args: ["--ignore", "DL3008", "--ignore", "DL3018"]
# Run develop semgrep. Only used in CI
# To run locally use `pre-commit run --hook-stage manual semgrep-docker-develop`
- repo: https://github.com/returntocorp/semgrep
rev: 'v0.18.0'
hooks:
- id: semgrep-docker-develop
name: Semgrep Develop Python
types: [python]
exclude: "^semgrep/tests/.+$|^scripts/.+$|^semgrep/setup.py$"
args: ['--config', 'https://semgrep.dev/p/python', '--error']
stages: [manual]
- repo: https://github.com/returntocorp/semgrep
rev: 'v0.18.0'
hooks:
- id: semgrep-docker-develop
name: Semgrep Develop Bandit
types: [python]
exclude: "^semgrep/tests/.+$|^scripts/.+$|^semgrep/setup.py$"
args: ['--config', 'https://semgrep.dev/p/bandit', '--error']
stages: [manual]
- repo: https://github.com/returntocorp/semgrep
rev: 'v0.18.0'
hooks:
- id: semgrep-docker-develop
name: Semgrep Develop Local
types: [python]
exclude: "^semgrep/tests/.+$|^scripts/.+$|^semgrep/setup.py$"
# Managed at https://semgrep.dev/mschwager:semgrep-local
args: ['--config', 'https://semgrep.dev/mschwager:semgrep-local', '--error']
stages: [manual]