--- repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v6.0.0 hooks: - id: check-added-large-files - id: check-case-conflict - id: check-executables-have-shebangs - id: check-json - id: check-merge-conflict - id: check-shebang-scripts-are-executable - id: check-symlinks - id: check-yaml args: [--allow-multiple-documents] - id: detect-private-key - id: end-of-file-fixer - id: mixed-line-ending args: [--fix=auto] - id: pretty-format-json args: [--autofix, --no-sort-keys] - id: trailing-whitespace args: [--markdown-linebreak-ext=md] # Security scanning - repo: https://github.com/Yelp/detect-secrets rev: v1.5.0 hooks: - id: detect-secrets args: ["--baseline", ".secrets.baseline"] - repo: https://github.com/gitleaks/gitleaks rev: v8.30.0 hooks: - id: gitleaks # Markdown linting - repo: https://github.com/igorshubovych/markdownlint-cli rev: v0.46.0 hooks: - id: markdownlint args: [-c, .markdownlint.json, --fix] # EditorConfig linting - repo: https://github.com/editorconfig-checker/editorconfig-checker.python rev: 3.6.0 hooks: - id: editorconfig-checker alias: ec # YAML linting - repo: https://github.com/adrienverge/yamllint rev: v1.37.1 hooks: - id: yamllint # Shell formatting - repo: https://github.com/scop/pre-commit-shfmt rev: v3.12.0-2 hooks: - id: shfmt args: [-w, -s, -i, "2"] # Shell linting - repo: https://github.com/koalaman/shellcheck-precommit rev: v0.11.0 hooks: - id: shellcheck args: ["--severity=warning"] # GitHub Actions linting - repo: https://github.com/rhysd/actionlint rev: v1.7.9 hooks: - id: actionlint args: ["-shellcheck="] # Security scanning - repo: https://github.com/bridgecrewio/checkov.git rev: '3.2.495' hooks: - id: checkov args: - "--quiet" - "--framework" - "github_actions,yaml"