terraphim-ai/.pre-commit-config.yaml at main · terraphim/terraphim-ai · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
# See https://pre-commit.com for more information
# See https://pre-commit.com/hooks.html for more hooks
# This configuration works with pre-commit, prek, and other compatible tools

default_language_version:
  python: python3.9

repos:
  # General code quality hooks
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v6.0.0
    hooks:
      - id: trailing-whitespace
        name: Trim trailing whitespace
      - id: end-of-file-fixer
        name: Fix end of files
      - id: check-yaml
        name: Check YAML syntax
      - id: check-toml
        name: Check TOML syntax
      - id: check-json
        name: Check JSON syntax
      - id: check-case-conflict
        name: Check for case conflicts
      - id: check-merge-conflict
        name: Check for merge conflicts
      - id: debug-statements
        name: Check for debug statements
      - id: detect-private-key
        name: Detect private keys
      - id: check-added-large-files
        name: Check for large files
        args: ['--maxkb=1000']

  # Rust-specific hooks
  - repo: local
    hooks:
      - id: cargo-fmt
        name: Cargo format check
        entry: cargo fmt --all -- --check
        language: system
        types: [rust]
        pass_filenames: false
        description: "Check Rust code formatting with cargo fmt"

      - id: cargo-clippy
        name: Cargo clippy
        entry: cargo clippy --workspace --all-targets -- -D warnings
        language: system
        types: [rust]
        pass_filenames: false
        description: "Run Rust linter with cargo clippy"

      - id: cargo-test
        name: Cargo test
        entry: cargo test --workspace
        language: system
        types: [rust]
        pass_filenames: false
        stages: [manual]
        description: "Run Rust tests (manual stage)"

      - id: cargo-audit
        name: Cargo audit
        entry: cargo audit
        language: system
        pass_filenames: false
        stages: [manual]
        description: "Check for known security vulnerabilities (manual stage)"

  # JavaScript/TypeScript with Biome
  - repo: local
    hooks:
      - id: biome-check
        name: Biome lint and format check
        entry: bash -c 'cd desktop && npx @biomejs/biome check --no-errors-on-unmatched'
        language: system
        files: 'desktop/.*\.(js|ts|tsx|jsx|json|jsonc)$'
        pass_filenames: false
        description: "Check JavaScript/TypeScript formatting and linting with Biome"

      - id: biome-format
        name: Biome format
        entry: bash -c 'cd desktop && npx @biomejs/biome format --write --no-errors-on-unmatched'
        language: system
        files: 'desktop/.*\.(js|ts|tsx|jsx|json|jsonc)$'
        pass_filenames: false
        stages: [manual]
        description: "Auto-format JavaScript/TypeScript with Biome (manual stage)"

  # Disabled: Using native commit-msg hook instead (scripts/hooks/commit-msg)
  # - repo: https://github.com/compilerla/conventional-pre-commit
  #   rev: v4.2.0
  #   hooks:
  #     - id: conventional-pre-commit
  #       name: Conventional commit format
  #       stages: [commit-msg]
  #       args: [
  #         "--strict",
  #         "--scopes=feat,fix,docs,style,refactor,perf,test,chore,build,ci,revert"
  #       ]
  #       description: "Enforce conventional commit message format"

  # Secret detection
  - repo: https://github.com/Yelp/detect-secrets
    rev: v1.5.0
    hooks:
      - id: detect-secrets
        name: Detect secrets
        args: ['--baseline', '.secrets.baseline']
        exclude: .*/tests/.*|.*\.lock$|.*\.sum$|.*yarn\.lock$|.*pnpm-lock\.yaml$|.*/dist/.*|.*/target/.*|crates/terraphim_atomic_client/export.*\.json|crates/terraphim_atomic_client/terraphim_.*\.json|crates/terraphim_atomic_client/commit.*\.json|crates/terraphim_atomic_client/commit.*\.txt|crates/terraphim_atomic_client/.*\.ttl|crates/terraphim_atomic_client/.*\.sh|desktop/.*-config\.json|desktop/package\.json|desktop/package-lock\.kdl|desktop/test.*\.js|logs/.*\.log.*|docs/.*\.md|examples/.*\.md|docs/mermaid\.min\.js|atomic_server_config.*\.json|terraphim_server/default/.*config.*\.json|scripts/.*\.sh$|.*\.rs$|.*\.js\.map$|@.*\.md$|.*\.cjs$|.*README.*\.md$|crates/terraphim_settings/test_settings/.*|terraphim_ai_nodejs/.*|templates/.*\.template$
        description: "Detect secrets in staged code"

# Global exclusions
exclude: |
  (?x)(
    ^target/.*|
    ^desktop/node_modules/.*|
    ^desktop/dist/.*|
    ^desktop/src-tauri/target/.*|
    ^vendor/.*|
    .*\.rs\.bk$|
    ^\.cargo/.*|
    ^artifact/.*
  )