diff --git a/.coveragerc b/.coveragerc deleted file mode 100644 index c8ab6f74..00000000 --- a/.coveragerc +++ /dev/null @@ -1,3 +0,0 @@ -[repo] -omit = - update_requirements.py diff --git a/.pre-commit-hooks.yaml b/.pre-commit-hooks.yaml index b71169bb..2917a875 100644 --- a/.pre-commit-hooks.yaml +++ b/.pre-commit-hooks.yaml @@ -1,44 +1,44 @@ - id: check-added-large-files name: check for added large files description: prevents giant files from being committed. - entry: check-added-large-files - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-added-large-files + language: docker_image stages: [pre-commit, pre-push, manual] minimum_pre_commit_version: 3.2.0 - id: check-ast name: check python ast description: simply checks whether the files parse as valid python. - entry: check-ast - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-ast + language: docker_image types: [python] - id: check-byte-order-marker name: 'check BOM - deprecated: use fix-byte-order-marker' description: forbids files which have a utf-8 byte-order marker. - entry: check-byte-order-marker - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-byte-order-marker + language: docker_image types: [text] - id: check-builtin-literals name: check builtin type constructor use description: requires literal syntax when initializing empty or zero python builtin types. - entry: check-builtin-literals - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-builtin-literals + language: docker_image types: [python] - id: check-case-conflict name: check for case conflicts description: checks for files that would conflict in case-insensitive filesystems. - entry: check-case-conflict - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-case-conflict + language: docker_image - id: check-docstring-first name: check docstring is first description: checks a common error of defining a docstring after code. - entry: check-docstring-first - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-docstring-first + language: docker_image types: [python] - id: check-executables-have-shebangs name: check that executables have shebangs description: ensures that (non-binary) executables have a shebang. - entry: check-executables-have-shebangs - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-executables-have-shebangs + language: docker_image types: [text, executable] stages: [pre-commit, pre-push, manual] minimum_pre_commit_version: 3.2.0 @@ -50,121 +50,121 @@ - id: check-json name: check json description: checks json files for parseable syntax. - entry: check-json - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-json + language: docker_image types: [json] - id: check-shebang-scripts-are-executable name: check that scripts with shebangs are executable description: ensures that (non-binary) files with a shebang are executable. - entry: check-shebang-scripts-are-executable - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-shebang-scripts-are-executable + language: docker_image types: [text] stages: [pre-commit, pre-push, manual] minimum_pre_commit_version: 3.2.0 - id: pretty-format-json name: pretty format json description: sets a standard for formatting json files. - entry: pretty-format-json - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 pretty-format-json + language: docker_image types: [json] - id: check-merge-conflict name: check for merge conflicts description: checks for files that contain merge conflict strings. - entry: check-merge-conflict - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-merge-conflict + language: docker_image types: [text] - id: check-symlinks name: check for broken symlinks description: checks for symlinks which do not point to anything. - entry: check-symlinks - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-symlinks + language: docker_image types: [symlink] - id: check-toml name: check toml description: checks toml files for parseable syntax. - entry: check-toml - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-toml + language: docker_image types: [toml] - id: check-vcs-permalinks name: check vcs permalinks description: ensures that links to vcs websites are permalinks. - entry: check-vcs-permalinks - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-vcs-permalinks + language: docker_image types: [text] - id: check-xml name: check xml description: checks xml files for parseable syntax. - entry: check-xml - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-xml + language: docker_image types: [xml] - id: check-yaml name: check yaml description: checks yaml files for parseable syntax. - entry: check-yaml - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 check-yaml + language: docker_image types: [yaml] - id: debug-statements name: debug statements (python) description: checks for debugger imports and py37+ `breakpoint()` calls in python source. - entry: debug-statement-hook - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 debug-statement-hook + language: docker_image types: [python] - id: destroyed-symlinks name: detect destroyed symlinks description: detects symlinks which are changed to regular files with a content of a path which that symlink was pointing to. - entry: destroyed-symlinks - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 destroyed-symlinks + language: docker_image types: [file] stages: [pre-commit, pre-push, manual] - id: detect-aws-credentials name: detect aws credentials description: detects *your* aws credentials from the aws cli credentials file. - entry: detect-aws-credentials - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 detect-aws-credentials + language: docker_image types: [text] - id: detect-private-key name: detect private key description: detects the presence of private keys. - entry: detect-private-key - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 detect-private-key + language: docker_image types: [text] - id: double-quote-string-fixer name: fix double quoted strings description: replaces double quoted strings with single quoted strings. - entry: double-quote-string-fixer - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 string-fixer + language: docker_image types: [python] - id: end-of-file-fixer name: fix end of files description: ensures that a file is either empty, or ends with one newline. - entry: end-of-file-fixer - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 end-of-file-fixer + language: docker_image types: [text] stages: [pre-commit, pre-push, manual] minimum_pre_commit_version: 3.2.0 - id: file-contents-sorter name: file contents sorter description: sorts the lines in specified files (defaults to alphabetical). you must provide list of target files as input in your .pre-commit-config.yaml file. - entry: file-contents-sorter - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 file-contents-sorter + language: docker_image files: '^$' - id: fix-byte-order-marker name: fix utf-8 byte order marker description: removes utf-8 byte order marker. - entry: fix-byte-order-marker - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 fix-byte-order-marker + language: docker_image types: [text] - id: fix-encoding-pragma name: fix python encoding pragma (deprecated) description: 'adds # -*- coding: utf-8 -*- to the top of python files.' - language: python - entry: fix-encoding-pragma + language: docker_image + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 fix-encoding-pragma types: [python] - id: forbid-new-submodules name: forbid new submodules description: prevents addition of new git submodules. - language: python - entry: forbid-new-submodules + language: docker_image + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 forbid-new-submodules types: [directory] - id: forbid-submodules name: forbid submodules @@ -175,38 +175,45 @@ - id: mixed-line-ending name: mixed line ending description: replaces or checks mixed line ending. - entry: mixed-line-ending - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 mixed-line-ending + language: docker_image types: [text] - id: name-tests-test name: python tests naming description: verifies that test files are named correctly. - entry: name-tests-test - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 tests-should-end-in-test + language: docker_image files: (^|/)tests/.+\.py$ - id: no-commit-to-branch name: "don't commit to branch" - entry: no-commit-to-branch - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 no-commit-to-branch + language: docker_image pass_filenames: false always_run: true - id: requirements-txt-fixer name: fix requirements.txt description: sorts entries in requirements.txt. - entry: requirements-txt-fixer - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 requirements-txt-fixer + language: docker_image files: (requirements|constraints).*\.txt$ - id: sort-simple-yaml name: sort simple yaml files description: sorts simple yaml files which consist only of top-level keys, preserving comments and blocks. - language: python - entry: sort-simple-yaml + language: docker_image + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 sort-simple-yaml files: '^$' - id: trailing-whitespace name: trim trailing whitespace description: trims trailing whitespace. - entry: trailing-whitespace-fixer - language: python + entry: artifactory.adtran.com/docker/pre-commit-hooks:5.0.0-1 trailing-whitespace-fixer + language: docker_image types: [text] stages: [pre-commit, pre-push, manual] minimum_pre_commit_version: 3.2.0 + +# Adtran-specific hook +- id: gitleaks-docker + name: Detect hardcoded secrets + description: Detect hardcoded secrets using Gitleaks + entry: artifactory.adtran.com/docker/gitleaks/gitleaks:v8.24.0 dir --verbose --redact + language: docker_image diff --git a/CHANGELOG.md b/CHANGELOG.md index e1655740..b6c7b7b9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,11 @@ +5.0.0.1 - 2025-03-24 +==================== + +### Features + +- All hooks should be build reproducible +- Add Adtran-specific `gitleaks-docker` hook + 5.0.0 - 2024-10-05 ================== diff --git a/DEVELOPER.md b/DEVELOPER.md index 78a01c7a..8107f39b 100644 --- a/DEVELOPER.md +++ b/DEVELOPER.md @@ -1,24 +1,26 @@ # Developing +## Dependencies + +Remove any `install_requires` dependencies in `setup.cfg` and add/replace them +in `requirements-dev.txt`. + ## Installing -You will need to install `tox` like this: +You will need to install `tox` like this (if it is not already installed): ``` -python3 -m pip install --user tox +./install-tox.sh ``` ## Testing +### Run All Tests + ``` -tox -e pre-commit -tox -e py36 -tox -e py37 -tox -e py38 +./run-tests.sh ``` -## Update requirements in setup.cfg +### Run Specific Tests -``` -tox -e py36-update-requirements -``` +See the commands in `run-tests.sh` and run one or more of them manually. diff --git a/README.md b/README.md index f35c706c..5e23484f 100644 --- a/README.md +++ b/README.md @@ -211,6 +211,11 @@ Trims trailing whitespace. - By default, this hook trims all whitespace from the ends of lines. To specify a custom set of characters to trim instead, use `args: [--chars,""]`. +### Adtran-specific hooks + +#### `gitleaks-docker` +Detects hardcoded secrets. + ### Deprecated / replaced hooks - `check-byte-order-marker`: instead use fix-byte-order-marker diff --git a/install-tox.sh b/install-tox.sh new file mode 100755 index 00000000..68ba1b03 --- /dev/null +++ b/install-tox.sh @@ -0,0 +1,14 @@ +#!/bin/bash +set -e +if command -V tox >/dev/null +then + echo "tox is already installed" +else + echo "Installing tox" + mkdir -p ~/.local/bin/ ~/virtualenvs + virtualenv ~/virtualenvs/tox + . ~/virtualenvs/tox/bin/activate + pip install tox + deactivate + ln -s ~/virtualenvs/tox/bin/tox ~/.local/bin/tox +fi diff --git a/requirements-dev.txt b/requirements-dev.txt index 0c5a37eb..b7dba05d 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,3 +1,7 @@ covdefaults coverage pytest + +# Removed from setup.cfg +ruamel.yaml>=0.15 +tomli>=1.1.0;python_version<"3.11" diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index e23bb5f4..00000000 --- a/requirements.txt +++ /dev/null @@ -1,2 +0,0 @@ -ruamel.yaml>=0.15 -toml diff --git a/run-tests.sh b/run-tests.sh new file mode 100755 index 00000000..ed64a0e9 --- /dev/null +++ b/run-tests.sh @@ -0,0 +1,9 @@ +#!/bin/bash +set -ex +tox -e pre-commit +tox -e check +tox -e py38 -- -vvl +tox -e py39 -- -vvl +tox -e py310 -- -vvl +tox -e py311 -- -vvl +tox -e py312 -- -vvl diff --git a/setup.cfg b/setup.cfg index a0d67f82..65a6b895 100644 --- a/setup.cfg +++ b/setup.cfg @@ -1,6 +1,6 @@ [metadata] name = pre_commit_hooks -version = 5.0.0 +version = 5.0.0.1 description = Some out-of-the-box hooks for pre-commit. long_description = file: README.md long_description_content_type = text/markdown @@ -18,9 +18,6 @@ classifiers = [options] packages = find: -install_requires = - ruamel.yaml>=0.15 - tomli>=1.1.0;python_version<"3.11" python_requires = >=3.8 [options.packages.find] diff --git a/tox.ini b/tox.ini index 795cfcaa..f9693394 100644 --- a/tox.ini +++ b/tox.ini @@ -1,5 +1,5 @@ [tox] -envlist = py,pre-commit +envlist = py,pre-commit,check [testenv] deps = -rrequirements-dev.txt @@ -18,10 +18,12 @@ skip_install = true deps = pre-commit commands = pre-commit run --all-files --show-diff-on-failure -[testenv:py36-update-requirements] -skip_install = true -deps = -rrequirements.txt -commands = python update_requirements.py +[testenv:check] +allowlist_externals = bash +deps = + pre-commit + -rrequirements-dev.txt +commands = bash -c 'SKIP=check-vcs-permalinks,detect-aws-credentials,detect-private-key,fix-encoding-pragma,pretty-format-json,gitleaks-docker pre-commit try-repo . --all-files' [pep8] ignore=E265,E501,W504 diff --git a/update_requirements.py b/update_requirements.py deleted file mode 100644 index 19f8c3e8..00000000 --- a/update_requirements.py +++ /dev/null @@ -1,39 +0,0 @@ -from __future__ import annotations - -import os -import subprocess -from configparser import ConfigParser - -print('*** Generate requirements.lock ***') -subprocess.run('pip freeze >requirements.lock', shell=True, check=True) -with open('requirements.lock') as f: - requirements = [ - line for line in f.read().strip().splitlines() - if not line.startswith('pre-commit') - ] - print('\n'.join(requirements)) - -os.remove('requirements.lock') -print() - -# Read setup.cfg, replace install_requires value with requirements.lock, and -# write setup.cfg -parser = ConfigParser() -parser.read('setup.cfg') -requirements_str = ''.join(f'\n{requirement}' for requirement in requirements) -parser.set('options', 'install_requires', requirements_str) -with open('setup.cfg', 'w') as f: - parser.write(f) - -# Clean up setup.cfg -with open('setup.cfg') as f: - setup_cfg = [ - line.replace('\t', ' ').rstrip() - for line in f.read().splitlines() - ] - - -with open('setup.cfg', 'w') as f: - f.write('\n'.join(setup_cfg)) - -print('setup.cfg has been updated. Please commit this change')