# SPDX-FileCopyrightText: Copyright (C) 2022 Opal Health Informatics Group at the Research Institute of the McGill University Health Centre <[email protected]>

#

# SPDX-License-Identifier: AGPL-3.0-or-later

exclude: |

(?x)(

^(

\.vscode/launch\.json

|manage\.py

|opal/static/thirdparty/.*/.*

)

)

repos:

- repo: https://github.com/pre-commit/pre-commit-hooks

rev: v6.0.0

hooks:

- id: check-added-large-files

- id: check-merge-conflict

- id: check-shebang-scripts-are-executable

- id: check-json

- id: check-toml

- id: check-yaml

args: ['--unsafe']

- id: name-tests-test

args: ['--django']

- id: double-quote-string-fixer

- id: end-of-file-fixer

- id: trailing-whitespace

- repo: https://github.com/abravalheri/validate-pyproject

rev: v0.25

hooks:

- id: validate-pyproject

- repo: https://github.com/astral-sh/uv-pre-commit

rev: 0.11.7

hooks:

- id: uv-lock

# https://docs.astral.sh/ruff/integrations/#pre-commit

- repo: https://github.com/astral-sh/ruff-pre-commit

rev: v0.15.10

hooks:

# Run the linter with fixes

- id: ruff

args: [--fix]

# Run the formatter

- id: ruff-format

- repo: https://github.com/executablebooks/mdformat

rev: 1.0.0

hooks:

- id: mdformat

args: [--number]

language: python

additional_dependencies:

- mdformat-mkdocs==5.1.4

- mdformat-front-matters==2.0.0

- repo: https://github.com/DavidAnson/markdownlint-cli2

rev: v0.22.0

hooks:

- id: markdownlint-cli2

- repo: https://github.com/adamchainz/django-upgrade

rev: 1.30.0

hooks:

- id: django-upgrade

- repo: https://github.com/fsfe/reuse-tool

rev: v6.2.0

hooks:

- id: reuse-lint-file

- repo: https://github.com/crate-ci/typos

rev: v1.45.1

hooks:

- id: typos

# use local virtual env for flake8 and mypy to reuse the same configuration (and dependencies)

- repo: local

hooks:

- id: no-auto-migrations

name: no auto-named migrations

entry: please provide a descriptive name for migrations

language: fail

files: .*/migrations/.*_auto_.*\.py$

- id: check-form-novalidate

name: check form for novalidate attribute

description: 'Enforce that HTML forms have the novalidate attribute to disable browser validation and force Django form validation'

language: pygrep

types: [html]

exclude: |

(?x)(

opal/questionnaires/templates/questionnaires/export_reports/reports-filter.html

)

# derived from this answer: https://stackoverflow.com/a/17204198

entry: |

<form(?=\s|>)(?!(?:[^>=]|=(['"])(?:(?!\1).)*\1)*?\snovalidate)[^>]*>

- id: mypy

name: mypy

description: static type checking

entry: mypy

language: python

types: [python]

# zizmor detects security vulnerabilities in GitHub Actions workflows.

- repo: https://github.com/woodruffw/zizmor-pre-commit

rev: v1.24.1

hooks:

- id: zizmor

- repo: https://github.com/python-jsonschema/check-jsonschema

rev: 0.37.1

hooks:

- id: check-github-workflows

args: ["--verbose"]

- id: check-compose-spec

args: ["--verbose"]

- id: check-renovate

args: ["--verbose"]

additional_dependencies: ['json5']

# `actionlint` hook, for verifying correct syntax in GitHub Actions workflows.

# Some additional configuration for `actionlint` can be found in `.github/actionlint.yaml`.

- repo: https://github.com/rhysd/actionlint

rev: v1.7.12

hooks:

- id: actionlint

language: golang

additional_dependencies:

# actionlint has a shellcheck integration which extracts shell scripts in `run:` steps from GitHub Actions

# and checks these with shellcheck.

# see also: https://github.com/rhysd/actionlint/pull/482

- "github.com/wasilibs/go-shellcheck/cmd/[email protected]"