ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-05-06 08:47:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(pre-commit): add priority tiers to .pre-commit-config.yaml (#10842)

Browse Source 
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Adrián Tomás
2026-04-30 12:33:09 +02:00
committed by GitHub
parent 4fb5272362
commit 85800f2ddd
1 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.pre-commit-config.yaml
+36
View File
@@ -1,17 +1,34 @@
# Priority tiers (lower = runs first, same priority = concurrent):
# P0 — fast file fixers
# P10 — validators and guards
# P20 — auto-formatters
# P30 — linters
# P40 — security scanners
# P50 — dependency validation
default_install_hook_types: [pre-commit, pre-push]
repos: repos:
## GENERAL (prek built-in — no external repo needed) ## GENERAL (prek built-in — no external repo needed)
- repo: builtin - repo: builtin
hooks: hooks:
- id: check-merge-conflict - id: check-merge-conflict
priority: 10
- id: check-yaml - id: check-yaml
args: ["--allow-multiple-documents"] args: ["--allow-multiple-documents"]
exclude: (prowler/config/llm_config.yaml|contrib/) exclude: (prowler/config/llm_config.yaml|contrib/)
priority: 10
- id: check-json - id: check-json
priority: 10
- id: end-of-file-fixer - id: end-of-file-fixer
priority: 0
- id: trailing-whitespace - id: trailing-whitespace
priority: 0
- id: no-commit-to-branch - id: no-commit-to-branch
priority: 10
- id: pretty-format-json - id: pretty-format-json
args: ["--autofix", --no-sort-keys, --no-ensure-ascii] args: ["--autofix", --no-sort-keys, --no-ensure-ascii]
priority: 10
## TOML ## TOML
- repo: https://github.com/macisamuele/language-formatters-pre-commit-hooks - repo: https://github.com/macisamuele/language-formatters-pre-commit-hooks
@@ -20,6 +37,7 @@ repos:
- id: pretty-format-toml - id: pretty-format-toml
args: [--autofix] args: [--autofix]
files: pyproject.toml files: pyproject.toml
priority: 20
## GITHUB ACTIONS ## GITHUB ACTIONS
- repo: https://github.com/zizmorcore/zizmor-pre-commit - repo: https://github.com/zizmorcore/zizmor-pre-commit
@@ -27,6 +45,7 @@ repos:
hooks: hooks:
- id: zizmor - id: zizmor
files: ^\.github/ files: ^\.github/
priority: 30
## BASH ## BASH
- repo: https://github.com/koalaman/shellcheck-precommit - repo: https://github.com/koalaman/shellcheck-precommit
@@ -34,6 +53,7 @@ repos:
hooks: hooks:
- id: shellcheck - id: shellcheck
exclude: contrib exclude: contrib
priority: 30
## PYTHON — SDK (prowler/, tests/, dashboard/, util/, scripts/) ## PYTHON — SDK (prowler/, tests/, dashboard/, util/, scripts/)
- repo: https://github.com/myint/autoflake - repo: https://github.com/myint/autoflake
@@ -48,6 +68,7 @@ repos:
"--remove-all-unused-imports", "--remove-all-unused-imports",
"--remove-unused-variable", "--remove-unused-variable",
] ]
priority: 20
- repo: https://github.com/pycqa/isort - repo: https://github.com/pycqa/isort
rev: 8.0.1 rev: 8.0.1
@@ -56,6 +77,7 @@ repos:
name: "SDK - isort" name: "SDK - isort"
files: { glob: ["{prowler,tests,dashboard,util,scripts}/**/*.py"] } files: { glob: ["{prowler,tests,dashboard,util,scripts}/**/*.py"] }
args: ["--profile", "black"] args: ["--profile", "black"]
priority: 20
- repo: https://github.com/psf/black - repo: https://github.com/psf/black
rev: 26.3.1 rev: 26.3.1
@@ -63,6 +85,7 @@ repos:
- id: black - id: black
name: "SDK - black" name: "SDK - black"
files: { glob: ["{prowler,tests,dashboard,util,scripts}/**/*.py"] } files: { glob: ["{prowler,tests,dashboard,util,scripts}/**/*.py"] }
priority: 20
- repo: https://github.com/pycqa/flake8 - repo: https://github.com/pycqa/flake8
rev: 7.3.0 rev: 7.3.0
@@ -71,6 +94,7 @@ repos:
name: "SDK - flake8" name: "SDK - flake8"
files: { glob: ["{prowler,tests,dashboard,util,scripts}/**/*.py"] } files: { glob: ["{prowler,tests,dashboard,util,scripts}/**/*.py"] }
args: ["--ignore=E266,W503,E203,E501,W605"] args: ["--ignore=E266,W503,E203,E501,W605"]
priority: 30
## PYTHON — API + MCP Server (ruff) ## PYTHON — API + MCP Server (ruff)
- repo: https://github.com/astral-sh/ruff-pre-commit - repo: https://github.com/astral-sh/ruff-pre-commit
@@ -80,9 +104,11 @@ repos:
name: "API + MCP - ruff check" name: "API + MCP - ruff check"
files: { glob: ["{api,mcp_server}/**/*.py"] } files: { glob: ["{api,mcp_server}/**/*.py"] }
args: ["--fix"] args: ["--fix"]
priority: 30
- id: ruff-format - id: ruff-format
name: "API + MCP - ruff format" name: "API + MCP - ruff format"
files: { glob: ["{api,mcp_server}/**/*.py"] } files: { glob: ["{api,mcp_server}/**/*.py"] }
priority: 20
## PYTHON — Poetry ## PYTHON — Poetry
- repo: https://github.com/python-poetry/poetry - repo: https://github.com/python-poetry/poetry
@@ -93,24 +119,28 @@ repos:
args: ["--directory=./api"] args: ["--directory=./api"]
files: { glob: ["api/{pyproject.toml,poetry.lock}"] } files: { glob: ["api/{pyproject.toml,poetry.lock}"] }
pass_filenames: false pass_filenames: false
priority: 50
- id: poetry-lock - id: poetry-lock
name: API - poetry-lock name: API - poetry-lock
args: ["--directory=./api"] args: ["--directory=./api"]
files: { glob: ["api/{pyproject.toml,poetry.lock}"] } files: { glob: ["api/{pyproject.toml,poetry.lock}"] }
pass_filenames: false pass_filenames: false
priority: 50
- id: poetry-check - id: poetry-check
name: SDK - poetry-check name: SDK - poetry-check
args: ["--directory=./"] args: ["--directory=./"]
files: { glob: ["{pyproject.toml,poetry.lock}"] } files: { glob: ["{pyproject.toml,poetry.lock}"] }
pass_filenames: false pass_filenames: false
priority: 50
- id: poetry-lock - id: poetry-lock
name: SDK - poetry-lock name: SDK - poetry-lock
args: ["--directory=./"] args: ["--directory=./"]
files: { glob: ["{pyproject.toml,poetry.lock}"] } files: { glob: ["{pyproject.toml,poetry.lock}"] }
pass_filenames: false pass_filenames: false
priority: 50
## CONTAINERS ## CONTAINERS
- repo: https://github.com/hadolint/hadolint - repo: https://github.com/hadolint/hadolint
@@ -118,6 +148,7 @@ repos:
hooks: hooks:
- id: hadolint - id: hadolint
args: ["--ignore=DL3013"] args: ["--ignore=DL3013"]
priority: 30
## LOCAL HOOKS ## LOCAL HOOKS
- repo: local - repo: local
@@ -128,6 +159,7 @@ repos:
language: system language: system
types: [python] types: [python]
files: { glob: ["{prowler,tests,dashboard,util,scripts}/**/*.py"] } files: { glob: ["{prowler,tests,dashboard,util,scripts}/**/*.py"] }
priority: 30
- id: trufflehog - id: trufflehog
name: TruffleHog name: TruffleHog
@@ -138,6 +170,7 @@ repos:
language: system language: system
pass_filenames: false pass_filenames: false
stages: ["pre-commit", "pre-push"] stages: ["pre-commit", "pre-push"]
priority: 40
- id: bandit - id: bandit
name: bandit name: bandit
@@ -148,6 +181,7 @@ repos:
files: '.*\.py' files: '.*\.py'
exclude: exclude:
{ glob: ["{contrib,skills}/**", "**/.venv/**", "**/*_test.py"] } { glob: ["{contrib,skills}/**", "**/.venv/**", "**/*_test.py"] }
priority: 40
- id: safety - id: safety
name: safety name: safety
@@ -166,6 +200,7 @@ repos:
".safety-policy.yml", ".safety-policy.yml",
], ],
} }
priority: 40
- id: vulture - id: vulture
name: vulture name: vulture
@@ -174,3 +209,4 @@ repos:
language: system language: system
types: [python] types: [python]
files: '.*\.py' files: '.*\.py'
priority: 40