npm - @ministryofjustice/hmpps-precommit-hooks - Versions diffs - 2.0.0-beta.1 → 2.0.0-beta.3 - Mend

@ministryofjustice/hmpps-precommit-hooks 2.0.0-beta.1 → 2.0.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,25 @@
 # Change log
+## 2.0.0
+### Breaking Changes
+- **Migrated from Husky to prek (pre-commit)** for managing git hooks
+  - Husky is automatically uninstalled during `npm install` if present
+  - Existing husky hooks are automatically removed
+  - prek is installed via Homebrew
+### New Features
+- Added `.pre-commit-config.yaml` configuration file with default hooks
+- Configuration file is only created if it doesn't exist, preserving custom configurations
+- Added automatic cleanup of legacy precommit scripts (`precommit:secrets`, `precommit:lint`, `precommit:verify`) from package.json
+### Changes
+- `prepare` script now installs prek instead of configuring husky
+- Hooks are now managed through `.pre-commit-config.yaml` instead of husky scripts
 ## 1.0.2
 Fix versions, accidentally mixed 1.0.0 and 0.1.0

package/README.md CHANGED Viewed

@@ -9,7 +9,7 @@ Teams are welcome to use this library. Please provide feedback via slack to the
 ## Migration from Husky
-This package has migrated from using Husky to using [prek](https://github.com/pre-commit/pre-commit) (pre-commit) for managing git hooks. The migration will happen automatically during `npm install`:
+This package has migrated from using Husky to using [prek](https://github.com/pre-commit/pre-commit) (pre-commit) for managing git hooks. The migration will happen automatically during `npm install` via a prepare hook:
 - Husky will be uninstalled if present
 - Existing husky hooks will be removed
@@ -45,10 +45,10 @@ HMPPS_HOOKS_VERSION: 1
 repos:
   - repo: local
     hooks:
-      - id: gitleaks
-        name: Scan commit for secrets
-        language: system
-        entry: gitleaks git --pre-commit --redact --staged --verbose --config .gitleaks/config.toml --gitleaks-ignore-path .gitleaks/.gitleaksignore
+      - repo: https://github.com/ministryofjustice/devsecops-hooks
+        rev: v1.x.x
+    hooks:
+      - id: baseline
       - id: lint
         name: linting code
         language: system
@@ -109,6 +109,19 @@ Repo specific rules can be added by teams in `.gitleaks/config.toml` in their in
 See the gitleaks documentation for how to create rules and [examples](https://github.com/gitleaks/gitleaks/blob/master/config/gitleaks.toml) or use the [online rule wizard](https://gitleaks.io/playground).
+### Keeping up to date
+`prek auto-update` can be used to pull in later versions of hooks including the devsecops-hooks.
+Also, a manager can be added to your renovate.json config to allow renovate to raise PRs to keep hooks up to date:
+```json
+  {
+    "matchManagers": ["pre-commit"],
+    "groupName": "all pre-commit dependencies"
+  }
+```
 ### Running hooks manually
 You can run all hooks manually using:

package/bin/prepare.sh CHANGED Viewed

@@ -30,8 +30,8 @@ if [ -f "node_modules/.bin/husky" ]; then
   endStage " ✅ "
   if [ -f ".husky/pre-commit" ]; then
-    startStage "Deleting existing husky pre-commit hook"
-    rm .husky/pre-commit
+    startStage "Deleting existing husky pre-commit hooks"
+    rm -Rf .husky
     endStage " ✅ "
   fi
 fi
@@ -42,13 +42,6 @@ if ! command -v brew > /dev/null 2> /dev/null; then
   exit 0
 fi
-# Install gitleaks if not present - this will be used by prek for secret scanning until we move over to devsecops hooks
-if ! command -v gitleaks > /dev/null 2> /dev/null; then
-  startStage "Installing gitleaks"
-  brew install gitleaks
-  endStage " ✅ "
-fi
 # Install prek
 if ! command -v prek > /dev/null 2> /dev/null; then
   startStage "Installing prek"
@@ -56,11 +49,10 @@ if ! command -v prek > /dev/null 2> /dev/null; then
   endStage " ✅ "
 fi
-# Copy default-hooks.yaml to target location
 SOURCE_HOOKS="./node_modules/@ministryofjustice/hmpps-precommit-hooks/default-hooks.yaml"
 TARGET_HOOKS=".pre-commit-config.yaml"
+# Copy default-hooks.yaml to target location for first time initialisation only
 if [ ! -f "$TARGET_HOOKS" ]; then
   startStage "Creating .pre-commit-config.yaml"
   cp "$SOURCE_HOOKS" "$TARGET_HOOKS"

package/default-hooks.yaml CHANGED Viewed

@@ -5,24 +5,17 @@
 # Other hooks maybe added or removed as needed to suit individual project requirements.
 repos:
-  #. Temporary disabled while we investigate issues with it
-  #  - repo: https://github.com/ministryofjustice/devsecops-hooks
-  #    rev: v1.1.0
-  #    hooks:
-  #      - id: baseline
+  - repo: https://github.com/ministryofjustice/devsecops-hooks
+    rev: v1.3.0
+    hooks:
+      - id: baseline
   - repo: local
     hooks:
-      - id: gitleaks
-        name: Scan commit for secrets
-        language: system
-        entry: gitleaks git --pre-commit --redact --staged --verbose --config .gitleaks/config.toml --gitleaks-ignore-path .gitleaks/.gitleaksignore
-        require_serial: true
-        pass_filenames: false
       - id: lint
         name: linting code
         language: system
-        entry: npm run lint
-        types: [ts]
+        entry: ./node_modules/.bin/lint-staged
+        types_or: [ts,javascript,css]
         require_serial: true
         pass_filenames: false
       - id: typecheck

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ministryofjustice/hmpps-precommit-hooks",
-  "version": "2.0.0-beta.1",
+  "version": "2.0.0-beta.3",
   "description": "Precommit hooks for HMPPS typescript projects",
   "keywords": [
     "precommit"