pre-commit stuff (#60)

* chore: added osv-scanner to pre-commit and mise

* chore: refactored pre-commit

* chore: ran pre-commit on all things

* chore: added pre-commit ci integration

Author: MadsRC

.idea/sophrosyne.iml

@@ -3,6 +3,8 @@ go = "1.22.3"
 watchexec = "latest"
 "go:github.com/golangci/golangci-lint/cmd/golangci-lint" = "1.58.1"
 "go:golang.org/x/tools/cmd/goimports" = "latest"
+"go:github.com/google/osv-scanner/cmd/osv-scanner" = "v1"
+"pipx:pre-commit" = "latest"
 
 [settings]
 experimental = true

.idea/sqldialects.xml

@@ -22,4 +22,4 @@ done
 
 mkdir -p build
 
-docker buildx build --platform="$platform" -o type=oci,dest=build/sophrosyne.tar --tag sophrosyne:0.0.0 .
+docker buildx build --platform="$platform" -o type=oci,dest=build/sophrosyne.tar --tag sophrosyne:0.0.0 .

.mise.toml

@@ -3,4 +3,3 @@
 # mise outputs=[]
 
 go test --tags=integration ./...
-

.mise/tasks/build/docker

@@ -1,17 +1,29 @@
 repos:
+  - repo: https://github.com/google/osv-scanner/
+    rev: 645d5b0bb9c14741b2147a5305b684e4abc039e0 # v1.7.3
+    hooks:
+      - id: osv-scanner
+        args: ["-r", "."]
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.6.0
     hooks:
       - id: check-added-large-files
         args: ['--maxkb=4000']
       - id: end-of-file-fixer
-        exclude: "snapshots|docs/api.md"
       - id: trailing-whitespace
-        exclude: "snapshots|docs/api.md"
+        args: ['--markdown-linebreak-ext=md']
       - id: check-merge-conflict
       - id: check-json
       - id: check-yaml
+      - id: check-toml
+      - id: check-xml
+      - id: check-symlinks
+      - id: destroyed-symlinks
       - id: check-case-conflict
       - id: mixed-line-ending
       - id: detect-private-key
-      - id: check-executables-have-shebangs
+      - id: pretty-format-json
+        args: ['--autofix']
+ci:
+  skip:
+    - osv-scanner # Handled by a dedicated GitHub Action

.mise/tasks/test/integration

@@ -1,11 +1,11 @@
 {
-    "recommendations": [
-        "charliermarsh.ruff",
-        "ms-python.python",
-        "tamasfe.even-better-toml",
-        "davidanson.vscode-markdownlint",
-        "github.copilot",
-        "ms-python.mypy-type-checker",
-        "bruno-api-client.bruno"
-    ]
+  "recommendations": [
+    "charliermarsh.ruff",
+    "ms-python.python",
+    "tamasfe.even-better-toml",
+    "davidanson.vscode-markdownlint",
+    "github.copilot",
+    "ms-python.mypy-type-checker",
+    "bruno-api-client.bruno"
+  ]
 }

.pre-commit-config.yaml

@@ -1,21 +1,21 @@
 {
-    "[python]": {
-        "editor.formatOnSave": true,
-        "editor.defaultFormatter": "charliermarsh.ruff",
-        "editor.codeActionsOnSave": {
-            "source.organizeImports": "explicit"
-          }
+  "[python]": {
+    "editor.codeActionsOnSave": {
+      "source.organizeImports": "explicit"
     },
-    "python.testing.pytestArgs": [
-        "tests"
-    ],
-    "python.testing.unittestEnabled": false,
-    "python.testing.pytestEnabled": true,
-    "files.exclude": {
-        "**/__pycache__": true
-    },
-    "sonarlint.connectedMode.project": {
-        "connectionId": "madsrc",
-        "projectKey": "MadsRC_sophrosyne"
-    }
+    "editor.defaultFormatter": "charliermarsh.ruff",
+    "editor.formatOnSave": true
+  },
+  "files.exclude": {
+    "**/__pycache__": true
+  },
+  "python.testing.pytestArgs": [
+    "tests"
+  ],
+  "python.testing.pytestEnabled": true,
+  "python.testing.unittestEnabled": false,
+  "sonarlint.connectedMode.project": {
+    "connectionId": "madsrc",
+    "projectKey": "MadsRC_sophrosyne"
+  }
 }

.vscode/extensions.json

@@ -1,73 +1,97 @@
 {
-    "Users": {
-        "entityTypes": {
-            "User": {
-                "shape": {
-                    "type": "Record",
-                    "attributes": {
-                        "id": {
-                            "type": "String"
-                        },
-                        "name": {
-                            "type": "String"
-                        },
-                        "email": {
-                            "type": "String"
-                        },
-                        "is_admin": {
-                            "type": "Boolean"
-                        },
-                        "created_at": {
-                            "type": "Long"
-                        },
-                        "updated_at": {
-                            "type": "Long"
-                        },
-                        "deleted_at": {
-                            "type": "Long",
-                            "required": false
-                        }
-                    }
-                }
-            }
-        },
-        "actions": {
-            "GetUser": {
-                "appliesTo": {
-                    "principalTypes": [ "User"],
-                    "resourceTypes": [ "User" ]
-                }
+  "Users": {
+    "actions": {
+      "CreateUser": {
+        "appliesTo": {
+          "principalTypes": [
+            "User"
+          ],
+          "resourceTypes": [
+            "User"
+          ]
+        }
+      },
+      "DeleteUser": {
+        "appliesTo": {
+          "principalTypes": [
+            "User"
+          ],
+          "resourceTypes": [
+            "User"
+          ]
+        }
+      },
+      "GetUser": {
+        "appliesTo": {
+          "principalTypes": [
+            "User"
+          ],
+          "resourceTypes": [
+            "User"
+          ]
+        }
+      },
+      "GetUsers": {
+        "appliesTo": {
+          "principalTypes": [
+            "User"
+          ],
+          "resourceTypes": [
+            "User"
+          ]
+        }
+      },
+      "RotateToken": {
+        "appliesTo": {
+          "principalTypes": [
+            "User"
+          ],
+          "resourceTypes": [
+            "User"
+          ]
+        }
+      },
+      "UpdateUser": {
+        "appliesTo": {
+          "principalTypes": [
+            "User"
+          ],
+          "resourceTypes": [
+            "User"
+          ]
+        }
+      }
+    },
+    "entityTypes": {
+      "User": {
+        "shape": {
+          "attributes": {
+            "created_at": {
+              "type": "Long"
+            },
+            "deleted_at": {
+              "required": false,
+              "type": "Long"
             },
-            "GetUsers": {
-                "appliesTo": {
-                    "principalTypes": [ "User"],
-                    "resourceTypes": [ "User" ]
-                }
+            "email": {
+              "type": "String"
             },
-            "CreateUser": {
-                "appliesTo": {
-                    "principalTypes": [ "User"],
-                    "resourceTypes": [ "User" ]
-                }
+            "id": {
+              "type": "String"
             },
-            "UpdateUser": {
-                "appliesTo": {
-                    "principalTypes": [ "User"],
-                    "resourceTypes": [ "User" ]
-                }
+            "is_admin": {
+              "type": "Boolean"
             },
-            "DeleteUser": {
-                "appliesTo": {
-                    "principalTypes": [ "User"],
-                    "resourceTypes": [ "User" ]
-                }
+            "name": {
+              "type": "String"
             },
-            "RotateToken": {
-                "appliesTo": {
-                    "principalTypes": [ "User"],
-                    "resourceTypes": [ "User" ]
-                }
+            "updated_at": {
+              "type": "Long"
             }
+          },
+          "type": "Record"
         }
+      }
     }
+  }
 }

.vscode/settings.json

@@ -1,47 +1,47 @@
 {
-    "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-    "configMigration": true,
-    "extends": [
-      "config:recommended",
-      "docker:pinDigests",
-      "helpers:pinGitHubActionDigests",
-      ":pinDevDependencies"
-    ],
-    "packageRules": [
-      {
-        "matchDepTypes": [
-          "action"
-        ],
-        "pinDigests": true,
-        "matchSourceUrlPrefixes": [
-          "https://github.com/"
-        ],
-        "prBodyDefinitions": {
-          "OpenSSF": "[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/{{sourceRepo}}/badge)](https://securityscorecards.dev/viewer/?uri=github.com/{{sourceRepo}})"
-        },
-        "prBodyColumns": [
-          "Package",
-          "Type",
-          "Update",
-          "Change",
-          "Pending",
-          "OpenSSF"
-        ]
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "configMigration": true,
+  "docker-compose": {
+    "enabled": true
+  },
+  "dockerfile": {
+    "enabled": true
+  },
+  "extends": [
+    "config:recommended",
+    "docker:pinDigests",
+    "helpers:pinGitHubActionDigests",
+    ":pinDevDependencies"
+  ],
+  "packageRules": [
+    {
+      "matchDepTypes": [
+        "action"
+      ],
+      "matchSourceUrlPrefixes": [
+        "https://github.com/"
+      ],
+      "pinDigests": true,
+      "prBodyColumns": [
+        "Package",
+        "Type",
+        "Update",
+        "Change",
+        "Pending",
+        "OpenSSF"
+      ],
+      "prBodyDefinitions": {
+        "OpenSSF": "[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/{{sourceRepo}}/badge)](https://securityscorecards.dev/viewer/?uri=github.com/{{sourceRepo}})"
       }
-    ],
-    "docker-compose": {
-      "enabled": true
-    },
-    "dockerfile": {
-      "enabled": true
-    },
-    "pre-commit": {
-      "enabled": true
-    },
-    "vulnerabilityAlerts": {
-      "enabled": true,
-      "labels": [
-        "vulnerability"
-      ]
     }
+  ],
+  "pre-commit": {
+    "enabled": true
+  },
+  "vulnerabilityAlerts": {
+    "enabled": true,
+    "labels": [
+      "vulnerability"
+    ]
   }
+}

internal/cedar/cedarschema.json

@@ -6,4 +6,4 @@ sonar.exclusions=**/*.pb.go,**/*_test.go,tests
 sonar.test.inclusions=**/*_test.go
 sonar.go.golangci-lint.reportPaths=build/report.xml
 sonar.go.coverage.reportPaths=build/unit_coverage.out
-sonar.go.tests.reportPaths=build/unit_test_report.json
+sonar.go.tests.reportPaths=build/unit_test_report.json