Skip to content

Enable TruffleHog in pre-commit and exclude markdown/svg files #412

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Enable TruffleHog in pre-commit and exclude markdown/svg files #412

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
a44b94d
make the trufflehog hook work, exclude md and svg files and lint the …
ParagEkbote Oct 22, 2025
5f2ab56
Merge branch 'main' into update-precommit
ParagEkbote Oct 22, 2025
01c6982
Merge branch 'main' into update-precommit
ParagEkbote Oct 22, 2025
7df7eb7
revert changes done by linting.
ParagEkbote Oct 23, 2025
adae547
revert linting.
ParagEkbote Oct 23, 2025
6d92ddf
Revert "revert linting."
ParagEkbote Oct 23, 2025
15dedd9
Revert "revert changes done by linting."
ParagEkbote Oct 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -161,4 +161,4 @@ cython_debug/
# ignore llama repository in resources
/resources/llama.cpp/

tests/openai
tests/openai
Copy link
Member

@davidberenstein1957 davidberenstein1957 Oct 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why are we exluding these tests? I think we should include them, could you double check if this wasn't a mistake?

Copy link
Contributor Author

@ParagEkbote ParagEkbote Oct 23, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have not included this change. It has been there for quite some time, the pre-commit hook must have formatted something 😄 : https://github.com/PrunaAI/pruna/blame/main/.gitignore

114 changes: 102 additions & 12 deletions .pre-commit-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,24 +1,112 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v5.0.0
rev: v6.0.0
hooks:
- id: check-added-large-files
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)
- id: check-case-conflict
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)
- id: check-merge-conflict
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)
- id: check-symlinks
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)
- id: check-toml
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)
- id: check-yaml
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)
- id: end-of-file-fixer
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)
- id: mixed-line-ending
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)
- id: trailing-whitespace
exclude: \.md$
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)
- id: no-commit-to-branch
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)

- repo: https://github.com/astral-sh/ruff-pre-commit
Copy link
Member

@davidberenstein1957 davidberenstein1957 Oct 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

perhaps we could only include certain files? ".py" etc. this would simplify it a bit.

rev: v0.11.12
rev: v0.14.1
hooks:
- id: ruff-check
args: [--fix]
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)
- id: ruff-format
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)

- repo: https://github.com/trufflesecurity/trufflehog
Copy link
Member

@davidberenstein1957 davidberenstein1957 Oct 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you rebase on main, I've also redone this implementation and forced only checking for files that have been commited, so this should resolve a huge part of it too. Perhaps we can also raise a certain error if this fails and redirect users to the install page?

Copy link
Contributor Author

@ParagEkbote ParagEkbote Oct 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, trufflehog is a golang package, not a python package. I think that this approach should simplify the usage for contributors and maintainers and not worry about installation at all. I could reduce the scope of files being checked to further improve the hook. WDYT?

rev: v3.90.11
hooks:
- id: trufflehog
name: TruffleHog Secrets Scanner
entry: trufflehog
language: golang
types_or: [python, yaml, json, text]
args:
[
"filesystem",
"src",
"tests",
".github/workflows",
"--results=verified,unknown",
"--exclude-paths=.venv",
"--fail"
]
stages: ["pre-commit", "pre-push"]
exclude: |
(?x)^(
.*\.md$|
.*\.svg$|
(^|/)venv/|
(^|/)\.venv/|
.*\.pyc$
)

- repo: local
hooks:
Expand All @@ -28,9 +116,12 @@ repos:
language: system
types: [python]
pass_filenames: false
exclude: |
(?x)^(
.*\.md$|
.*\.svg$
)

- repo: local
hooks:
- id: check-pruna-pro
name: Check for pruna_pro
entry: >
Expand All @@ -48,10 +139,9 @@ repos:
language: system
stages: [pre-commit]
types: [python]
exclude: "^docs/"
- id: trufflehog
name: TruffleHog
description: Detect secrets in your data.
entry: bash -c 'git diff --cached --name-only | xargs -I {} trufflehog filesystem {} --fail --no-update'
language: system
stages: ["pre-commit", "pre-push"]
exclude: |
(?x)^(
.*\.md$|
.*\.svg$|
^docs/
)
2 changes: 1 addition & 1 deletion docs/contributions/telemetry.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,4 +73,4 @@ To set telemetry preferences that persist across sessions:
Telemetry Function Documentation
---------------------------------------------

.. autofunction:: pruna.telemetry.set_telemetry_metrics
.. autofunction:: pruna.telemetry.set_telemetry_metrics
2 changes: 1 addition & 1 deletion docs/tutorials/index.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ These tutorials will guide you through the process of using |pruna| to optimize
.. grid-item-card:: Smashing at Finer Granularity with Target Modules
:text-align: center
:link: ./target_modules_quanto.ipynb

Learn how to use the ``target_modules`` parameter to target specific modules in your model.

.. toctree::
Expand Down
Loading