Timmy_Foundation/hermes-agent
15
0
Fork 0
Code Issues 277 Pull Requests 89 Actions Packages Projects Releases Wiki Activity
Files
c9c3fc94f8d8c4580b14fea9e174200325c7b7a2
hermes-agent/.pre-commit-config.yaml
Alexander Whitestone c9c3fc94f8
Some checks failed
Docker Build and Publish / build-and-push (pull_request) Failing after 18s
Details
Secret Scan / Scan for secrets (pull_request) Failing after 3s
Details
Supply Chain Audit / Scan PR for supply chain risks (pull_request) Failing after 4s
Details
Tests / test (pull_request) Failing after 6s
Details
feat(security): add pre-merge security guards and quality gates 
- Add secret-leak detection CI workflow (secret-scan.yml)
- Add dependency vulnerability scanning via pip-audit (dependency-audit.yml)
- Add CODEOWNERS for critical paths (gateway/, tools/, agent/, config/)
- Add security PR checklist issue template
- Add quarterly security audit scheduled workflow
- Add pre-commit config with gitleaks and private key detection

Refs #149
2026-04-06 21:51:58 -04:00

26 lines
737 B
YAML
Raw Blame History

repos:
# Secret detection
- repo: https://github.com/gitleaks/gitleaks
rev: v8.21.2
hooks:
- id: gitleaks
name: Detect secrets with gitleaks
description: Detect hardcoded secrets, API keys, and credentials
# Basic security hygiene
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v5.0.0
hooks:
- id: check-added-large-files
args: ['--maxkb=500']
- id: detect-private-key
name: Detect private keys
- id: check-merge-conflict
- id: check-yaml
- id: check-toml
- id: end-of-file-fixer
- id: trailing-whitespace
args: ['--markdown-linebreak-ext=md']
- id: no-commit-to-branch
args: ['--branch', 'main']
Reference in New Issue View Git Blame Copy Permalink