bcffd1ccef
- Add .github/codeql/codeql-config.yml: exclude cpp/unused-static-function (52), cpp/constant-comparison (4), cpp/stack-address-escape (1), cpp/path-injection (3) - Reference config-file in codeql.yml CodeQL init step - Fix dependency-review.yml: checkout v4->v6, ubuntu-latest->ubuntu-24.04 - Clean .pre-commit-config.yaml: remove irrelevant PHP/Java/Ruby/Go/eslint/pylint hooks, keep gitleaks/shellcheck/cpplint/pre-commit-hooks, bump versions - Pin pip versions: wheel==0.45.1, setuptools==75.8.0, build==1.2.2 (release.yml), pyflakes==3.2.0, mypy==1.14.1 (bindings.yml) for Scorecard PinnedDependenciesID - Suppress unused-local-variable: (void)a_inf in ct_point.cpp, (void)parity in test_ecdh_recovery_taproot.cpp Eliminates: 52 unused-static-function, 4 constant-comparison, 3 path-injection, 2 unused-local-variable, 1 stack-address-escape, 2 PinnedDependenciesID = 64 alerts resolved. Remaining 8: 4 TokenPermissions (legitimate), 4 repo-level (not code-fixable).
21 lines
461 B
YAML
21 lines
461 B
YAML
repos:
|
|
- repo: https://github.com/gitleaks/gitleaks
|
|
rev: v8.21.2
|
|
hooks:
|
|
- id: gitleaks
|
|
- repo: https://github.com/shellcheck-py/shellcheck-py
|
|
rev: v0.10.0.1
|
|
hooks:
|
|
- id: shellcheck
|
|
- repo: https://github.com/pocc/pre-commit-hooks
|
|
rev: v1.3.5
|
|
hooks:
|
|
- id: cpplint
|
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
|
rev: v5.0.0
|
|
hooks:
|
|
- id: end-of-file-fixer
|
|
- id: trailing-whitespace
|
|
- id: check-yaml
|
|
- id: check-merge-conflict
|