Add pre-commit hooks

[zandivx]

User description

Summary

This PR introduces a .pre-commit-config.yaml file for pre-commit. All developers need to execute pip install pre-commit && pre-commit install in the root dir of this repo once to install the hooks. Please decide if all of them are wanted/needed (these are opinionated "defaults") or if something is missing. AI summary which hooks are included in this PR:

Hooks

File hygiene (pre-commit-hooks v6.0.0):

• Validate shebang consistency (executables have shebangs, shebang files are executable)
• Detect merge conflict markers
• Check for broken symlinks
• Validate TOML and YAML syntax
• Fix end-of-file newlines
• Normalize line endings
• Remove trailing whitespace (preserving markdown line breaks)

Tabs (Lucas-C hooks v1.5.6):

• Replace tabs with spaces (per project coding style)

Python formatting:

• isort (7.0.0) - Sort and organize imports
• black (26.1.0) - Code formatting with 100-char line length (configured in pyproject.toml)

Security:

• Detect accidentally committed private keys

---

PR Type

Enhancement, Configuration changes

---

Description

• Introduce pre-commit hooks configuration for automated code quality checks

• Configure black formatter with 100-character line length limit

• Include file hygiene, Python formatting, and security validation hooks

• Requires one-time setup via pip install pre-commit && pre-commit install

---

Diagram Walkthrough

flowchart LR
  A["Pre-commit Configuration"] --> B["File Hygiene Hooks"]
  A --> C["Python Formatting Hooks"]
  A --> D["Security Hooks"]
  B --> E["Syntax Validation & Cleanup"]
  C --> F["isort & black"]
  D --> G["Private Key Detection"]
  F --> H["pyproject.toml Config"]

Loading

File Walkthrough

Relevant files

Configuration changes

.pre-commit-config.yaml Pre-commit hooks configuration setup                                          .pre-commit-config.yaml Adds pre-commit framework configuration with 5 repository sources Includes file hygiene hooks for shebang validation, merge conflict detection, symlink checking, and TOML/YAML syntax validation Configures Python formatting hooks using isort and black for import sorting and code formatting Includes security hook to detect accidentally committed private keys Adds tab-to-space conversion hook from Lucas-C hooks repository +27/-0    pyproject.toml Black formatter line length configuration                                pyproject.toml Adds black tool configuration section Sets line-length to 100 characters for code formatting consistency +2/-0

---

[qodo-code-review]

ⓘ Your approaching your monthly quota for Qodo. Upgrade your plan

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
⚪	Supply chain risk Description: The pre-commit configuration pulls executable hook code from multiple third-party GitHub repositories pinned only to version tags (e.g., rev: v6.0.0, v1.5.6, 7.0.0, 26.1.0), which creates a supply-chain risk if a tag is moved or upstream is compromised; consider pinning rev to immutable commit SHAs and/or using pre-commit autoupdate --freeze plus internal allowlisting/mirroring. .pre-commit-config.yaml [1-27] Referred Code repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v6.0.0 hooks: - id: check-executables-have-shebangs - id: check-shebang-scripts-are-executable - id: check-merge-conflict - id: check-symlinks - id: check-toml - id: check-yaml - id: detect-private-key - id: end-of-file-fixer - id: mixed-line-ending - id: trailing-whitespace args: [--markdown-linebreak-ext=md] - repo: https://github.com/Lucas-C/pre-commit-hooks rev: v1.5.6 hooks: - id: remove-tabs - repo: https://github.com/pycqa/isort rev: 7.0.0 ... (clipped 6 lines)
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
Update

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

ⓘ Your approaching your monthly quota for Qodo. Upgrade your plan

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Use valid pre-commit hook revisions Update the rev values for the pre-commit hooks in .pre-commit-config.yaml to valid, existing versions to prevent installation failures. .pre-commit-config.yaml [2-27] - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v6.0.0 + rev: v4.6.0 hooks: ... - repo: https://github.com/Lucas-C/pre-commit-hooks - rev: v1.5.6 + rev: v1.5.5 hooks: ... - repo: https://github.com/pycqa/isort - rev: 7.0.0 + rev: 5.13.2 hooks: ... - repo: https://github.com/psf/black-pre-commit-mirror - rev: 26.1.0 + rev: 24.4.2 hooks: - id: black [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 10 __ Why: The suggestion correctly identifies that the specified revisions for the pre-commit hooks are invalid and do not exist, which would cause the pre-commit setup to fail. Applying this change is critical for the functionality introduced in the PR.	High
General	Ensure isort and black compatibility Add a [tool.isort] section to pyproject.toml with profile = "black" and line_length = 100 to ensure compatibility with the black configuration. pyproject.toml [1-2] [tool.black] line-length = 100 + [tool.isort] + profile = "black" + line_length = 100 + Apply / Chat Suggestion importance[1-10]: 7 __ Why: The suggestion correctly points out a potential formatting conflict between isort and black and provides the standard configuration to ensure they work together harmoniously. This is a valuable improvement for the long-term stability of the formatting pipeline.	Medium
Update

[marjohma]

@zandivx to avoid "forgetting" to install the hook, would it make sense to include the installation in the build process of KAMEL? Also, please add the pre-commit hook to the CI so even when it's forgotten, the CI enforces it, for instance something like

- name: Run pre-commit
  run: |
    pip install pre-commit
    pre-commit run --all-files

[zandivx]

@zandivx to avoid "forgetting" to install the hook, would it make sense to include the installation in the build process of KAMEL? Also, please add the pre-commit hook to the CI so even when it's forgotten, the CI enforces it, for instance something like

- name: Run pre-commit
  run: |
    pip install pre-commit
    pre-commit run --all-files

I would advise against both ideas. Those hooks should catch common mistakes pre commit, before the changes go to review or any CI is run. Typing pre-commit install once takes really not that much of an effort. Also, in the current state, the CI would fail, as the conditions for several hooks are not met. We can gradually update this by running hooks for files we touch from now on.