Conversation
|
|
Co-authored-by: Dániel Kántor <kd@stacklok.com>
5a760b4 to
b4a51d2
Compare
evankanderson
left a comment
There was a problem hiding this comment.
A few small nits, but approving in case they aren't needed.
| import future.keywords.if | ||
| import future.keywords.every |
There was a problem hiding this comment.
I think import rego.v1 brings you both of these.
| import future.keywords.if | |
| import future.keywords.every | |
| import rego.v1 |
| semgrep_hooks[hook_id].id == "semgrep" | ||
| } | ||
|
|
||
| message := "" if allow |
There was a problem hiding this comment.
I believe message is only used when allow is false, so you can just do:
| message := "" if allow | |
| message := "Semgrep pre-commit hook is not configured for the repository" |
| repo_data := parsed_data.repos[repo_id] | ||
| endswith(repo_data["repo"], "https://github.com/semgrep/pre-commit") | ||
| semgrep_hooks = repo_data["hooks"] | ||
| semgrep_hooks[hook_id].id == "semgrep" |
There was a problem hiding this comment.
It looks like Semgrep has 4 configurations: semgrep, semgrep-ci, semgrep-docker, and semgrep-docker-develop. It looks like this requires the semgrep one and not (for example) the CI one. Is this usage intentional?
No description provided.