Skip to content

ministryofjustice/devsecops-hooks

BranchesTags

Repository files navigation

devsecops-hooks

OpenSSF Scorecard OpenSSF Best Practices Ministry of Justice Repository Compliance

Pre-commit hooks for Ministry of Justice repositories.

Prerequisites

prek and gitleaks must both be installed and available on your PATH. On macOS:

brew install prek gitleaks

pre-commit can be used in place of prek (pip install pre-commit); all commands in this document are compatible with both. For other platforms, refer to the upstream install instructions: prek, gitleaks.

Usage

Add the following to your repository's .pre-commit-config.yaml, replacing <SHA> with a commit SHA from this repository (see releases):

repos:
  - repo: https://github.com/ministryofjustice/devsecops-hooks
    rev: <SHA>
    hooks:
      - id: baseline

Then install the hook:

prek install

The hook will run automatically on git commit. To run it manually:

prek run baseline --all-files

Pinning to a commit SHA

Use a commit SHA rather than a tag in rev:. Tags are mutable — a SHA guarantees you are running exactly what you reviewed. Find the SHA for any release on the releases page or by running:

git ls-remote https://github.com/ministryofjustice/devsecops-hooks refs/tags/v<version>

Hooks

Hook Description
baseline Scans staged changes for hardcoded secrets using gitleaks

Contributing

Raise an issue or open a pull request. See CHANGELOG.md for release history.

Licence

MIT — Crown Copyright (Ministry of Justice)

About

A series of pre-commit hooks executed before staged changes are committed

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

10 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 9

v2.0.1 Latest
Jun 19, 2026
+ 8 releases

Packages

 
 
 

Contributors

Languages