this action is in maintenance-only mode and will not be accepting new features.
generally you want to use pre-commit.ci which is faster and has more features.
pre-commit/action
a GitHub action to run pre-commit
using this action
To use this action, make a file .github/workflows/pre-commit.yml. Here's a
template to get started:
name: pre-commit
on:
pull_request:
push:
branches: [main]
jobs:
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v3
- uses: pre-commit/action@v3.0.0This does a few things:
- clones the code
- installs python
- sets up the
pre-commitcache
using this action with custom invocations
By default, this action runs all the hooks against all the files. extra_args
lets users specify a single hook id and/or options to pass to pre-commit run.
Here's a sample step configuration that only runs the flake8 hook against all
the files (use the template above except for the pre-commit action):
- uses: pre-commit/action@v3.0.0
with:
extra_args: flake8 --all-filesusing this action in private repositories
prior to v3.0.0, this action had custom behaviour which pushed changes back to
the pull request when supplied with a token.
this behaviour was removed:
- it required a PAT (didn't work with short-lived
GITHUB_TOKEN) - properly hiding this
inputfrom the installation and execution of hooks is intractable in github actions (it is readily available as$INPUT_TOKEN) - this meant potentially unvetted code could access the token via the environment
you can likely achieve the same thing with an external action such as
git-auto-commit-action though you may want to take precautions to clear git
hooks or other ways that arbitrary code execution can occur when running
git commit / git push (for example core.fsmonitor).
while unrelated to this action, pre-commit.ci avoids these problems by installing and executing isolated from the short-lived repository-scoped installation access token.