[pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

.pre-commit-hooks.yaml

@@ -216,4 +216,3 @@
     description: can take in a custom regex file to scan for custom secrets.
     entry: detect-secrets
     langauge: python
-    

pre_commit_hooks/detect_secrets.py

@@ -13,41 +13,40 @@ from pathlib import Path
 
 DEFAULT_PATTERNS: dict[str, str] = {
     # GitLab
-    "gitlab_pat": r"glpat-[0-9A-Za-z_-]{20,}",
+    'gitlab_pat': r'glpat-[0-9A-Za-z_-]{20,}',
-    "gitlab_runner_token": r"glrt-[0-9A-Za-z_-]{20,}",
+    'gitlab_runner_token': r'glrt-[0-9A-Za-z_-]{20,}',
 
     # GitHub
-    "github_pat": r"ghp_[0-9A-Za-z]{36}",
+    'github_pat': r'ghp_[0-9A-Za-z]{36}',
-    "github_fine_grained_pat": r"github_pat_[0-9A-Za-z_]{82}",
+    'github_fine_grained_pat': r'github_pat_[0-9A-Za-z_]{82}',
 
     # AWS
-    "aws_access_key": r"AKIA[0-9A-Z]{16}",
+    'aws_access_key': r'AKIA[0-9A-Z]{16}',
-    "aws_secret_key": r"(?i)aws(.{0,20})?(secret|access)[-_ ]?key(.{0,20})?['\"][0-9a-zA-Z/+]{40}['\"]",
+    'aws_secret_key': r"(?i)aws(.{0,20})?(secret|access)[-_ ]?key(.{0,20})?['\"][0-9a-zA-Z/+]{40}['\"]",
 
     # Generic
-    "generic_secret": r"(?i)(password|passwd|pwd|secret|token|api[_-]?key)\s*=\s*['\"].+['\"]",
+    'generic_secret': r"(?i)(password|passwd|pwd|secret|token|api[_-]?key)\s*=\s*['\"].+['\"]",
 }
 
 
-
 def load_custom_patterns(path: Path) -> dict[str, str]:
     patterns: dict[str, str] = {}
     for i, line in enumerate(path.read_text().splitlines(), start=1):
         line = line.strip()
-        if not line or line.startswith("#"):
+        if not line or line.startswith('#'):
             continue
         patterns[f"custom_rule_{i}"] = line
     return patterns
 
 
 def is_binary(data: bytes) -> bool:
-    return b"\x00" in data
+    return b'\x00' in data
 
 
 def git_tracked_files() -> list[Path]:
     """Return all git-tracked files in the repo."""
     result = subprocess.run(
-        ["git", "ls-files"],
+        ['git', 'ls-files'],
         stdout=subprocess.PIPE,
         stderr=subprocess.DEVNULL,
         text=True,
@@ -57,16 +56,16 @@ def git_tracked_files() -> list[Path]:
 
 
 def main(argv: Sequence[str] | None = None) -> int:
-    parser = argparse.ArgumentParser(description="Detect exposed secrets in repository")
+    parser = argparse.ArgumentParser(description='Detect exposed secrets in repository')
     parser.add_argument(
-        "--rules",
+        '--rules',
         type=Path,
-        help="File containing custom regex rules (one per line)",
+        help='File containing custom regex rules (one per line)',
     )
     parser.add_argument(
-        "filenames",
+        'filenames',
-        nargs="*",
+        nargs='*',
-        help="Files to scan (if empty, scans entire repo)",
+        help='Files to scan (if empty, scans entire repo)',
     )
 
     args = parser.parse_args(argv)
@@ -104,14 +103,14 @@ def main(argv: Sequence[str] | None = None) -> int:
         if is_binary(data):
             continue
 
-        text = data.decode(errors="ignore")
+        text = data.decode(errors='ignore')
 
         for rule, regex in compiled.items():
             if regex.search(text):
                 findings.append((path, rule))
 
     if findings:
-        print("Potential secrets detected:")
+        print('Potential secrets detected:')
         for path, rule in findings:
             print(f"  - {path} (matched: {rule})")
         return 1
@@ -119,5 +118,5 @@ def main(argv: Sequence[str] | None = None) -> int:
     return 0
 
 
-if __name__ == "__main__":
+if __name__ == '__main__':
     raise SystemExit(main())