choret: add manual security scans for Semgrep and Gitleaks in pre-commit hooks

2026-02-18 08:26:13 +00:00
parent fd95611a25
commit 26a19e58a6
4 changed files with 124 additions and 0 deletions
@@ -430,6 +430,34 @@
            "group": "test",
            "problemMatcher": []
        },
+        {
+            "label": "Security: Semgrep Scan (Manual Script)",
+            "type": "shell",
+            "command": "bash scripts/pre-commit-hooks/semgrep-scan.sh",
+            "group": "test",
+            "problemMatcher": []
+        },
+        {
+            "label": "Security: Semgrep Scan (Manual Hook)",
+            "type": "shell",
+            "command": "pre-commit run --hook-stage manual semgrep-scan --all-files",
+            "group": "test",
+            "problemMatcher": []
+        },
+        {
+            "label": "Security: Gitleaks Scan (Tuned Manual Script)",
+            "type": "shell",
+            "command": "bash scripts/pre-commit-hooks/gitleaks-tuned-scan.sh",
+            "group": "test",
+            "problemMatcher": []
+        },
+        {
+            "label": "Security: Gitleaks Scan (Tuned Manual Hook)",
+            "type": "shell",
+            "command": "pre-commit run --hook-stage manual gitleaks-tuned-scan --all-files",
+            "group": "test",
+            "problemMatcher": []
+        },
        {
            "label": "Security: Scan Docker Image (Local)",
            "type": "shell",