repos:
  - repo: local
    hooks:
      - id: python-compile
        name: python compile check
        entry: tools/python_compile_check.sh
        language: script
        files: ".*\\.py$"
        pass_filenames: false
        always_run: true
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v4.6.0
    hooks:
      - id: end-of-file-fixer
        exclude: '^(frontend/(coverage|dist|node_modules|\.vite)/|.*\.tsbuildinfo$)'
      - id: trailing-whitespace
        exclude: '^(frontend/(coverage|dist|node_modules|\.vite)/|.*\.tsbuildinfo$)'
      - id: check-yaml
      - id: check-added-large-files
        args: ['--maxkb=2500']
  - repo: local
    hooks:
      - id: dockerfile-check
        name: dockerfile validation
        entry: tools/dockerfile_check.sh
        language: script
        files: "Dockerfile.*"
        pass_filenames: true
      - id: go-test-coverage
        name: Go Test Coverage
        entry: scripts/go-test-coverage.sh
        language: script
        pass_filenames: false
        verbose: true
        always_run: true
      - id: go-vet
        name: Go Vet
        entry: bash -c 'cd backend && go vet ./...'
        language: system
        files: '\.go$'
        pass_filenames: false
      - id: check-version-match
        name: Check .version matches latest Git tag
        entry: bash -c 'scripts/check-version-match-tag.sh'
        language: system
        files: '\.version$'
        pass_filenames: false

      # === MANUAL/CI-ONLY HOOKS ===
      # These are slow and should only run on-demand or in CI
      # Run manually with: pre-commit run golangci-lint --all-files
      - id: go-test-race
        name: Go Test Race (Manual)
        entry: bash -c 'cd backend && go test -race ./...'
        language: system
        files: '\.go$'
        pass_filenames: false
        stages: [manual]  # Only runs when explicitly called

      - id: golangci-lint
        name: GolangCI-Lint (Manual)
        entry: bash -c 'cd backend && docker run --rm -v $(pwd):/app:ro -w /app golangci/golangci-lint:latest golangci-lint run -v'
        language: system
        files: '\.go$'
        pass_filenames: false
        stages: [manual]  # Only runs when explicitly called

      - id: hadolint
        name: Hadolint Dockerfile Check (Manual)
        entry: bash -c 'docker run --rm -i hadolint/hadolint < Dockerfile'
        language: system
        files: 'Dockerfile'
        pass_filenames: false
        stages: [manual]  # Only runs when explicitly called
      - id: frontend-type-check
        name: Frontend TypeScript Check
        entry: bash -c 'cd frontend && npm run type-check'
        language: system
        files: '^frontend/.*\.(ts|tsx)$'
        pass_filenames: false
      - id: frontend-lint
        name: Frontend Lint (Fix)
        entry: bash -c 'cd frontend && npm run lint -- --fix'
        language: system
        files: '^frontend/.*\.(ts|tsx|js|jsx)$'
        pass_filenames: false

      - id: frontend-test-coverage
        name: Frontend Test Coverage (Manual)
        entry: scripts/frontend-test-coverage.sh
        language: script
        files: '^frontend/.*\\.(ts|tsx|js|jsx)$'
        pass_filenames: false
        verbose: true
        stages: [manual]

      - id: security-scan
        name: Security Vulnerability Scan (Manual)
        entry: scripts/security-scan.sh
        language: script
        files: '(\.go$|go\.mod$|go\.sum$)'
        pass_filenames: false
        verbose: true
        stages: [manual]  # Only runs when explicitly called