feat: add uv audit pre-commit hook for dependency security checks
Here is a more polished and professional MR description
## What does this MR do and why?
This MR introduces a pre-commit hook using `uv audit` to enforce automated dependency security checks before every commit.
By integrating `uv audit` into the pre-commit workflow, the project is now protected against introducing packages with known vulnerabilities. This helps maintain a secure codebase by catching issues early in the development cycle rather than later in deployment or production stages.
In addition, Ruff has been included to handle linting and formatting, ensuring consistent code quality and adherence to best practices across the project.
Overall, this change improves:
- Security by preventing vulnerable dependencies from being committed
- Code quality through automated linting and formatting
- Developer workflow by automating checks without manual intervention
## References
- Pre-commit framework for automated git hooks
- uv audit for dependency vulnerability scanning
- Ruff for linting and formatting
## Screenshots or screen recordings
**after**
## How to set up and validate locally
1. Install dependencies:
```bash
pip install uv pre-commit-
Install pre-commit hooks:
pre-commit install -
(Optional) Run all hooks manually:
pre-commit run --all-files -
Make a commit:
git commit -m "test pre-commit" -
Verify:
- If vulnerabilities are detected → commit is blocked
- If no issues → commit succeeds
MR acceptance checklist
-
uv auditintegrated as a pre-commit hook -
Automated security checks enabled before commits -
Ruff added for linting and formatting -
No breaking changes introduced
Edited by Swarna rathna madhuri Kanda