/trunkio-plugins

Trunk.io plugins repo

Primary LanguageTypeScriptMIT LicenseMIT

Trunk.io

docs contributing testing guide slack vscode openssf

Welcome

This repository is the official Trunk.io repo containing Trunk's integrations for linters, formatters, security tools, githooks, and default configs. By default, all Trunk users import this repo as a plugin, via this snippet in .trunk/trunk.yaml:

plugins:
  sources:
    - id: trunk
      uri: https://github.com/trunk-io/plugins
      ref: v1.5.0

This repo is open to contributions! See our contribution guidelines and join our slack community for help. If you're adding new tools, please see our testing guide as well!

Supported Linters, Formatters, and Security Tools

Enable the following tools via:

trunk check enable {linter}
Technology Linters
All codespell, cspell, gitleaks, git-diff-check, pre-commit-hooks, trunk-toolbox, vale
Ansible ansible-lint
Apex pmd
Bash shellcheck, shfmt
Bazel, Starlark buildifier
C, C++ clang-format, clang-tidy, include-what-you-use, pragma-once
C# dotnet-format
CircleCI Config circleci
Cloudformation cfnlint, checkov
CMake cmake-format
CSS, SCSS stylelint, prettier
Cue cue-fmt
Dart dart
Docker hadolint, checkov
Dotenv dotenv-linter
GitHub actionlint
Go gofmt, gofumpt, goimports, gokart, golangci-lint, golines, semgrep
GraphQL graphql-schema-linter, prettier
HAML haml-lint
HTML Templates djlint
Java google-java-format, pmd, semgrep
Javascript biome, deno, eslint, prettier, rome, semgrep
JSON biome, deno, eslint, prettier, semgrep
Kotlin detekt, ktlint
Kubernetes kube-linter
Lua stylua
Markdown deno, markdownlint, markdownlint-cli2, markdown-link-check, markdown-table-prettify, prettier, remark-lint
Nix nixpkgs-fmt
package.json sort-package-json
Perl perlcritic, perltidy
PHP php-cs-fixer, phpstan
PNG oxipng
PowerShell psscriptanalyzer
Prisma prisma
Protobuf buf (breaking, lint, and format), clang-format, clang-tidy
Python autopep8, bandit, black, flake8, isort, mypy, pylint, pyright, semgrep, yapf, ruff, sourcery
Rego regal, opa
Renovate renovate
Ruby brakeman, rubocop, rufo, semgrep, standardrb
Rust clippy, rustfmt
Scala scalafmt
Security checkov, dustilock, nancy, osv-scanner, tfsec, trivy, trufflehog, terrascan
SQL sqlfluff, sqlfmt, sql-formatter, squawk
SVG svgo
Swift stringslint, swiftlint, swiftformat
Terraform terraform (validate and fmt), checkov, tflint, tfsec, terrascan, tofu
Terragrunt terragrunt
Textproto txtpbfmt
TOML taplo
Typescript deno, eslint, prettier, rome, semgrep
YAML prettier, semgrep, yamllint

Supported Trunk Actions

You can think of Trunk Actions as IFTTT for your repository. An action is a command that is run in reaction to a specified trigger. Triggers can be git-hooks, file modifications, time-based, or manually run. See docs for more details.

Enable trunk actions via:

trunk actions enable {action}
action description
buf-gen run buf on .proto file change
commitizen enforce conventional commits and manage releases
commitlint enforce conventional commit message for your local commits
go-mod-tidy automatically tidy go.mod file
go-mod-tidy-vendor automatically tidy and vendor go.mod file
git-blame-ignore-revs automatically configure git to use .git-blame-ignore-revs
npm-check check whether NPM installation is up to date
poetry-check, poetry-lock, poetry-export, poetry-install hooks to enforce poetry configuration
yarn-check check whether Yarn installation is up to date

Supported Tools

This repository also defines configuration for Trunk Tools, which provides hermetic management of different CLI tools. You can run trunk tools list to view all supported tools. Check out our docs.

Mission

Our goal is to make engineering faster, more efficient and dare we say - more fun. This repository will hopefully allow our community to share ideas on the best tools and best practices/workflows to make everyone's job of building code a little bit easier, a little bit faster, and maybe in the process - a little bit more fun. Read more about Trunk Check.

Additional Reference

Some linters provide built-in formatters or autofix options that don't always produce ideal outputs, especially in conjunction with other formatters. Trunk supports defining autofix options for these linters, but has their formatting turned off by default. An example of this is sqlfluff:

- name: sqlfluff
  files: [sql, sql-j2, dml, ddl]
  runtime: python
  package: sqlfluff
  direct_configs:
    - .sqlfluff
  commands:
    - name: lint
      run: sqlfluff lint ${target} --format json --dialect ansi --nofail
      output: sarif
      success_codes: [0]
      read_output_from: stdout
      parser:
        runtime: python
        run: ${plugin}/linters/sqlfluff/sqlfluff_to_sarif.py
    - name: fix
      run: sqlfluff fix ${target} --dialect ansi --disable-progress-bar --force
      output: rewrite
      formatter: true
      in_place: true
      success_codes: [0]
      enabled: false

The fix subcommand has enabled: false, so when you run trunk check enable sqlfluff, only the lint subcommand is enabled. To override this behavior, specify in your trunk.yaml:

lint:
  enabled:
    - sqlfluff@<version>:
        commands: [lint, fix]