chore: add pre-commit hooks and secrets baseline

[bakerboy448]

Adds pre-commit config with standard hooks and secrets baseline.

Hooks

• trailing-whitespace, end-of-file-fixer, check-json, check-added-large-files
• check-merge-conflict, detect-private-key, mixed-line-ending (LF)
• detect-secrets with baseline (excludes package-lock.json)

Summary by CodeRabbit

Release Notes

• Chores
  • Implemented automated code quality and security checks to run during commit operations, including validation of JSON files, detection of merge conflicts, prevention of large file additions, and scanning for potential secrets.

[coderabbitai]

Warning

Rate limit exceeded

@bakerboy448 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 5 minutes and 56 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 62cd9cd0-a500-4085-a3a9-e7f109287f91

📥 Commits

Reviewing files that changed from the base of the PR and between b1a71e6 and 9bde6bf.

📒 Files selected for processing (3)

• .pre-commit-config.yaml
• .secrets.baseline
• tests/noise.test.ts

Walkthrough

Adds two configuration files for pre-commit hooks and secret detection: .pre-commit-config.yaml defines automated checks for code quality and security using seven hooks from standard repositories, and .secrets.baseline establishes a baseline for secret detection with plugin configurations, filtering rules, and test result entries.

Changes

Cohort / File(s)	Summary
Setup and Configuration .pre-commit-config.yaml, .secrets.baseline	Introduces pre-commit hook configuration with reusable hooks for trailing whitespace, file endings, JSON validation, large files, merge conflicts, and private key detection. Adds secrets baseline file with detect-secrets configuration including plugin list, filter rules, and baseline test results.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description covers the main changes but lacks required sections; the template requires Summary, Changes, and Test plan sections with specific test verification steps.	Restructure to match the template: include a proper Summary section, expand Changes with bullet points, and add Test plan section with checkboxes for npm test, TypeScript compilation, and build verification.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main changes—adding pre-commit hooks and secrets baseline configuration files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/add-pre-commit

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.secrets.baseline:
- Around line 132-141: The baseline entry for tests/noise.test.ts (the API_KEY:
'secret123' test fixture) is unverified in .secrets.baseline (is_verified:
false); either update that baseline record to set is_verified: true for the
hashed_secret entry, or instead add a localized inline allowlist pragma on the
test source line in tests/noise.test.ts (e.g., a pragma: allowlist secret
comment next to the API_KEY fixture) to explicitly document it as an intentional
test secret; reference the hashed_secret record in .secrets.baseline and the
API_KEY line in tests/noise.test.ts when making the change.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: b8901833-6c88-4296-8773-01f79ca20d33

📥 Commits

Reviewing files that changed from the base of the PR and between 944741a and b1a71e6.

📒 Files selected for processing (2)

• .pre-commit-config.yaml
• .secrets.baseline

Dismissing bot review to merge