From 78e579bb7d6ed7086eabd318cdb8b19a4fd3ff2f Mon Sep 17 00:00:00 2001
From: Val Redchenko <lazyval@gmail.com>
Date: Wed, 28 Jan 2026 12:55:57 +0000
Subject: [PATCH] feat: add security scanning tools to dev prerequisites

Add pre-commit, detect-secrets, and osv-scanner to the prerequisite
checks. These tools were added in PR #145 but the prerequisite check
wasn't updated, so developers aren't warned when they're missing.

All three are marked as optional (required: false) since they're only
needed for security scanning workflows, not core development.
---
 core/dev-requirements.json                    | 21 +++++++++++++++++++
 .../config/dev-requirements.json              | 21 +++++++++++++++++++
 2 files changed, 42 insertions(+)

diff --git a/core/dev-requirements.json b/core/dev-requirements.json
index 2ed4105..b5d8c13 100644
--- a/core/dev-requirements.json
+++ b/core/dev-requirements.json
@@ -68,6 +68,27 @@
       "versionArgs": ["--version"],
       "required": false,
       "description": "GitHub CLI"
+    },
+    {
+      "name": "pre-commit",
+      "command": "pre-commit",
+      "versionArgs": ["--version"],
+      "required": false,
+      "description": "Git hooks framework for code quality checks"
+    },
+    {
+      "name": "detect-secrets",
+      "command": "detect-secrets",
+      "versionArgs": ["--version"],
+      "required": false,
+      "description": "Secrets detection tool for baseline management"
+    },
+    {
+      "name": "osv-scanner",
+      "command": "osv-scanner",
+      "versionArgs": ["--version"],
+      "required": false,
+      "description": "Vulnerability scanner for dependencies"
     }
   ],
   "network": {
diff --git a/packages/smartem-workspace/smartem_workspace/config/dev-requirements.json b/packages/smartem-workspace/smartem_workspace/config/dev-requirements.json
index 2ed4105..b5d8c13 100644
--- a/packages/smartem-workspace/smartem_workspace/config/dev-requirements.json
+++ b/packages/smartem-workspace/smartem_workspace/config/dev-requirements.json
@@ -68,6 +68,27 @@
       "versionArgs": ["--version"],
       "required": false,
       "description": "GitHub CLI"
+    },
+    {
+      "name": "pre-commit",
+      "command": "pre-commit",
+      "versionArgs": ["--version"],
+      "required": false,
+      "description": "Git hooks framework for code quality checks"
+    },
+    {
+      "name": "detect-secrets",
+      "command": "detect-secrets",
+      "versionArgs": ["--version"],
+      "required": false,
+      "description": "Secrets detection tool for baseline management"
+    },
+    {
+      "name": "osv-scanner",
+      "command": "osv-scanner",
+      "versionArgs": ["--version"],
+      "required": false,
+      "description": "Vulnerability scanner for dependencies"
     }
   ],
   "network": {