configure pre-commit

.editorconfig

@@ -8,5 +8,7 @@ charset = utf-8
 indent_style = tab
 indent_size = tab
 
-[*.{markdown,md}]
+[*.{markdown,md,yaml}]
 trim_trailing_whitespace = false
+indent_style = space
+indent_size = 2

.pre-commit-config.yaml

@@ -0,0 +1,39 @@
+ci:
+  # Forĝejo/Gitea mirrors will autoclose pull requests. This should decrease
+  # the frequency of unnecessary PRs.
+  # https://github.com/pre-commit-ci/issues/issues/83
+  autoupdate_schedule: quarterly
+
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.4.0
+    hooks:
+      - id: check-added-large-files
+      - id: check-case-conflict
+      - id: check-executables-have-shebangs
+      - id: check-shebang-scripts-are-executable
+      - id: destroyed-symlinks
+      - id: detect-private-key
+      - id: end-of-file-fixer
+      - id: fix-byte-order-marker
+      - id: trailing-whitespace
+        exclude_types: [markdown]
+
+  - repo: https://github.com/thlorenz/doctoc
+    rev: v2.2.0
+    hooks:
+      - id: doctoc
+        args: [--update-only]
+
+  - repo: https://github.com/pre-commit/mirrors-prettier
+    rev: "v3.0.0-alpha.9-for-vscode"
+    hooks:
+      - id: prettier
+
+  - repo: https://github.com/editorconfig-checker/editorconfig-checker.python
+    rev: "2.7.1"
+    hooks:
+      - id: editorconfig-checker
+        alias: ec
+        # I don't actually care about line lengths as more than a guideline
+        args: [-disable-max-line-length]

README.md

@@ -6,6 +6,17 @@ subsequent validations.
 
 WoT? [Web Of Trust](https://en.wikipedia.org/wiki/Web_of_trust)
 
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+
+- [Why?](#why)
+- [Inclusion policy](#inclusion-policy)
+- [Places to check for keys](#places-to-check-for-keys)
+- [Mirrors](#mirrors)
+- [See also](#see-also)
+
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+
 ## Why?
 
 For example, I use [Tor Browser](https://torproject.org/) everywhere and
@@ -13,11 +24,11 @@ download it directly from their website. They have signed it using GPG (a
 OpenPGP implementation) and to ensure it hasn't been tampered with, I have
 to check that signature and I have two options:
 
-* I can always [verify the signature](https://support.torproject.org/tbb/how-to-verify-signature/),
+- I can always [verify the signature](https://support.torproject.org/tbb/how-to-verify-signature/),
   but that takes time and I would need to verify it from both [support.torproject.org](https://support.torproject.org/tbb/how-to-verify-signature/)
   and [4bflp2c4tnynnbes.onion](http://4bflp2c4tnynnbes.onion/#how-to-verify-signature).
   But what if [they were compromised or I was under a MITM attack or lazy and verfied only one version](https://www.qubes-os.org/faq/#should-i-trust-this-website)?
-* (or) I could verify the signing key carefully once, sign (or certify) it
+- (or) I could verify the signing key carefully once, sign (or certify) it
   by myself and in the future simply verify that my own key is valid (as I
   have been doing this a few times on the other side of dualbooting and at
   family).
@@ -33,30 +44,30 @@ control what people do with the signatures from this repository).
 
 ## Inclusion policy
 
-* I am reasonably certain that the key belongs to whom it claims to belong
+- I am reasonably certain that the key belongs to whom it claims to belong
   to or I trust the key to belong to whomever it belongs to.
-* I have some need of the key or have attended keysigning party with the
+- I have some need of the key or have attended keysigning party with the
   key owner.
-* `me/me.asc` is just my key and place where I try to keep all signatures it
+- `me/me.asc` is just my key and place where I try to keep all signatures it
   has received. Symlinks are legacy reasons and other me's are also me.
 
 ## Places to check for keys
 
-* GitHub, Gitea and GitLab expose user public keys when you append a `.gpg`
+- GitHub, Gitea and GitLab expose user public keys when you append a `.gpg`
   after their profile page (`.keys` for SSH).
-* [The Internet Archive's Waybackmachine](https://web.archive.org/) is always
+- [The Internet Archive's Waybackmachine](https://web.archive.org/) is always
   a good place too especially when using together with official websites.
-* Some people have similar projects or webpages for this purpose
-  * [Artemis' verify page](https://artemislena.eu/services/verify.html)
+- Some people have similar projects or webpages for this purpose
+  - [Artemis' verify page](https://artemislena.eu/services/verify.html)
 
 ## Mirrors
 
-* main: [git.blesmrt.net/Mikaela/pgp-alt-wot](https://gitea.blesmrt.net/mikaela/pgp-alt-wot/)
-* [git.piraattipuolue.fi/Mikaela/pgp-alt-wot](https://git.piraattipuolue.fi/mikaela/pgp-alt-wot)
-* [git.com.de/Mikaela/pgp-alt-wot](https://git.com.de/mikaela/pgp-alt-wot) ([onion](http://gitea.qzzf2qcfbhievvs5nzkccuwddroipy62qjocqtmgcgh75vd6w57m7yad.onion/Mikaela/pgp-alt-wot))
+- main: [git.blesmrt.net/Mikaela/pgp-alt-wot](https://gitea.blesmrt.net/mikaela/pgp-alt-wot/)
+- [git.piraattipuolue.fi/Mikaela/pgp-alt-wot](https://git.piraattipuolue.fi/mikaela/pgp-alt-wot)
+- [git.com.de/Mikaela/pgp-alt-wot](https://git.com.de/mikaela/pgp-alt-wot) ([onion](http://gitea.qzzf2qcfbhievvs5nzkccuwddroipy62qjocqtmgcgh75vd6w57m7yad.onion/Mikaela/pgp-alt-wot))
 
 ## See also
 
-* [Qubes OS: On Digital Signatures and Key Verification](https://www.qubes-os.org/security/verifying-signatures/)
-* [Finnish Digital and Population Services Agency certificate search](https://dvv.fineid.fi/certificate-search)
-  * S/MIME, not OpenPGP though
+- [Qubes OS: On Digital Signatures and Key Verification](https://www.qubes-os.org/security/verifying-signatures/)
+- [Finnish Digital and Population Services Agency certificate search](https://dvv.fineid.fi/certificate-search)
+  - S/MIME, not OpenPGP though