NHSDigital
diff --git a/‎.gitallowed‎
Lines changed: 0 additions & 17 deletions b/‎.gitallowed‎
Lines changed: 0 additions & 17 deletions
diff --git a/‎.pre-commit-config.yaml‎
Lines changed: 15 additions & 16 deletions b/‎.pre-commit-config.yaml‎
Lines changed: 15 additions & 16 deletions
@@ -26,7 +26,7 @@ repos:
       - id: grype-scan-local
         name: Grype scan local changes
         entry: make
-        args: ["grype-scan-local"]
+        args: [ "grype-scan-local" ]
         language: system
         pass_filenames: false
         always_run: true
@@ -54,49 +54,48 @@ repos:
       - id: lint-githubactions
         name: Lint github actions
         entry: make
-        args: ["actionlint"]
+        args: [ "actionlint" ]
         language: system
         files: ^.github
-        types_or: [yaml]
+        types_or: [ yaml ]
         pass_filenames: false
 
       - id: lint-githubaction-scripts
         name: Lint github action scripts
         entry: make
-        args: ["shellcheck"]
+        args: [ "shellcheck" ]
         language: system
         files: ^.github/scripts
-        types_or: [sh, shell]
+        types_or: [ sh, shell ]
         pass_filenames: false
 
       - id: lint-cdkConstructs
         name: Lint cdkConstructs
         entry: npm
-        args: ["run", "--prefix=packages/cdkConstructs", "lint"]
+        args: [ "run", "--prefix=packages/cdkConstructs", "lint" ]
         language: system
         files: ^packages\/cdkConstructs
-        types_or: [ts, tsx, javascript, jsx, json]
+        types_or: [ ts, tsx, javascript, jsx, json ]
         pass_filenames: false
 
       - id: lint-deploymentUtils
         name: Lint deploymentUtils
         entry: npm
-        args: ["run", "--prefix=packages/deploymentUtils", "lint"]
+        args: [ "run", "--prefix=packages/deploymentUtils", "lint" ]
         language: system
         files: ^packages\/deploymentUtils
-        types_or: [ts, tsx, javascript, jsx, json]
+        types_or: [ ts, tsx, javascript, jsx, json ]
         pass_filenames: false
 
-  - repo: local
-    hooks:
-      - id: git-secrets
-        name: Git Secrets
-        description: git-secrets scans commits, commit messages, and --no-ff merges to prevent adding secrets into your git repositories.
+      - id: gitleaks
+        name: Git Leaks
+        description: gitleaks scans commits, commit messages, and --no-ff merges to
+          prevent adding secrets into your git repositories.
         entry: bash
         args:
           - -c
-          - "git-secrets --pre_commit_hook"
+          - "gitleaks git --pre-commit --redact --staged --verbose"
         language: system
 
 fail_fast: true
-default_stages: [pre-commit]
+default_stages: [ pre-commit ]