From 3865d38ca1fde91753627ca90ddb24f9611d0444 Mon Sep 17 00:00:00 2001 From: Maurizio Porrato Date: Sat, 19 Aug 2023 10:13:58 +0100 Subject: [PATCH] add bandit check; refactor tox config --- .pre-commit-config.yaml | 6 ++++++ pyproject.toml | 7 +++++-- tox.ini | 14 ++++++++++++-- 3 files changed, 23 insertions(+), 4 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 898476d..5428477 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -11,3 +11,9 @@ repos: rev: 23.7.0 hooks: - id: black + - repo: https://github.com/PyCQA/bandit + rev: '1.7.5' + hooks: + - id: bandit + args: ["-c", "pyproject.toml"] + additional_dependencies: ["bandit[toml]"] diff --git a/pyproject.toml b/pyproject.toml index d7e17d0..9e29608 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -33,6 +33,7 @@ lint = [ "pylint>=2.13.9", "types-PyYAML>=6.0.12.11", "mypy>=1.5.1", + "bandit[toml]>=1.7.5", ] [tool.pylint.main] @@ -42,9 +43,11 @@ ignore-patterns = ["^\\.#"] no-docstring-rgx = "^(test)?_" [tool.pylint."messages control"] -disable = ["raw-checker-failed", "bad-inline-option", "locally-disabled", "file-ignored", "suppressed-message", "useless-suppression", "deprecated-pragma", "use-symbolic-message-instead", "missing-module-docstring"] - +disable = ["raw-checker-failed", "bad-inline-option", "locally-disabled", "file-ignored", "suppressed-message", "useless-suppression", "deprecated-pragma", "use-symbolic-message-instead", "missing-module-docstring", "missing-function-docstring"] enable = ["c-extension-no-member"] [tool.pylint.variables] ignored-argument-names = "_.*|^ignored_|^unused_" + +[tool.bandit] +exclude_dirs = ["tests", ".tox", ".venv"] diff --git a/tox.ini b/tox.ini index aac50eb..212a8ac 100644 --- a/tox.ini +++ b/tox.ini @@ -1,5 +1,5 @@ [tox] -envlist = py{39,310,311,py39} +envlist = pylint, mypy, bandit, py{39,310,311,py39} isolated_build = True ; This is required for a pyproject.toml based project. [gh-actions] @@ -13,5 +13,15 @@ groups = ; Dependency groups in pyproject.toml dev commands = pytest --cov-report term-missing --cov-fail-under=100 --cov=operator_repo -v tests/ - pylint --disable=missing-module-docstring,missing-function-docstring src + +[testenv:pylint] +commands = + pylint src + +[testenv:mypy] +commands = mypy --strict src tests + +[testenv:bandit] +commands = + bandit -c pyproject.toml -r .