add bandit check; refactor tox config
This commit is contained in:
parent
0c02a5652f
commit
3865d38ca1
|
@ -11,3 +11,9 @@ repos:
|
||||||
rev: 23.7.0
|
rev: 23.7.0
|
||||||
hooks:
|
hooks:
|
||||||
- id: black
|
- id: black
|
||||||
|
- repo: https://github.com/PyCQA/bandit
|
||||||
|
rev: '1.7.5'
|
||||||
|
hooks:
|
||||||
|
- id: bandit
|
||||||
|
args: ["-c", "pyproject.toml"]
|
||||||
|
additional_dependencies: ["bandit[toml]"]
|
||||||
|
|
|
@ -33,6 +33,7 @@ lint = [
|
||||||
"pylint>=2.13.9",
|
"pylint>=2.13.9",
|
||||||
"types-PyYAML>=6.0.12.11",
|
"types-PyYAML>=6.0.12.11",
|
||||||
"mypy>=1.5.1",
|
"mypy>=1.5.1",
|
||||||
|
"bandit[toml]>=1.7.5",
|
||||||
]
|
]
|
||||||
|
|
||||||
[tool.pylint.main]
|
[tool.pylint.main]
|
||||||
|
@ -42,9 +43,11 @@ ignore-patterns = ["^\\.#"]
|
||||||
no-docstring-rgx = "^(test)?_"
|
no-docstring-rgx = "^(test)?_"
|
||||||
|
|
||||||
[tool.pylint."messages control"]
|
[tool.pylint."messages control"]
|
||||||
disable = ["raw-checker-failed", "bad-inline-option", "locally-disabled", "file-ignored", "suppressed-message", "useless-suppression", "deprecated-pragma", "use-symbolic-message-instead", "missing-module-docstring"]
|
disable = ["raw-checker-failed", "bad-inline-option", "locally-disabled", "file-ignored", "suppressed-message", "useless-suppression", "deprecated-pragma", "use-symbolic-message-instead", "missing-module-docstring", "missing-function-docstring"]
|
||||||
|
|
||||||
enable = ["c-extension-no-member"]
|
enable = ["c-extension-no-member"]
|
||||||
|
|
||||||
[tool.pylint.variables]
|
[tool.pylint.variables]
|
||||||
ignored-argument-names = "_.*|^ignored_|^unused_"
|
ignored-argument-names = "_.*|^ignored_|^unused_"
|
||||||
|
|
||||||
|
[tool.bandit]
|
||||||
|
exclude_dirs = ["tests", ".tox", ".venv"]
|
||||||
|
|
14
tox.ini
14
tox.ini
|
@ -1,5 +1,5 @@
|
||||||
[tox]
|
[tox]
|
||||||
envlist = py{39,310,311,py39}
|
envlist = pylint, mypy, bandit, py{39,310,311,py39}
|
||||||
isolated_build = True ; This is required for a pyproject.toml based project.
|
isolated_build = True ; This is required for a pyproject.toml based project.
|
||||||
|
|
||||||
[gh-actions]
|
[gh-actions]
|
||||||
|
@ -13,5 +13,15 @@ groups = ; Dependency groups in pyproject.toml
|
||||||
dev
|
dev
|
||||||
commands =
|
commands =
|
||||||
pytest --cov-report term-missing --cov-fail-under=100 --cov=operator_repo -v tests/
|
pytest --cov-report term-missing --cov-fail-under=100 --cov=operator_repo -v tests/
|
||||||
pylint --disable=missing-module-docstring,missing-function-docstring src
|
|
||||||
|
[testenv:pylint]
|
||||||
|
commands =
|
||||||
|
pylint src
|
||||||
|
|
||||||
|
[testenv:mypy]
|
||||||
|
commands =
|
||||||
mypy --strict src tests
|
mypy --strict src tests
|
||||||
|
|
||||||
|
[testenv:bandit]
|
||||||
|
commands =
|
||||||
|
bandit -c pyproject.toml -r .
|
||||||
|
|
Loading…
Reference in New Issue