Upgrade pre-commit hooks and introduce bandit hook
All checks were successful
ci/woodpecker/manual/woodpecker Pipeline was successful
ci/woodpecker/tag/woodpecker Pipeline was successful

This commit is contained in:
Benjamin Renard 2023-11-29 18:47:47 +01:00
parent dba77147a5
commit 487d38eafe
Signed by: bn8
GPG key ID: 3E2E1CE1907115BC
2 changed files with 36 additions and 31 deletions

View file

@ -1,31 +1,36 @@
# Pre-commit hooks to run tests and ensure code is cleaned.
# See https://pre-commit.com for more information
repos:
- repo: local
hooks:
- id: pylint
name: pylint
entry: pylint
language: system
types: [python]
require_serial: true
- repo: https://github.com/PyCQA/flake8
rev: 6.0.0
hooks:
- id: flake8
args: ['--max-line-length=100']
- repo: https://github.com/asottile/pyupgrade
rev: v3.3.1
hooks:
- id: pyupgrade
args: ['--keep-percent-format', '--py37-plus']
- repo: https://github.com/psf/black
rev: 22.12.0
hooks:
- id: black
args: ['--target-version', 'py37', '--line-length', '100']
- repo: https://github.com/PyCQA/isort
rev: 5.12.0
hooks:
- id: isort
args: ['--profile', 'black', '--line-length', '100']
- repo: https://github.com/asottile/pyupgrade
rev: v3.15.0
hooks:
- id: pyupgrade
args: ['--keep-percent-format', '--py37-plus']
- repo: https://github.com/psf/black
rev: 23.11.0
hooks:
- id: black
args: ['--target-version', 'py37', '--line-length', '100']
- repo: https://github.com/PyCQA/isort
rev: 5.12.0
hooks:
- id: isort
args: ['--profile', 'black', '--line-length', '100']
- repo: https://github.com/PyCQA/flake8
rev: 6.1.0
hooks:
- id: flake8
args: ['--max-line-length=100']
- repo: local
hooks:
- id: pylint
name: pylint
entry: pylint
language: system
types: [python]
require_serial: true
- repo: https://github.com/PyCQA/bandit
rev: 1.7.5
hooks:
- id: bandit
args: [--skip, "B101", --recursive, "mylib"]

View file

@ -21,7 +21,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
import argparse
import logging
import re
import subprocess
import subprocess # nosec
import sys
import requests
@ -59,7 +59,7 @@ logging.debug("Command use to retreive current version of Forgejo: %s", " ".join
OUTPUT = None
EXCEPTION = None
try:
OUTPUT = subprocess.check_output(cmd)
OUTPUT = subprocess.check_output(cmd) # nosec
logging.debug("Output:\n%s", OUTPUT)
m = re.search("version ([^ ]+) built", OUTPUT.decode("utf8", errors="ignore"))
if m:
@ -106,7 +106,7 @@ try:
LATEST_INT = version_int
else:
logging.debug("Version %s considered as oldest than %s", version, LATEST)
except Exception: # pylint: disable=broad-except
except Exception: # pylint: disable=broad-except # nosec
pass
logging.debug("Latest version: %s", LATEST)