From 487d38eafeb30db49148011d894a6d086211f603 Mon Sep 17 00:00:00 2001 From: Benjamin Renard Date: Wed, 29 Nov 2023 18:47:47 +0100 Subject: [PATCH] Upgrade pre-commit hooks and introduce bandit hook --- .pre-commit-config.yaml | 61 ++++++++++++++++++++++------------------- check_forgejo_upgrade | 6 ++-- 2 files changed, 36 insertions(+), 31 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 3d94036..86eac21 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,31 +1,36 @@ # Pre-commit hooks to run tests and ensure code is cleaned. # See https://pre-commit.com for more information repos: -- repo: local - hooks: - - id: pylint - name: pylint - entry: pylint - language: system - types: [python] - require_serial: true -- repo: https://github.com/PyCQA/flake8 - rev: 6.0.0 - hooks: - - id: flake8 - args: ['--max-line-length=100'] -- repo: https://github.com/asottile/pyupgrade - rev: v3.3.1 - hooks: - - id: pyupgrade - args: ['--keep-percent-format', '--py37-plus'] -- repo: https://github.com/psf/black - rev: 22.12.0 - hooks: - - id: black - args: ['--target-version', 'py37', '--line-length', '100'] -- repo: https://github.com/PyCQA/isort - rev: 5.12.0 - hooks: - - id: isort - args: ['--profile', 'black', '--line-length', '100'] +- repo: https://github.com/asottile/pyupgrade + rev: v3.15.0 + hooks: + - id: pyupgrade + args: ['--keep-percent-format', '--py37-plus'] +- repo: https://github.com/psf/black + rev: 23.11.0 + hooks: + - id: black + args: ['--target-version', 'py37', '--line-length', '100'] +- repo: https://github.com/PyCQA/isort + rev: 5.12.0 + hooks: + - id: isort + args: ['--profile', 'black', '--line-length', '100'] +- repo: https://github.com/PyCQA/flake8 + rev: 6.1.0 + hooks: + - id: flake8 + args: ['--max-line-length=100'] +- repo: local + hooks: + - id: pylint + name: pylint + entry: pylint + language: system + types: [python] + require_serial: true +- repo: https://github.com/PyCQA/bandit + rev: 1.7.5 + hooks: + - id: bandit + args: [--skip, "B101", --recursive, "mylib"] diff --git a/check_forgejo_upgrade b/check_forgejo_upgrade index 5b982a8..7bf65b1 100755 --- a/check_forgejo_upgrade +++ b/check_forgejo_upgrade @@ -21,7 +21,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. import argparse import logging import re -import subprocess +import subprocess # nosec import sys import requests @@ -59,7 +59,7 @@ logging.debug("Command use to retreive current version of Forgejo: %s", " ".join OUTPUT = None EXCEPTION = None try: - OUTPUT = subprocess.check_output(cmd) + OUTPUT = subprocess.check_output(cmd) # nosec logging.debug("Output:\n%s", OUTPUT) m = re.search("version ([^ ]+) built", OUTPUT.decode("utf8", errors="ignore")) if m: @@ -106,7 +106,7 @@ try: LATEST_INT = version_int else: logging.debug("Version %s considered as oldest than %s", version, LATEST) -except Exception: # pylint: disable=broad-except +except Exception: # pylint: disable=broad-except # nosec pass logging.debug("Latest version: %s", LATEST)