Upgrade docker image to Bookworm, upgrade hooks and add bandit hook

2023-11-24 10:30:58 +01:00 · 2023-11-24 10:30:58 +01:00 · 9c98287a6a
parent 5e015a0742
commit 9c98287a6a
2 changed files with 36 additions and 29 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -1,6 +1,39 @@
 # Pre-commit hooks to run tests and ensure code is cleaned.
 # See https://pre-commit.com for more information
 repos:
+- repo: https://github.com/asottile/pyupgrade
+  rev: v3.15.0
+  hooks:
+  - id: pyupgrade
+    args: ['--keep-percent-format', '--py37-plus']
+- repo: https://github.com/psf/black
+  rev: 23.11.0
+  hooks:
+  - id: black
+    args: ['--target-version', 'py37', '--line-length', '100']
+- repo: https://github.com/PyCQA/isort
+  rev: 5.12.0
+  hooks:
+  - id: isort
+    args: ['--profile', 'black', '--line-length', '100']
+- repo: https://github.com/PyCQA/flake8
+  rev: 6.1.0
+  hooks:
+  - id: flake8
+    args: ['--max-line-length=100']
+- repo: local
+  hooks:
+  - id: pylint
+    name: pylint
+    entry: pylint
+    language: system
+    types: [python]
+    require_serial: true
+- repo: https://github.com/PyCQA/bandit
+  rev: 1.7.5
+  hooks:
+  - id: bandit
+    args: [--skip, "B101", --recursive, "mylib"]
 #-   repo: local
 #    hooks:
 #    -   id: pytest
@ -9,31 +42,4 @@ repos:
 #        language: system
 #        types: [python]
 #        pass_filenames: false
-   repo: local
-    hooks:
-    -   id: pylint
-        name: pylint
-        entry: pylint
-        language: system
-        types: [python]
-        require_serial: true
-   repo: https://github.com/PyCQA/flake8
-    rev: 6.0.0
-    hooks:
-    -   id: flake8
-        args: ['--max-line-length=100']
-   repo: https://github.com/asottile/pyupgrade
-    rev: v3.3.1
-    hooks:
-    - id: pyupgrade
-      args: ['--keep-percent-format', '--py37-plus']
-   repo: https://github.com/psf/black
-    rev: 22.12.0
-    hooks:
-    - id: black
-      args: ['--target-version', 'py37', '--line-length', '100']
-   repo: https://github.com/PyCQA/isort
-    rev: 5.12.0
-    hooks:
-    - id: isort
-      args: ['--profile', 'black', '--line-length', '100']
+minimum_pre_commit_version: 3.2.0
--- a/3
+++ b/3
@ -1,6 +1,7 @@
 from debian:stable-slim

-RUN apt-get update && apt-get install --no-install-recommends -y python3-all python3-dev python3-pip python3-venv build-essential pylint3 git pre-commit && apt-get clean && rm -fr rm -rf /var/lib/apt/lists/*
+RUN apt-get update && apt-get install --no-install-recommends -y python3-all python3-dev python3-pip python3-venv build-essential pylint git && apt-get clean && rm -fr rm -rf /var/lib/apt/lists/*
+RUN pip install pre-commit --break-system-packages
 RUN mkdir /tmp/src
 COPY .pre-commit-config.yaml fake_python_module /tmp/src/
 RUN cd /tmp/src && git init && git add * && pre-commit autoupdate && pre-commit run --all-files && rm -fr /tmp/src