From 14ea68e4b88a5ee8861a8581c52a9b7216aaaec8 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Mon, 21 Oct 2024 19:45:12 +0900 Subject: [PATCH] pre-commit: Bump versions ... and use native hooks for bandit and hacking Change-Id: I61d864d808d355161d6c8fffe78108963d51ea18 --- .pre-commit-config.yaml | 29 ++++++++++------------------- test-requirements.txt | 6 ------ tox.ini | 4 +--- 3 files changed, 11 insertions(+), 28 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 9b908c6..85377ed 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,15 +1,6 @@ -# We from the Oslo project decided to pin repos based on the -# commit hash instead of the version tag to prevend arbitrary -# code from running in developer's machines. To update to a -# newer version, run `pre-commit autoupdate` and then replace -# the newer versions with their commit hash. - -default_language_version: - python: python3 - repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: 9136088a246768144165fcc3ecc3d31bb686920a # v3.3.0 + rev: v5.0.0 hooks: - id: trailing-whitespace # Replaces or checks mixed line ending @@ -27,13 +18,13 @@ repos: - id: debug-statements - id: check-yaml files: .*\.(yaml|yml)$ - - repo: local + - repo: https://opendev.org/openstack/hacking + rev: 7.0.0 hooks: - - id: flake8 - name: flake8 - additional_dependencies: - - hacking>=6.1.0,<6.2.0 - language: python - entry: flake8 - files: '^.*\.py$' - exclude: '^(doc|releasenotes|tools)/.*$' + - id: hacking + additional_dependencies: [] + - repo: https://github.com/PyCQA/bandit + rev: 1.7.10 + hooks: + - id: bandit + args: ['-x', 'tests'] diff --git a/test-requirements.txt b/test-requirements.txt index 9e7302d..7a5f4ac 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -1,11 +1,5 @@ fixtures>=3.0.0 # Apache-2.0/BSD -hacking>=6.1.0,<6.2.0 # Apache-2.0 oslotest>=3.2.0 # Apache-2.0 stestr>=1.0.0 # Apache-2.0 coverage>=4.0 # Apache-2.0 - -# Bandit security code scanner -bandit>=1.7.0,<1.8.0 # Apache-2.0 - -pre-commit>=2.6.0 # MIT diff --git a/tox.ini b/tox.ini index 9e084c1..320c848 100644 --- a/tox.ini +++ b/tox.ini @@ -15,11 +15,9 @@ commands = [testenv:pep8] deps = - -r{toxinidir}/test-requirements.txt + pre-commit>=2.6.0 # MIT commands = pre-commit run -a - # Run security linter - bandit -r oslo_limit tests -n5 [testenv:venv] commands = {posargs}