pre-commit: Integrate bandit

We also remove these unnecessary linter dependencies from
test-requirements.txt.

Co-Authored-By: Stephen Finucane <sfinucan@redhat.com>
Change-Id: Ie797e48fb9d04649fa70e3d5c2f4161d123ed8f5
This commit is contained in:
Takashi Kajinami 2024-02-06 15:18:54 +09:00
parent de07539a7b
commit a892465f19
3 changed files with 7 additions and 10 deletions

View File

@ -23,3 +23,8 @@ repos:
hooks: hooks:
- id: hacking - id: hacking
additional_dependencies: [] additional_dependencies: []
- repo: https://github.com/PyCQA/bandit
rev: 1.7.6
hooks:
- id: bandit
args: ['-x', 'tests']

View File

@ -4,11 +4,6 @@ oslotest>=3.3.0 # Apache-2.0
coverage>=4.5.1 # Apache-2.0 coverage>=4.5.1 # Apache-2.0
# Bandit security code scanner
bandit>=1.7.0,<1.8.0 # Apache-2.0
fixtures>=3.0.0 # Apache-2.0/BSD fixtures>=3.0.0 # Apache-2.0/BSD
pre-commit>=2.6.0 # MIT
eventlet>=0.30.1,!=0.32.0 # MIT eventlet>=0.30.1,!=0.32.0 # MIT

View File

@ -16,10 +16,10 @@ commands =
stestr slowest stestr slowest
[testenv:pep8] [testenv:pep8]
deps =
pre-commit
commands = commands =
pre-commit run -a pre-commit run -a
# Run security linter
bandit -r oslo_log -x tests -n5
[testenv:venv] [testenv:venv]
commands = {posargs} commands = {posargs}
@ -51,9 +51,6 @@ commands =
coverage xml -o cover/coverage.xml coverage xml -o cover/coverage.xml
coverage report --show-missing coverage report --show-missing
[testenv:bandit]
commands = bandit -r oslo_log -x tests -n5
[flake8] [flake8]
# E123, E125 skipped as they are invalid PEP-8. # E123, E125 skipped as they are invalid PEP-8.
# W503, W504 skipped: https://www.python.org/dev/peps/pep-0008/#should-a-line-break-before-or-after-a-binary-operator # W503, W504 skipped: https://www.python.org/dev/peps/pep-0008/#should-a-line-break-before-or-after-a-binary-operator