pre-commit: Bump versions

... and use native hooks for bandit and hacking Change-Id: I2fcd2cf1bb2cfa23071cdbda14535e9e72884726
2024-10-21 19:54:10 +09:00 · 2024-10-21 19:54:10 +09:00 · 7f52894bbe
commit 7f52894bbe
parent 930d97599c
3 changed files with 12 additions and 34 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -1,15 +1,6 @@
-# We from the Oslo project decided to pin repos based on the
-# commit hash instead of the version tag to prevend arbitrary
-# code from running in developer's machines.  To update to a
-# newer version, run `pre-commit autoupdate` and then replace
-# the newer versions with their commit hash.
-
-default_language_version:
-  python: python3
-
 repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: 9136088a246768144165fcc3ecc3d31bb686920a # v3.3.0
+    rev: v5.0.0
    hooks:
      - id: trailing-whitespace
      # Replaces or checks mixed line ending
@ -27,13 +18,13 @@ repos:
      - id: debug-statements
      - id: check-yaml
        files: .*\.(yaml|yml)$
-  - repo: local
+  - repo: https://opendev.org/openstack/hacking
+    rev: 7.0.0
    hooks:
-      - id: flake8
-        name: flake8
-        additional_dependencies:
-          - hacking>=6.1.0,<=6.2.0
-        language: python
-        entry: flake8
-        files: '^.*\.py$'
-        exclude: '^(doc|releasenotes|tools)/.*$'
+      - id: hacking
+        additional_dependencies: []
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.7.10
+    hooks:
+      - id: bandit
+        args: ['-x', 'tests,tools']
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -1,9 +1,5 @@
-# Hacking already pins down pep8, pyflakes and flake8
-hacking>=6.1.0,<=6.2.0 # Apache-2.0
-
 fixtures>=3.0.0 # Apache-2.0/BSD
 stestr>=2.0.0 # Apache-2.0
-pre-commit>=2.6.0 # MIT
 testscenarios>=0.4 # Apache-2.0/BSD
 testtools>=2.2.0 # MIT
 oslotest>=3.2.0 # Apache-2.0
@ -18,8 +14,5 @@ coverage>=4.0 # Apache-2.0
 # development libraries.
 pyngus>=2.2.0 # Apache-2.0

-# Bandit security code scanner
-bandit>=1.7.0,<1.8.0 # Apache-2.0
-
 eventlet>=0.23.0 # MIT
 greenlet>=0.4.15 # MIT
--- a/tox.ini
+++ b/tox.ini
@ -15,10 +15,10 @@ commands =
  stestr run --slowest {posargs}

 [testenv:pep8]
+deps =
+  pre-commit>=2.6.0 # MIT
 commands =
  pre-commit run -a
-  # run security linter
-  bandit -r oslo_messaging -x tests -n5

 [testenv:cover]
 setenv =
@ -68,12 +68,6 @@ allowlist_externals =
 commands =
  {toxinidir}/tools/setup-scenario-env.sh stestr run --slowest {posargs:oslo_messaging.tests.functional}

-[testenv:bandit]
-# NOTE(kgiusti): This is required for the integration test job of the bandit
-# project. Please do not remove.
-commands =
-  bandit -r oslo_messaging -x tests -n5
-
 [flake8]
 show-source = True
 enable-extensions = H203,H106