pre-commit: Integrate bandit

We also remove these unnecessary linter dependencies from test-requirements.txt. Signed-off-by: Stephen Finucane <stephenfin@redhat.com> Change-Id: Icf2296c1ad1548ffe8be0610800f1c6c5d33c473
2023-12-21 15:32:59 +00:00 · 2023-12-21 15:32:59 +00:00 · 842e5d047c
commit 842e5d047c
parent c2a6d48828
4 changed files with 7 additions and 8 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -24,3 +24,8 @@ repos:
      - id: hacking
        additional_dependencies: []
        exclude: '^(doc|releasenotes|tools)/.*$'
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.7.6
+    hooks:
+      - id: bandit
+        args: ['-x', 'tests']
--- a/setup.cfg
+++ b/setup.cfg
@ -52,4 +52,3 @@ paste.filter_factory =
    http_proxy_to_wsgi = oslo_middleware:HTTPProxyToWSGI.factory
    request_id = oslo_middleware:RequestId.factory
    sizelimit = oslo_middleware:RequestBodySizeLimiter.factory
-
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -1,11 +1,6 @@
 fixtures>=3.0.0 # Apache-2.0/BSD
-hacking>=6.1.0,<6.2.0 # Apache-2.0
 oslotest>=3.2.0 # Apache-2.0
 testtools>=2.2.0 # MIT
 coverage!=4.4,>=4.0 # Apache-2.0
 oslo.serialization!=2.19.1,>=2.18.0 # Apache-2.0
-# Bandit security code scanner
-bandit>=1.7.0,<1.8.0 # Apache-2.0
 stestr>=2.0.0 # Apache-2.0
-
-pre-commit>=2.6.0 # MIT
--- a/tox.ini
+++ b/tox.ini
@ -11,10 +11,10 @@ deps =
 commands = stestr run --slowest {posargs}

 [testenv:pep8]
+deps =
+  pre-commit
 commands =
  pre-commit run -a
-  # Run security linter
-  bandit -r oslo_middleware -x tests -n5

 [testenv:venv]
 commands = {posargs}