pre-commit: Integrate bandit

We also remove these unnecessary linter dependencies from
test-requirements.txt.

Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Change-Id: Icf2296c1ad1548ffe8be0610800f1c6c5d33c473
This commit is contained in:
Stephen Finucane 2023-12-21 15:32:59 +00:00 committed by Takashi Kajinami
parent c2a6d48828
commit 842e5d047c
4 changed files with 7 additions and 8 deletions

View File

@ -24,3 +24,8 @@ repos:
- id: hacking - id: hacking
additional_dependencies: [] additional_dependencies: []
exclude: '^(doc|releasenotes|tools)/.*$' exclude: '^(doc|releasenotes|tools)/.*$'
- repo: https://github.com/PyCQA/bandit
rev: 1.7.6
hooks:
- id: bandit
args: ['-x', 'tests']

View File

@ -52,4 +52,3 @@ paste.filter_factory =
http_proxy_to_wsgi = oslo_middleware:HTTPProxyToWSGI.factory http_proxy_to_wsgi = oslo_middleware:HTTPProxyToWSGI.factory
request_id = oslo_middleware:RequestId.factory request_id = oslo_middleware:RequestId.factory
sizelimit = oslo_middleware:RequestBodySizeLimiter.factory sizelimit = oslo_middleware:RequestBodySizeLimiter.factory

View File

@ -1,11 +1,6 @@
fixtures>=3.0.0 # Apache-2.0/BSD fixtures>=3.0.0 # Apache-2.0/BSD
hacking>=6.1.0,<6.2.0 # Apache-2.0
oslotest>=3.2.0 # Apache-2.0 oslotest>=3.2.0 # Apache-2.0
testtools>=2.2.0 # MIT testtools>=2.2.0 # MIT
coverage!=4.4,>=4.0 # Apache-2.0 coverage!=4.4,>=4.0 # Apache-2.0
oslo.serialization!=2.19.1,>=2.18.0 # Apache-2.0 oslo.serialization!=2.19.1,>=2.18.0 # Apache-2.0
# Bandit security code scanner
bandit>=1.7.0,<1.8.0 # Apache-2.0
stestr>=2.0.0 # Apache-2.0 stestr>=2.0.0 # Apache-2.0
pre-commit>=2.6.0 # MIT

View File

@ -11,10 +11,10 @@ deps =
commands = stestr run --slowest {posargs} commands = stestr run --slowest {posargs}
[testenv:pep8] [testenv:pep8]
deps =
pre-commit
commands = commands =
pre-commit run -a pre-commit run -a
# Run security linter
bandit -r oslo_middleware -x tests -n5
[testenv:venv] [testenv:venv]
commands = {posargs} commands = {posargs}