pre-commit: Integrate bandit
We also remove these unnecessary linter dependencies from test-requirements.txt. Change-Id: I6c3c5fcc329c46054a144557a79c4b3c6ca383b5 Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
This commit is contained in:
parent
5587e9555e
commit
7f90f0cabd
@ -24,3 +24,8 @@ repos:
|
|||||||
- id: hacking
|
- id: hacking
|
||||||
additional_dependencies: []
|
additional_dependencies: []
|
||||||
exclude: '^(doc|releasenotes|tools)/.*$'
|
exclude: '^(doc|releasenotes|tools)/.*$'
|
||||||
|
- repo: https://github.com/PyCQA/bandit
|
||||||
|
rev: 1.7.6
|
||||||
|
hooks:
|
||||||
|
- id: bandit
|
||||||
|
args: ['-x', 'tests', '--skip', 'B411']
|
||||||
|
@ -1,7 +1,3 @@
|
|||||||
# The order of packages is significant, because pip processes them in the order
|
|
||||||
# of appearance. Changing the order has an impact on the overall integration
|
|
||||||
# process, which may cause wedges in the gate later.
|
|
||||||
|
|
||||||
# NOTE(harlowja): Because oslo.serialization is used by the client libraries,
|
# NOTE(harlowja): Because oslo.serialization is used by the client libraries,
|
||||||
# we do not want to add a lot of dependencies to it. If you find that
|
# we do not want to add a lot of dependencies to it. If you find that
|
||||||
# adding a new feature to oslo.serialization means adding a new dependency,
|
# adding a new feature to oslo.serialization means adding a new dependency,
|
||||||
|
@ -1,15 +1,5 @@
|
|||||||
# The order of packages is significant, because pip processes them in the order
|
|
||||||
# of appearance. Changing the order has an impact on the overall integration
|
|
||||||
# process, which may cause wedges in the gate later.
|
|
||||||
hacking>=3.0.1,<3.1.0 # Apache-2.0
|
|
||||||
netaddr>=0.7.18 # BSD
|
netaddr>=0.7.18 # BSD
|
||||||
stestr>=2.0.0 # Apache-2.0
|
stestr>=2.0.0 # Apache-2.0
|
||||||
|
|
||||||
oslotest>=3.2.0 # Apache-2.0
|
oslotest>=3.2.0 # Apache-2.0
|
||||||
oslo.i18n>=3.15.3 # Apache-2.0
|
oslo.i18n>=3.15.3 # Apache-2.0
|
||||||
coverage!=4.4,>=4.0 # Apache-2.0
|
coverage!=4.4,>=4.0 # Apache-2.0
|
||||||
|
|
||||||
# Bandit security code scanner
|
|
||||||
bandit>=1.7.0,<1.8.0 # Apache-2.0
|
|
||||||
|
|
||||||
pre-commit>=2.6.0 # MIT
|
|
||||||
|
4
tox.ini
4
tox.ini
@ -10,10 +10,10 @@ deps =
|
|||||||
commands = stestr run --slowest {posargs}
|
commands = stestr run --slowest {posargs}
|
||||||
|
|
||||||
[testenv:pep8]
|
[testenv:pep8]
|
||||||
|
deps =
|
||||||
|
pre-commit
|
||||||
commands =
|
commands =
|
||||||
pre-commit run -a
|
pre-commit run -a
|
||||||
# Run security linter
|
|
||||||
bandit -r oslo_serialization tests -n5 --skip B411
|
|
||||||
|
|
||||||
[testenv:venv]
|
[testenv:venv]
|
||||||
commands = {posargs}
|
commands = {posargs}
|
||||||
|
Loading…
Reference in New Issue
Block a user