Merge "pre-commit: Integrate bandit"
This commit is contained in:
commit
9b62848ffe
@ -24,3 +24,8 @@ repos:
|
||||
- id: hacking
|
||||
additional_dependencies: []
|
||||
exclude: '^(doc|releasenotes|tools)/.*$'
|
||||
- repo: https://github.com/PyCQA/bandit
|
||||
rev: 1.7.6
|
||||
hooks:
|
||||
- id: bandit
|
||||
args: ['-x', 'tests', '--skip', 'B411']
|
||||
|
@ -1,7 +1,3 @@
|
||||
# The order of packages is significant, because pip processes them in the order
|
||||
# of appearance. Changing the order has an impact on the overall integration
|
||||
# process, which may cause wedges in the gate later.
|
||||
|
||||
# NOTE(harlowja): Because oslo.serialization is used by the client libraries,
|
||||
# we do not want to add a lot of dependencies to it. If you find that
|
||||
# adding a new feature to oslo.serialization means adding a new dependency,
|
||||
|
@ -1,15 +1,5 @@
|
||||
# The order of packages is significant, because pip processes them in the order
|
||||
# of appearance. Changing the order has an impact on the overall integration
|
||||
# process, which may cause wedges in the gate later.
|
||||
hacking>=3.0.1,<3.1.0 # Apache-2.0
|
||||
netaddr>=0.7.18 # BSD
|
||||
stestr>=2.0.0 # Apache-2.0
|
||||
|
||||
oslotest>=3.2.0 # Apache-2.0
|
||||
oslo.i18n>=3.15.3 # Apache-2.0
|
||||
coverage!=4.4,>=4.0 # Apache-2.0
|
||||
|
||||
# Bandit security code scanner
|
||||
bandit>=1.7.0,<1.8.0 # Apache-2.0
|
||||
|
||||
pre-commit>=2.6.0 # MIT
|
||||
|
Loading…
Reference in New Issue
Block a user