ad1863e5b9
Expand Ruff lint scope to include security checks and remove Bandit from pre-commit. Fix residual style issues to comply with OpenStack rules (79-char lines, delayed logging interpolation). Key changes: - Drop Bandit pre-commit hook; rely on Ruff S-rules - Add S-rule suppressions where usage is intentional (subprocess, mark_safe) - Convert f-string logs to delayed interpolation and wrap lines - Update .pre-commit-config.yaml and project config accordingly Assisted-By: cursor gpt5 Change-Id: I83f78535c1bd2f8bf9bff3247acb52ef744ec416 Signed-off-by: Sean Mooney <work@seanmooney.info>
29 lines
824 B
TOML
29 lines
824 B
TOML
[build-system]
|
|
requires = ["pbr>=6.0.0", "setuptools>=64.0.0"]
|
|
build-backend = "pbr.build"
|
|
|
|
|
|
[tool.ruff]
|
|
line-length = 79
|
|
target-version = "py310"
|
|
[tool.ruff.lint]
|
|
select = ["E4", "E7", "E9", "F", "S", "U", "W", "C90"]
|
|
ignore = [
|
|
# we only use asserts for type narrowing
|
|
"S101",
|
|
# we do not use random number geneerators for crypto
|
|
"S311",
|
|
# S104 Possible binding to all interfaces
|
|
"S104",
|
|
# S105 Possible hardcoded password assigned to variable"
|
|
"S105",
|
|
# S106 Possible hardcoded password assigned to argument
|
|
"S106",
|
|
# S110 `try`-`except`-`pass` detected, consider logging the exception
|
|
"S110",
|
|
]
|
|
[tool.ruff.lint.per-file-ignores]
|
|
"watcher_dashboard/tests/*" = ["S"]
|
|
[tool.ruff.lint.mccabe]
|
|
# Flag errors (`C901`) whenever the complexity level exceeds 5.
|
|
max-complexity = 20 |