chore(deps-dev): Bump ruff from 0.3.0 to 0.3.6 (#539)

* chore(deps-dev): Bump ruff from 0.3.0 to 0.3.6 Bumps [ruff](https://github.com/astral-sh/ruff) from 0.3.0 to 0.3.6. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@v0.3.0...v0.3.6) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * chore: fix linting Signed-off-by: Weston Steimel <commits@weston.slmail.me> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Weston Steimel <commits@weston.slmail.me> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Weston Steimel <commits@weston.slmail.me>
anchore · Apr 12, 2024 · 37e89ec · 37e89ec
1 parent 29d5745
commit 37e89ec
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 23 deletions.
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -77,7 +77,7 @@ types-requests = "^2.28.11.7"
 mypy = "^1.1"
 radon = ">=5.1,<7.0"
 dunamai = "^1.15.0"
-ruff = ">=0.0.254,<0.3.1"
+ruff = ">=0.0.254,<0.3.7"
 yardstick = {git = "https://github.com/anchore/yardstick", rev = "v0.9.2"}
 tabulate = "0.9.0"
 tox = "^4.11.3"

diff --git a/src/vunnel/providers/ubuntu/parser.py b/src/vunnel/providers/ubuntu/parser.py
@@ -535,7 +535,7 @@ def map_parsed(parsed_cve: CVEFile, logger: logging.Logger | None = None):  # no
                 pkg.Version = p.version
                 if pkg.Version is None:
                     logger.debug(
-                        'found CVE {} in ubuntu version {} with "released" status for pkg {} but no version for release. Released patches should have version info, but missing in source data. Marking package as not vulnerable'.format(  # noqa: E501, G001
+                        'found CVE {} in ubuntu version {} with "released" status for pkg {} but no version for release. Released patches should have version info, but missing in source data. Marking package as not vulnerable'.format(  # noqa: E501, G001, UP032
                             r.Name,
                             r.NamespaceName,
                             pkg.Name,
@@ -850,7 +850,7 @@ def _reprocess_merged_cve(self, cve_id: str, cve_rel_path: str):
                     merged_patches.extend(resolved_patches)
                     if pending_dpt_list:
                         self.logger.debug(
-                            "exhausted all revisions for {} but could not resolve patches: {}".format(  # noqa: G001
+                            "exhausted all revisions for {} but could not resolve patches: {}".format(  # noqa: UP032, G001
                                 cve_rel_path,
                                 [to_be_merged_map[x] for x in pending_dpt_list],
                             ),

diff --git a/src/vunnel/utils/oval_parser.py b/src/vunnel/utils/oval_parser.py
@@ -183,7 +183,7 @@ def _process_definition(def_element, vuln_dict, config: Config):  # noqa: PLR091
         if (name, ns_name) in vuln_dict:
             existing_version, _ = vuln_dict[(name, ns_name)]
             logger.debug(
-                "Found an existing record for {} under {}. Version attribute of definition oval element: existing: {}, new: {}".format(  # noqa: G001
+                "Found an existing record for {} under {}. Version attribute of definition oval element: existing: {}, new: {}".format(  # noqa: UP032, G001
                     name,
                     ns_name,
                     existing_version,