Made Bandit exclude test dirs

This removes the need for the `nosec` comments in files inside those directories. Also, the existing `-x` arg doesn't seem to work anymore, so this fixes that.
jazzband · May 5, 2024 · 733f4e0 · 733f4e0
1 parent c9963aa
commit 733f4e0
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 10 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -4,8 +4,7 @@ repos:
     rev: 1.7.8
     hooks:
       - id: bandit
-        args:
-          - "-x *test*.py"
+        exclude: /.*tests/
 
   - repo: https://github.com/psf/black-pre-commit-mirror
     rev: 24.3.0

diff --git a/simple_history/registry_tests/tests.py b/simple_history/registry_tests/tests.py
@@ -51,7 +51,7 @@ def get_history(model):
 
         self.assertRaises(AttributeError, get_history, User)
         self.assertEqual(len(User.histories.all()), 0)
-        user = User.objects.create(username="bob", password="pass")  # nosec
+        user = User.objects.create(username="bob", password="pass")
         self.assertEqual(len(User.histories.all()), 1)
         self.assertEqual(len(user.histories.all()), 1)
 

diff --git a/simple_history/tests/generated_file_checks/check_translations.py b/simple_history/tests/generated_file_checks/check_translations.py
@@ -1,4 +1,4 @@
-import subprocess  # nosec
+import subprocess
 import sys
 from glob import glob
 from pathlib import Path
@@ -44,12 +44,12 @@ def main():
     call_command("compilemessages")
 
     log("\nRunning 'git status'...")
-    result = subprocess.run(  # nosec
+    result = subprocess.run(
         ["git", "status", "--porcelain"],
         check=True,
         stdout=subprocess.PIPE,
     )
-    assert result.stderr is None  # nosec
+    assert result.stderr is None
     stdout = result.stdout.decode()
     if stdout:
         log_err(f"Unexpected changes found in the workspace:\n\n{stdout}")
@@ -61,7 +61,7 @@ def main():
         sys.exit(1)
     else:
         # Print the human-readable status to the console
-        subprocess.run(["git", "status"])  # nosec
+        subprocess.run(["git", "status"])
 
 
 if __name__ == "__main__":

diff --git a/simple_history/tests/tests/test_models.py b/simple_history/tests/tests/test_models.py
@@ -2462,7 +2462,7 @@ class MultiDBExplicitHistoryUserIDTest(TestCase):
     databases = {"default", "other"}
 
     def setUp(self):
-        self.user = get_user_model().objects.create(  # nosec
+        self.user = get_user_model().objects.create(
             username="username", email="username@test.com", password="top_secret"
         )
 
@@ -2503,10 +2503,10 @@ def test_history_user_does_not_exist(self):
 
 class RelatedNameTest(TestCase):
     def setUp(self):
-        self.user_one = get_user_model().objects.create(  # nosec
+        self.user_one = get_user_model().objects.create(
             username="username_one", email="first@user.com", password="top_secret"
         )
-        self.user_two = get_user_model().objects.create(  # nosec
+        self.user_two = get_user_model().objects.create(
             username="username_two", email="second@user.com", password="top_secret"
         )