Skip to content

ruff: bandit #176

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Feb 14, 2024
Merged

ruff: bandit #176

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
0140484
ruff: bandit
Borda Feb 14, 2024
570e493
setting
Borda Feb 14, 2024
57b5934
Merge branch 'master' into ruff/bandit
Borda Feb 14, 2024
9379c5f
noqa
Borda Feb 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cachier/_version.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@


def _get_git_sha():
sha = os.popen("git rev-parse HEAD").read().strip()
sha = os.popen("git rev-parse HEAD").read().strip() # noqa: S605, S607 todo
# SHA short
return sha[:7]

Expand Down
2 changes: 1 addition & 1 deletion cachier/cores/mongo.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ def get_entry_by_key(self, key):
if res:
try:
entry = {
"value": pickle.loads(res["value"]),
"value": pickle.loads(res["value"]), # noqa: S301
"time": res.get("time", None),
"stale": res.get("stale", False),
"being_calculated": res.get("being_calculated", False),
Expand Down
4 changes: 2 additions & 2 deletions cachier/cores/pickle.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@ def _reload_cache(self):
try:
with portalocker.Lock(fpath, mode="rb") as cache_file:
try:
self.cache = pickle.load(cache_file)
self.cache = pickle.load(cache_file) # noqa: S301
except EOFError:
self.cache = {}
except FileNotFoundError:
Expand All @@ -152,7 +152,7 @@ def _get_cache_by_key(self, key=None, hash=None):
fpath += f"_{key}" if hash is None else f"_{hash}"
try:
with portalocker.Lock(fpath, mode="rb") as cache_file:
return pickle.load(cache_file)
return pickle.load(cache_file) # noqa: S301
except (FileNotFoundError, EOFError):
return None

Expand Down
5 changes: 4 additions & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ select = [
# "I", #see: https://pypi.org/project/isort/
# "D", # see: https://pypi.org/project/pydocstyle
# "N", # see: https://pypi.org/project/pep8-naming
# "S", # see: https://pypi.org/project/flake8-bandit
"S", # see: https://pypi.org/project/flake8-bandit
"SIM",
]
ignore = [
Expand All @@ -63,6 +63,9 @@ exclude = [
ignore-init-module-imports = true
unfixable = ["F401"]

[tool.ruff.per-file-ignores]
"tests/**" = ["S101", "S311", "S105", "S603"]

#[tool.ruff.pydocstyle]
## Use Google-style docstrings.
#convention = "google"
Expand Down
10 changes: 0 additions & 10 deletions tests/test_security.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,6 @@
import subprocess


@pytest.mark.skip # todo: dead check, so let's replace it with Ruff
def test_bandit():
"""Bandit security scan passes with no warnings or errors."""
command = ["bandit"]
parameters = ["-r", "cachier"]
subprocess.check_call(command + parameters)
parameters = ["-s", "B101,B311,B404,B603", "-r", "tests"]
subprocess.check_call(command + parameters)


@pytest.mark.skip # todo: dead check, enable it in separate PR w/ pre-commit
def test_safety():
"""Safety security scan passes with no warnings or errors."""
Expand Down