Skip to content

Commit b00c33e

Browse files
authored
chore: Remove bandit pre-commit hook, add "S" ruff linter code for bandit (#312)
Disabled for the tests and tutorials, as previously configured for bandit in pyproject.toml.
1 parent 7cd1ec8 commit b00c33e

File tree

3 files changed

+8
-14
lines changed

3 files changed

+8
-14
lines changed

.pre-commit-config.yaml

Lines changed: 2 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -10,24 +10,18 @@ repos:
1010
- id: end-of-file-fixer
1111
- id: mixed-line-ending
1212
- repo: https://github.com/pre-commit/mirrors-mypy
13-
rev: v1.13.0
13+
rev: v1.14.1
1414
hooks:
1515
# See https://github.com/pre-commit/mirrors-mypy/blob/main/.pre-commit-hooks.yaml
1616
- id: mypy
1717
types_or: [python, pyi]
1818
args: [--ignore-missing-imports, --scripts-are-modules]
1919
- repo: https://github.com/astral-sh/ruff-pre-commit
20-
rev: v0.7.1
20+
rev: v0.8.6
2121
hooks:
2222
- id: ruff
2323
args: [--fix, --exit-non-zero-on-fix]
2424
- id: ruff-format
25-
- repo: https://github.com/PyCQA/bandit
26-
rev: 1.7.10
27-
hooks:
28-
- id: bandit
29-
args: [-c, pyproject.toml]
30-
additional_dependencies: ["bandit[toml]"]
3125
# Disabled due to incompatibility with our exception translator facility.
3226
# See https://github.com/jsh9/pydoclint/issues/174
3327
# TODO(nicholasjng): Re-enable once fixed or an ignore facility is available.

pyproject.toml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -114,9 +114,9 @@ line-length = 100
114114
target-version = "py310"
115115

116116
[tool.ruff.lint]
117-
# Enable pycodestyle errors & warnings (`E`, `W`), Pyflakes (`F`), isort (`I`),
118-
# and pyupgrade (`UP`) by default.
119-
select = ["E", "F", "I", "W", "UP"]
117+
# Enable pycodestyle errors & warnings (`E`, `W`), bandit (`S`), Pyflakes (`F`),
118+
# isort (`I`), and pyupgrade (`UP`) by default.
119+
select = ["E", "F", "I", "S", "W", "UP"]
120120
ignore = [
121121
# Line too long
122122
"E501",
@@ -129,10 +129,10 @@ ignore = [
129129
"__init__.py" = ["F401"]
130130
"docs/tutorials/*.py" = [
131131
"E402",
132+
"S",
132133
] # Imports may appear anywhere in Jupytext notebooks
134+
"tests/**/*.py" = ["S"] # Tests are not security-critical.
133135

134-
[tool.bandit]
135-
exclude_dirs = ["tests", "docs/tutorials"]
136136

137137
[tool.pytest.ini_options]
138138
log_cli = true

src/lakefs_spec/transaction.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,7 @@ def __call__(
108108
self.delete = delete
109109
self.squash = squash
110110

111-
ephem_name = branch_name or "transaction-" + "".join(random.choices(string.digits, k=6)) # nosec: B311
111+
ephem_name = branch_name or "transaction-" + "".join(random.choices(string.digits, k=6)) # noqa: S311
112112
self._ephemeral_branch = Branch(self.repository, ephem_name, client=self.fs.client)
113113
return self
114114

0 commit comments

Comments
 (0)