pre-commit: Integrate bandit

We also remove these unnecessary linter dependencies from test-requirements.txt. The independent bandit target was removed because it's integrated to the pep8 target. Co-Authored-By: Stephen Finucane <sfinucan@redhat.com> Change-Id: I0c9ca1f9310820c83667bffa2d1287d3daffccbc
2024-02-01 02:22:31 +09:00 · 2024-02-01 02:22:31 +09:00 · 619d312a18
parent 2eb7a9fe62
commit 619d312a18
3 changed files with 7 additions and 12 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -23,3 +23,8 @@ repos:
    hooks:
      - id: hacking
        additional_dependencies: []
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.7.6
+    hooks:
+      - id: bandit
+        args: ['-x', 'tests']
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -1,5 +1,3 @@
-hacking>=6.1.0,<6.2.0 # Apache-2.0
-
 eventlet>=0.18.2,!=0.18.3,!=0.20.1,!=0.21.0,!=0.23.0 # MIT
 fixtures>=3.0.0 # Apache-2.0/BSD
 testscenarios>=0.4 # Apache-2.0/BSD
@ -15,8 +13,3 @@ coverage!=4.4,>=4.0 # Apache-2.0

 # used for oslotest cross-testing scripts
 oslo.config>=5.2.0 # Apache-2.0
-
-# Bandit security code scanner
-bandit>=1.7.0,<1.8.0 # Apache-2.0
-
-pre-commit>=2.6.0 # MIT
--- a/tox.ini
+++ b/tox.ini
@ -12,10 +12,10 @@ deps =
 commands = stestr run --slowest {posargs}

 [testenv:pep8]
+deps =
+  pre-commit
 commands =
  pre-commit run -a
-  # Run security linter
-  bandit -r oslo_utils -x tests -n5

 [testenv:venv]
 commands = {posargs}
@ -32,9 +32,6 @@ commands =
 [testenv:cover]
 commands = python setup.py test --coverage --coverage-package-name=oslo_utils --testr-args='{posargs}'

-[testenv:bandit]
-commands = bandit -r oslo_utils -x tests -n5
-
 [flake8]
 # E731 skipped as assign a lambda expression
 # W504 line break after binary operator