From 619d312a18cd2ec1b83f7aacfab52c2de4c6b15c Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <kajinamit@oss.nttdata.com>
Date: Thu, 1 Feb 2024 02:22:31 +0900
Subject: [PATCH] pre-commit: Integrate bandit

We also remove these unnecessary linter dependencies from
test-requirements.txt.

The independent bandit target was removed because it's integrated to
the pep8 target.

Co-Authored-By: Stephen Finucane <sfinucan@redhat.com>
Change-Id: I0c9ca1f9310820c83667bffa2d1287d3daffccbc
---
 .pre-commit-config.yaml | 5 +++++
 test-requirements.txt   | 7 -------
 tox.ini                 | 7 ++-----
 3 files changed, 7 insertions(+), 12 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 07917d34..10f19c51 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -23,3 +23,8 @@ repos:
     hooks:
       - id: hacking
         additional_dependencies: []
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.7.6
+    hooks:
+      - id: bandit
+        args: ['-x', 'tests']
diff --git a/test-requirements.txt b/test-requirements.txt
index 58fce9c4..2a80df18 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -1,5 +1,3 @@
-hacking>=6.1.0,<6.2.0 # Apache-2.0
-
 eventlet>=0.18.2,!=0.18.3,!=0.20.1,!=0.21.0,!=0.23.0 # MIT
 fixtures>=3.0.0 # Apache-2.0/BSD
 testscenarios>=0.4 # Apache-2.0/BSD
@@ -15,8 +13,3 @@ coverage!=4.4,>=4.0 # Apache-2.0
 
 # used for oslotest cross-testing scripts
 oslo.config>=5.2.0 # Apache-2.0
-
-# Bandit security code scanner
-bandit>=1.7.0,<1.8.0 # Apache-2.0
-
-pre-commit>=2.6.0 # MIT
diff --git a/tox.ini b/tox.ini
index b4055c9e..1c57188a 100644
--- a/tox.ini
+++ b/tox.ini
@@ -12,10 +12,10 @@ deps =
 commands = stestr run --slowest {posargs}
 
 [testenv:pep8]
+deps =
+  pre-commit
 commands =
   pre-commit run -a
-  # Run security linter
-  bandit -r oslo_utils -x tests -n5
 
 [testenv:venv]
 commands = {posargs}
@@ -32,9 +32,6 @@ commands =
 [testenv:cover]
 commands = python setup.py test --coverage --coverage-package-name=oslo_utils --testr-args='{posargs}'
 
-[testenv:bandit]
-commands = bandit -r oslo_utils -x tests -n5
-
 [flake8]
 # E731 skipped as assign a lambda expression
 # W504 line break after binary operator