From cfdbc2652958abb9c3f70496fdc75046da6f8744 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <kajinamit@oss.nttdata.com>
Date: Wed, 7 Feb 2024 12:03:18 +0900
Subject: [PATCH] pre-commit: Integrate bandit

We also remove these unnecessary linter dependencies from
test-requirements.txt.

Co-Authored-By: Stephen Finucane <sfinucan@redhat.com>
Change-Id: I36a6469231a8ce78f06c9b858d35c161f4d22799
---
 .pre-commit-config.yaml | 5 +++++
 test-requirements.txt   | 5 -----
 tox.ini                 | 5 +----
 3 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 07917d3..5f4a91a 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -23,3 +23,8 @@ repos:
     hooks:
       - id: hacking
         additional_dependencies: []
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.7.6
+    hooks:
+      - id: bandit
+        args: ['-x', 'tests', '-s', 'B314,B405']
diff --git a/test-requirements.txt b/test-requirements.txt
index 1ed280e..e69e89d 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -7,8 +7,3 @@ eventlet!=0.18.3,!=0.20.1,>=0.18.2 # MIT
 greenlet>=0.4.15 # MIT
 
 coverage!=4.4,>=4.0 # Apache-2.0
-
-# Bandit security code scanner
-bandit>=1.7.0,<1.8.0 # Apache-2.0
-
-pre-commit>=2.6.0 # MIT
diff --git a/tox.ini b/tox.ini
index a2d92ea..dcd9c61 100644
--- a/tox.ini
+++ b/tox.ini
@@ -13,12 +13,9 @@ commands = stestr run --slowest {posargs}
 
 [testenv:pep8]
 deps =
-  -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
-  -r{toxinidir}/test-requirements.txt
+  pre-commit
 commands =
   pre-commit run -a
-  # Run security linter
-  bandit -r oslo_reports tests -n5 --skip B314,B405
 
 [testenv:venv]
 commands = {posargs}