Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Exclude root project .venv from bandit #1918

Merged
merged 1 commit into from
Mar 15, 2024
Merged

Exclude root project .venv from bandit #1918

merged 1 commit into from
Mar 15, 2024

Conversation

rocodes
Copy link
Contributor

@rocodes rocodes commented Mar 15, 2024

Status

Ready for review

Description

make bandit reports results from the root project venv, if it's located in the project root. Filing this as a draft - if we want to instead instruct people to use a cache dir outside of the project root for poetry environment, we should add setup notes to the readme

Test Plan

  • CI passing
  • Agreement on this change

Checklist

If these changes modify code paths involving cryptography, the opening of files in VMs or network (via the RPC service) traffic, Qubes testing in the staging environment is required. For fine tuning of the graphical user interface, testing in any environment in Qubes is required. Please check as applicable:

  • I have tested these changes in the appropriate Qubes environment
  • I do not have an appropriate Qubes OS workstation set up (the reviewer will need to test these changes)
  • These changes should not need testing in Qubes

If these changes add or remove files other than client code, the AppArmor profile may need to be updated. Please check as applicable:

  • I have updated the AppArmor profile
  • No update to the AppArmor profile is required for these changes
  • I don't know and would appreciate guidance

If these changes modify the database schema, you should include a database migration. Please check as applicable:

  • I have written a migration and upgraded a test database based on main and confirmed that the migration is self-contained and applies cleanly
  • I have written a migration but have not upgraded a test database based on main and would like the reviewer to do so
  • I need help writing a database migration
  • No database schema changes are needed

@rocodes rocodes marked this pull request as ready for review March 15, 2024 16:19
@rocodes rocodes requested a review from a team as a code owner March 15, 2024 16:19
Copy link
Member

@legoktm legoktm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was hoping that bandit had enabled using .gitignore to find excludes, but the PR is stalled for unclear reasons: PyCQA/bandit#1090 :( Thankfully ruff has re-implemented the bandit rules so that'll go away soon.

@legoktm legoktm merged commit 802d81f into main Mar 15, 2024
92 checks passed
@legoktm legoktm deleted the no-bandit-on-venv branch March 15, 2024 16:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

2 participants