From dd76184e82c1e863bce22d02de093f9bfe12f16f Mon Sep 17 00:00:00 2001 From: Zach Burnett Date: Mon, 15 Jul 2024 13:13:07 -0400 Subject: [PATCH] move `ruff` and `bandit` checks to `pre-commit` (#8646) Co-authored-by: Brett Graham --- .github/workflows/ci.yml | 8 +++++-- .pre-commit-config.yaml | 29 +++++++++++++++++++++++++ jwst/msaflagopen/tests/test_msa_open.py | 2 +- pyproject.toml | 2 +- tox.ini | 19 +--------------- 5 files changed, 38 insertions(+), 22 deletions(-) create mode 100644 .pre-commit-config.yaml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4d67ea3583..abb96ccb00 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,13 +20,17 @@ concurrency: cancel-in-progress: true jobs: + pre-commit: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-python@v5 + - uses: pre-commit/action@v3.0.1 check: uses: OpenAstronomy/github-actions-workflows/.github/workflows/tox.yml@v1 with: default_python: "3.12" envs: | - - linux: check-style - - linux: check-security - linux: check-dependencies crds_contexts: uses: spacetelescope/crds/.github/workflows/contexts.yml@master diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000000..6550323ab8 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,29 @@ +exclude: ".*\\.asdf$" + +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.5.0 + hooks: + - id: check-added-large-files + - id: check-ast + - id: check-case-conflict + - id: check-yaml + args: ["--unsafe"] + - id: check-toml + - id: check-merge-conflict + - id: check-symlinks + - id: debug-statements + - id: detect-private-key + # - id: end-of-file-fixer + # - id: trailing-whitespace + - repo: https://github.com/astral-sh/ruff-pre-commit + rev: 'v0.5.2' + hooks: + - id: ruff + args: ["--fix"] + # - id: ruff-format + - repo: https://github.com/PyCQA/bandit + rev: 1.7.9 + hooks: + - id: bandit + args: ["-r", "-ll", "-x", "jwst/*test*,jwst/**/*test*,jwst/fits_generator", "jwst"] diff --git a/jwst/msaflagopen/tests/test_msa_open.py b/jwst/msaflagopen/tests/test_msa_open.py index 50e6379984..131c5eba46 100644 --- a/jwst/msaflagopen/tests/test_msa_open.py +++ b/jwst/msaflagopen/tests/test_msa_open.py @@ -103,7 +103,7 @@ def test_create_slitlets(): for slit in result: # Test the returned data type and fields. - assert type(slit) == Slit + assert isinstance(slit, Slit) assert slit._fields == slit_fields diff --git a/pyproject.toml b/pyproject.toml index aa865e5197..2cf29c2660 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -284,7 +284,7 @@ exclude = [ "build", ] lint.ignore = [ - "E741", + "E741", # ambiguous variable name (O/0, l/I, etc.) ] line-length = 130 diff --git a/tox.ini b/tox.ini index efead36d3a..8813c9998a 100644 --- a/tox.ini +++ b/tox.ini @@ -1,6 +1,6 @@ [tox] envlist = - check-{style,security,dependencies} + check-dependencies test{,-oldestdeps,-stdevdeps,-devdeps,-sdpdeps}{,-pyargs,-warnings,-regtests,-cov}-xdist build-{docs,dist} @@ -13,22 +13,6 @@ envlist = # tox -l -v # -[testenv:check-style] -description = check code style, e.g. with flake8 -skip_install = true -deps = - ruff -commands = - ruff check . {posargs} - -[testenv:check-security] -description = run bandit to check security compliance -skip_install = true -deps = - bandit>=1.7 -commands = - bandit -r -ll -x jwst/*test*,jwst/**/*test*,jwst/fits_generator jwst - [testenv:check-dependencies] description = verify that install_requires in setup.cfg has correct dependencies # `extras` needs to be empty to check modules without additional dependencies @@ -92,4 +76,3 @@ description = invoke sphinx-build to build the HTML docs extras = docs commands = sphinx-build -W docs docs/_build -