[flake8-bandit]: Implement deny-list rules for suspicious member calls
#3239
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@colin99d - Na we need to tackle severities more holistically, I think. We could consider adding a severity level for all of Bandit...? |
|
Since AFAIK all Bandit rules have some notion of severity. |
|
I think adding severity into this rule, and then eventually to all the other ones slowly makes a lot of sense. Then we can just make a bandit-wide (and maybe eventually have this work with other rule sets) rule. |
|
@charliermarsh, ready! |
|
Do we inherit this name from |
|
Agreed. Even if it's inconsistent with Bandit, we should still change it. (I believe we've done that in the past.) |
charliermarsh
changed the title
flake8-bandit]: blacklist_callsflake8-bandit]: denylist_calls
charliermarsh
force-pushed
the
blacklist_calls
branch
from
98a0816
to
6c2d430
Compare
PR Check ResultsEcosystemℹ️ ecosystem check detected changes. (+135, -0, 0 error(s)) airflow (+64, -0)
+ airflow/cli/commands/standalone_command.py:194:17: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/cli/commands/user_command.py:73:32: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/example_dags/example_branch_operator.py:46:33: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/example_dags/example_branch_operator_decorator.py:44:16: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/models/xcom.py:654:24: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ airflow/models/xcom.py:661:24: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ airflow/providers/amazon/aws/hooks/base_aws.py:303:15: S320 Using `xml` to parse untrusted data is known to be vulnerable to XML attacks; use `defusedxml` equivalents
+ airflow/providers/amazon/aws/hooks/batch_client.py:481:16: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/providers/amazon/aws/hooks/batch_client.py:498:21: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/providers/amazon/aws/hooks/batch_client.py:546:16: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/providers/amazon/aws/operators/datasync.py:274:20: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/providers/amazon/aws/operators/datasync.py:288:20: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/providers/ftp/hooks/ftp.py:292:25: S321 FTP-related functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.
+ airflow/providers/ftp/hooks/ftp.py:62:25: S321 FTP-related functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.
+ airflow/providers/google/cloud/hooks/cloud_sql.py:848:39: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/providers/google/cloud/hooks/mlengine.py:68:34: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/providers/google/cloud/hooks/mlengine.py:74:38: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ airflow/providers/google/cloud/utils/mlengine_prediction_summary.py:188:17: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ airflow/providers/google/marketing_platform/operators/display_video.py:291:18: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
+ airflow/utils/strings.py:26:20: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ dev/breeze/src/airflow_breeze/utils/docker_command_utils.py:395:20: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ dev/breeze/src/airflow_breeze/utils/kubernetes_utils.py:423:16: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ dev/breeze/src/airflow_breeze/utils/kubernetes_utils.py:95:13: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
+ dev/provider_packages/prepare_provider_packages.py:1198:16: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ dev/stats/get_important_pr_candidates.py:371:24: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ scripts/ci/testing/summarize_junit_failures.py:79:12: S314 Using `xml` to parse untrusted data is known to be vulnerable to XML attacks; use `defusedxml` equivalents
+ scripts/in_container/check_junitxml_result.py:31:20: S314 Using `xml` to parse untrusted data is known to be vulnerable to XML attacks; use `defusedxml` equivalents
+ tests/api/client/test_local_client.py:213:29: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/api/common/experimental/test_pool.py:97:29: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/executors/test_kubernetes_executor.py:64:30: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/models/test_cleartasks.py:412:26: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/models/test_dag.py:1602:16: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ tests/models/test_taskinstance.py:3693:17: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ tests/providers/cncf/kubernetes/decorators/test_kubernetes.py:107:21: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ tests/providers/cncf/kubernetes/decorators/test_kubernetes.py:156:21: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ tests/providers/cncf/kubernetes/decorators/test_kubernetes.py:83:21: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/providers/docker/decorators/test_docker.py:37:21: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/providers/docker/decorators/test_docker.py:52:21: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/providers/elasticsearch/log/elasticmock/utilities/__init__.py:51:20: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/providers/ftp/sensors/test_ftp.py:35:13: S321 FTP-related functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.
+ tests/providers/ftp/sensors/test_ftp.py:36:13: S321 FTP-related functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.
+ tests/providers/ftp/sensors/test_ftp.py:37:13: S321 FTP-related functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.
+ tests/providers/ftp/sensors/test_ftp.py:50:82: S321 FTP-related functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.
+ tests/providers/ftp/sensors/test_ftp.py:63:82: S321 FTP-related functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.
+ tests/providers/ftp/sensors/test_ftp.py:79:13: S321 FTP-related functions are being called. FTP is considered insecure. Use SSH/SFTP/SCP or some other encrypted protocol.
+ tests/providers/google/cloud/secrets/test_secret_manager_system.py:35:38: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/providers/google/cloud/secrets/test_secret_manager_system.py:56:38: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/providers/oracle/operators/test_oracle.py:92:34: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/providers/ssh/hooks/test_ssh.py:80:22: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/providers/ssh/operators/test_ssh.py:219:25: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/serialization/test_dag_serialization.py:2337:15: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ tests/serialization/test_dag_serialization.py:2421:15: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ tests/system/providers/google/cloud/dataplex/resources/spark_example_pi.py:36:13: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/system/providers/google/cloud/dataplex/resources/spark_example_pi.py:37:13: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/system/providers/google/cloud/tasks/example_queue.py:72:24: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/system/providers/google/cloud/tasks/example_tasks.py:84:24: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/system/providers/qubole/example_qubole.py:107:83: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/test_utils/azure_system_helpers.py:149:31: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/test_utils/get_all_tests.py:52:12: S314 Using `xml` to parse untrusted data is known to be vulnerable to XML attacks; use `defusedxml` equivalents
+ tests/test_utils/perf/perf_kit/repeat_and_time.py:121:21: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/test_utils/perf/perf_kit/repeat_and_time.py:122:21: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tests/utils/test_sqlalchemy.py:274:16: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ tests/utils/test_sqlalchemy.py:275:16: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ tests/utils/test_sqlalchemy.py:308:20: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issuebokeh (+12, -0)
+ examples/interaction/js_callbacks/customjs_for_selection.py:22:6: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ examples/interaction/js_callbacks/customjs_for_selection.py:23:6: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ examples/interaction/js_callbacks/customjs_lasso_mean.py:6:6: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ examples/interaction/js_callbacks/customjs_lasso_mean.py:7:6: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ examples/interaction/linking/linked_crosshair.py:7:6: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ examples/interaction/linking/linked_crosshair.py:8:6: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ examples/interaction/widgets/data_table.py:9:20: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ release/util.py:25:16: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ src/bokeh/sampledata/us_counties.py:97:19: S314 Using `xml` to parse untrusted data is known to be vulnerable to XML attacks; use `defusedxml` equivalents
+ src/bokeh/sampledata/us_states.py:95:19: S314 Using `xml` to parse untrusted data is known to be vulnerable to XML attacks; use `defusedxml` equivalents
+ src/bokeh/util/sampledata.py:185:11: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
+ tests/support/plugins/file_server.py:113:13: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.disnake (+4, -0)
+ examples/basic_bot.py:36:28: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ examples/basic_bot.py:43:20: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ examples/custom_context.py:47:13: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ examples/guessing_game.py:25:14: S311 Standard pseudo-random generators are not suitable for cryptographic purposeszulip (+55, -0)
+ analytics/lib/fixtures.py:47:30: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ analytics/lib/fixtures.py:53:21: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ corporate/tests/test_stripe.py:3639:46: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ scripts/lib/puppet_cache.py:67:10: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
+ scripts/lib/puppet_cache.py:81:14: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
+ scripts/lib/zulip_tools.py:51:44: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ tools/droplets/create.py:49:20: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
+ tools/droplets/create.py:63:20: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
+ tools/droplets/create.py:82:20: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
+ zerver/data_import/import_util.py:205:39: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/data_import/mattermost.py:345:24: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/data_import/rocketchat.py:408:20: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/data_import/slack.py:1107:20: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/lib/generate_test_data.py:163:13: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/lib/generate_test_data.py:164:11: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/lib/generate_test_data.py:173:13: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/lib/generate_test_data.py:181:13: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/lib/generate_test_data.py:28:23: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/lib/generate_test_data.py:36:28: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/lib/generate_test_data.py:44:8: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/lib/generate_test_data.py:51:12: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/lib/singleton_bmemcached.py:10:33: S301 `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue
+ zerver/lib/templates.py:175:16: S308 Use of `mark_safe` may expose cross-site scripting vulnerabilities
+ zerver/lib/templates.py:177:12: S308 Use of `mark_safe` may expose cross-site scripting vulnerabilities
+ zerver/lib/test_runner.py:33:29: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/lib/upload/local.py:77:24: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/tests/test_subs.py:3738:42: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/tornado/event_queue.py:265:46: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/views/documentation.py:214:61: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zerver/views/video_calls.py:178:25: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1054:26: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1072:19: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1075:17: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1089:53: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1095:30: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1099:53: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1102:25: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1112:30: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1115:31: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1186:25: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1191:30: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:1238:22: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:477:25: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:479:20: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:480:24: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:481:44: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:483:44: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:484:24: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:485:42: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:487:44: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:814:67: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:921:41: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:924:24: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:925:46: S311 Standard pseudo-random generators are not suitable for cryptographic purposes
+ zilencer/management/commands/populate_db.py:958:59: S311 Standard pseudo-random generators are not suitable for cryptographic purposesBenchmarkLinuxWindows |
charliermarsh
force-pushed
the
blacklist_calls
branch
2 times, most recently
from
359b5c1
to
5b29182
Compare
charliermarsh
force-pushed
the
blacklist_calls
branch
from
5b29182
to
be4cad9
Compare
charliermarsh
changed the title
flake8-bandit]: denylist_callsflake8-bandit]: Implement deny-list rules for suspicious member calls
renovate bot
added a commit
to ixm-one/pytest-cmake-presets
that referenced
this pull request
Mar 23, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [ruff](https://togithub.com/charliermarsh/ruff) | `^0.0.257` -> `^0.0.258` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>charliermarsh/ruff</summary> ### [`v0.0.258`](https://togithub.com/charliermarsh/ruff/releases/tag/v0.0.258) [Compare Source](https://togithub.com/charliermarsh/ruff/compare/v0.0.257...v0.0.258) <!-- Release notes generated using configuration in .github/release.yml at main --> #### What's Changed ##### Rules - \[`flake8-comprehensions`] Update `C416` with dict comprehension (autofixable) by [@​dhruvmanila](https://togithub.com/dhruvmanila) in [astral-sh/ruff#3605 - \[`pylint`]: Implement `assert-on-string-literal` (`W0129`) by [@​latonis](https://togithub.com/latonis) in [astral-sh/ruff#3610 - \[`pyupgrade`] Convert single-argument %-style format calls by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3600 - \[`pyupgrade`] Flag PEP 585 and PEP 604 violations in quoted annotations by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3593 - \[`pyupgrade`] Enable autofix for annotations within 'simple' string literals by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3657 - \[`pyflakes`] Add autofix functionality for `F523` ([#​3613](https://togithub.com/charliermarsh/ruff/issues/3613)) by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3613 - \[`flake8-bandit`]: Implement deny-list rules for suspicious member calls by [@​colin99d](https://togithub.com/colin99d) in [astral-sh/ruff#3239 - \[`flake8-annotations`] Add autofix for `ANN204` with magic methods by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3633 - \[`pylint`] Implement `binary-op-exception` (`PLW0711`) by [@​latonis](https://togithub.com/latonis) in [astral-sh/ruff#3639 - \[`flake8-django`]: Implement rule DJ012 by [@​dhruvmanila](https://togithub.com/dhruvmanila) in [astral-sh/ruff#3659 ##### Bug Fixes - Check exclusions prior to resolving `pyproject.toml` files by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3588 - Fix D417 false positive by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3596 - Avoid removing comment hash for noqa's with trailing content by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3589 - Avoid panics for implicitly-concatenated docstrings by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3584 - Fix infinite loop due to rules `D207` & `W605` by [@​vlindhol](https://togithub.com/vlindhol) in [astral-sh/ruff#3609 - Avoid trimming escaped whitespace in D210 by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3635 - Handle `UP032` autofix with adjacent keywords by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3636 - Consider same-site fixes to be overlapping by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3638 - Avoid `RUF007` fixes for more than two arguments by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3654 - Allow `pairwise` diagnostics for `zip(..., strict=True)` by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3669 - isort: fix bad interaction between `force-sort-within-sections` and `force-to-top` by [@​bluetech](https://togithub.com/bluetech) in [astral-sh/ruff#3645 - Gracefully handle lint panics by [@​MichaReiser](https://togithub.com/MichaReiser) in [astral-sh/ruff#3509 - Fix TRY300 false positive by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3634 - Avoid raising PEP 604 errors with forward-referenced members by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3640 - Avoid attempting infinite `open` fix with re-bound builtin by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3650 - Check indentation level when executing E231 by [@​kyoto7250](https://togithub.com/kyoto7250) in [astral-sh/ruff#3668 - Flag, but don't fix, unused imports (`F401`) in `ModuleNotFoundError` blocks by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3658 #### New Contributors - [@​Rogdham](https://togithub.com/Rogdham) made their first contribution in [astral-sh/ruff#3607 - [@​vlindhol](https://togithub.com/vlindhol) made their first contribution in [astral-sh/ruff#3609 - [@​dhruvmanila](https://togithub.com/dhruvmanila) made their first contribution in [astral-sh/ruff#3605 - [@​luke396](https://togithub.com/luke396) made their first contribution in [astral-sh/ruff#3604 - [@​fuziontech](https://togithub.com/fuziontech) made their first contribution in [astral-sh/ruff#3641 **Full Changelog**: astral-sh/ruff@v0.0.257...v0.0.258 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/ixm-one/pytest-cmake-presets). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xNy4xIiwidXBkYXRlZEluVmVyIjoiMzUuMTcuMSJ9--> Signed-off-by: Renovate Bot <bot@renovateapp.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
to allenporter/flux-local
that referenced
this pull request
Mar 25, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [ruff](https://togithub.com/charliermarsh/ruff) | `==0.0.257` -> `==0.0.259` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>charliermarsh/ruff</summary> ### [`v0.0.259`](https://togithub.com/charliermarsh/ruff/releases/tag/v0.0.259) [Compare Source](https://togithub.com/charliermarsh/ruff/compare/v0.0.258...v0.0.259) <!-- Release notes generated using configuration in .github/release.yml at main --> #### Summary Follow-up release to `v0.0.258` to fix an issue related to rule resolution via `select` and `ignore`. #### What's Changed ##### Bug Fixes - Fix RuleSet.remove by [@​MichaReiser](https://togithub.com/MichaReiser) in [astral-sh/ruff#3685 - Respect all rule-exemption sources when suppressing parser errors by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3665 - Avoid nested loops in `missing_whitespace` by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3688 **Full Changelog**: astral-sh/ruff@v0.0.258...v0.0.259 ### [`v0.0.258`](https://togithub.com/charliermarsh/ruff/releases/tag/v0.0.258) [Compare Source](https://togithub.com/charliermarsh/ruff/compare/v0.0.257...v0.0.258) <!-- Release notes generated using configuration in .github/release.yml at main --> #### What's Changed ##### Rules - \[`flake8-comprehensions`] Update `C416` with dict comprehension (autofixable) by [@​dhruvmanila](https://togithub.com/dhruvmanila) in [astral-sh/ruff#3605 - \[`pylint`]: Implement `assert-on-string-literal` (`W0129`) by [@​latonis](https://togithub.com/latonis) in [astral-sh/ruff#3610 - \[`pyupgrade`] Convert single-argument %-style format calls by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3600 - \[`pyupgrade`] Flag PEP 585 and PEP 604 violations in quoted annotations by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3593 - \[`pyupgrade`] Enable autofix for annotations within 'simple' string literals by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3657 - \[`pyflakes`] Add autofix functionality for `F523` ([#​3613](https://togithub.com/charliermarsh/ruff/issues/3613)) by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3613 - \[`flake8-bandit`]: Implement deny-list rules for suspicious member calls by [@​colin99d](https://togithub.com/colin99d) in [astral-sh/ruff#3239 - \[`flake8-annotations`] Add autofix for `ANN204` with magic methods by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3633 - \[`pylint`] Implement `binary-op-exception` (`PLW0711`) by [@​latonis](https://togithub.com/latonis) in [astral-sh/ruff#3639 - \[`flake8-django`]: Implement rule DJ012 by [@​dhruvmanila](https://togithub.com/dhruvmanila) in [astral-sh/ruff#3659 ##### Bug Fixes - Check exclusions prior to resolving `pyproject.toml` files by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3588 - Fix D417 false positive by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3596 - Avoid removing comment hash for noqa's with trailing content by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3589 - Avoid panics for implicitly-concatenated docstrings by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3584 - Fix infinite loop due to rules `D207` & `W605` by [@​vlindhol](https://togithub.com/vlindhol) in [astral-sh/ruff#3609 - Avoid trimming escaped whitespace in D210 by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3635 - Handle `UP032` autofix with adjacent keywords by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3636 - Consider same-site fixes to be overlapping by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3638 - Avoid `RUF007` fixes for more than two arguments by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3654 - Allow `pairwise` diagnostics for `zip(..., strict=True)` by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3669 - isort: fix bad interaction between `force-sort-within-sections` and `force-to-top` by [@​bluetech](https://togithub.com/bluetech) in [astral-sh/ruff#3645 - Gracefully handle lint panics by [@​MichaReiser](https://togithub.com/MichaReiser) in [astral-sh/ruff#3509 - Fix TRY300 false positive by [@​JonathanPlasse](https://togithub.com/JonathanPlasse) in [astral-sh/ruff#3634 - Avoid raising PEP 604 errors with forward-referenced members by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3640 - Avoid attempting infinite `open` fix with re-bound builtin by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3650 - Check indentation level when executing E231 by [@​kyoto7250](https://togithub.com/kyoto7250) in [astral-sh/ruff#3668 - Flag, but don't fix, unused imports (`F401`) in `ModuleNotFoundError` blocks by [@​charliermarsh](https://togithub.com/charliermarsh) in [astral-sh/ruff#3658 #### New Contributors - [@​Rogdham](https://togithub.com/Rogdham) made their first contribution in [astral-sh/ruff#3607 - [@​vlindhol](https://togithub.com/vlindhol) made their first contribution in [astral-sh/ruff#3609 - [@​dhruvmanila](https://togithub.com/dhruvmanila) made their first contribution in [astral-sh/ruff#3605 - [@​luke396](https://togithub.com/luke396) made their first contribution in [astral-sh/ruff#3604 - [@​fuziontech](https://togithub.com/fuziontech) made their first contribution in [astral-sh/ruff#3641 **Full Changelog**: astral-sh/ruff@v0.0.257...v0.0.258 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/allenporter/flux-local). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xNC4yIiwidXBkYXRlZEluVmVyIjoiMzUuMTQuMiJ9--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ref: #1646
@charliermarsh the different violations have different severities. Would you like me to add a setting that lets users only see errors above a certain severity?