Skip to content

bandit: merge config into pyproject #86

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
May 12, 2022
Merged

bandit: merge config into pyproject #86

merged 4 commits into from
May 12, 2022

Conversation

woodruffw
Copy link
Member

Removes another top-level config file.

Signed-off-by: William Woodruff [email protected]

@woodruffw
bandit: merge config into pyproject
4bde593 
Removes another top-level config file.

Signed-off-by: William Woodruff <[email protected]>
@woodruffw woodruffw added qa quality assurance component:cicd CI/CD labels May 11, 2022
@woodruffw woodruffw self-assigned this May 11, 2022
@woodruffw
Copy link
Member Author

CI is currently failing due to a potential regression in pip; ref pypa/pip#11110

di
di previously approved these changes May 12, 2022
View reviewed changes
@woodruffw
Copy link
Member Author

🤦

🔥🔥🔥🔥🔥Running security check🔥🔥🔥🔥🔥🔥
Using config file: pyproject.toml
[main]	ERROR	pyproject.toml : toml parser not available, reinstall with toml extra
b'[main]\tERROR\tpyproject.toml : toml parser not available, reinstall with toml extra\n'
🔥🔥🔥🔥Security check failed🔥🔥🔥🔥

@woodruffw
Copy link
Member Author

I'll fix this in a moment. I think we should probably just get rid of the third party action (it seems to be a fork of a fork and not actively maintained?) and run bandit directly.

@di
Copy link
Member

di commented May 12, 2022

Makes sense to me.

@woodruffw woodruffw requested a review from di May 12, 2022 14:30
@woodruffw
Copy link
Member Author

Okay, I made it one of our dev deps and mashed it into make lint + our main lint action.

@woodruffw woodruffw merged commit 1426486 into main May 12, 2022
@woodruffw woodruffw deleted the ww/bandit-remove-config branch May 12, 2022 14:43
javanlacerda pushed a commit to javanlacerda/sigstore-python that referenced this pull request Feb 23, 2024
@tetsuo-cpp
README: prep 0.0.5 (sigstore#86)
954233f 
Signed-off-by: Alex Cameron <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@di di di approved these changes

Assignees

@woodruffw woodruffw

Labels
component:cicd CI/CD qa quality assurance
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@woodruffw @di