Skip to content

Commit

Permalink
[MEDIUM] [email protected]: SNYK-PYTHON-WEBOB-7687445 CWE-601 [Fixed in: 1.…
Browse files Browse the repository at this point in the history
…8.8].
  • Loading branch information
sbrunner committed Aug 30, 2024
1 parent 49089cf commit c464d51
Show file tree
Hide file tree
Showing 6 changed files with 103 additions and 9 deletions.
File renamed without changes.
99 changes: 95 additions & 4 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
# https://pre-commit.com/hooks.html

ci:
autoupdate_schedule: quarterly
skip:
- ripsecrets
exclude: |
(?x)^(
CONST_.*
|mapserver/data/lac-leman.osm
)$
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
Expand All @@ -21,6 +22,14 @@ repos:
rev: v3.1.0
hooks:
- id: prettier
- repo: https://github.com/sbrunner/integrity-updater
rev: 0.1.0
hooks:
- id: integrity-updater
exclude: |-
(?x)^(
geoportal/.*
)$
- repo: https://github.com/PyCQA/autoflake
rev: v2.3.1
hooks:
Expand All @@ -33,3 +42,85 @@ repos:
rev: 24.8.0
hooks:
- id: black
- repo: https://github.com/asottile/pyupgrade
rev: v3.16.0
hooks:
- id: pyupgrade
args:
- --py310-plus
exclude: |-
(?x)^(
build
)$
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.6.0
hooks:
- id: detect-private-key
- id: check-merge-conflict
- id: check-ast
- id: debug-statements
- id: check-toml
- id: check-yaml
- id: check-json
- id: end-of-file-fixer
- id: trailing-whitespace
- id: mixed-line-ending
- repo: https://github.com/sbrunner/hooks
rev: 1.0.0
hooks:
- id: copyright
exclude: |-
(?x)^(
build
|geoportal
|scripts/db-backup
|scripts/db-restore
)$
- id: poetry-lock
additional_dependencies:
- poetry==1.8.3 # pypi
- repo: https://github.com/codespell-project/codespell
rev: v2.3.0
hooks:
- id: codespell
exclude: |-
(?x)^(
(.*/)?poetry\.lock
|ci/cleanup
|geoportal/geomapfish_geoportal/locale/.*
|qgisserver/.*.gs[sz]
|geoportal/geomapfish_geoportal/static/story-map.html
|tilegeneration/config.yaml.tmpl
)$
args:
- --ignore-words=.github/spell-ignore-words.txt
- repo: https://github.com/shellcheck-py/shellcheck-py
rev: v0.10.0.1
hooks:
- id: shellcheck
- repo: https://github.com/jumanjihouse/pre-commit-hooks
rev: 3.0.0
hooks:
- id: git-check
- repo: https://github.com/python-jsonschema/check-jsonschema
rev: 0.28.6
hooks:
- id: check-github-actions
- id: check-github-workflows
- id: check-jsonschema
name: Check GitHub Workflows set timeout-minutes
files: ^\.github/workflows/[^/]+$
types:
- yaml
args:
- --builtin-schema
- github-workflows-require-timeout
- repo: https://github.com/sirwart/ripsecrets
rev: v0.1.8
hooks:
- id: ripsecrets
- repo: https://github.com/sbrunner/jsonschema-validator
rev: 0.1.0
hooks:
- id: jsonschema-validator
files: ^ci/config\.yaml$
1 change: 1 addition & 0 deletions .python-version
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
3.10
10 changes: 5 additions & 5 deletions custom/poetry.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions custom/pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ azure-storage-blob = "12.20.0"
azure-identity = "1.16.1"
urllib3 = { version = "2.2.2", optional = true }
certifi = { version = "2024.7.4", optional = true }
webob = { version = "1.8.8", optional = true }

[tool.poetry.dev-dependencies]
prospector = { version = "1.10.3", extras = ["with_bandit", "with_mypy"] }
1 change: 1 addition & 0 deletions project.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ managed_files:
- geoportal/interfaces/desktop_alt\.html\.mako
- tests/test_app.py
- .editorconfig
- .pre-commit-config\.yaml
unmanaged_files:
- geoportal/geomapfish_geoportal/static-ngeo/js/apps/Controller.*\.js
- geoportal/geomapfish_geoportal/static-ngeo/js/apps/.*\.html\.ejs
Expand Down

0 comments on commit c464d51

Please sign in to comment.