diff options
| author | Adam Turner <9087854+aa-turner@users.noreply.github.com> | 2022-12-29 23:46:04 +0000 |
|---|---|---|
| committer | Adam Turner <9087854+aa-turner@users.noreply.github.com> | 2022-12-29 23:53:48 +0000 |
| commit | 7fb45a9058a9e2fbd24d49e6e9db8edbaaa6cbd2 (patch) | |
| tree | 7777991aa68a0a72079a929b651a8322ecd556ba | |
| parent | b5357774a7c4594b22a499fa02d28e8014c932ad (diff) | |
| download | sphinx-git-7fb45a9058a9e2fbd24d49e6e9db8edbaaa6cbd2.tar.gz | |
Enable Ruff's flake8-bandit checks
| -rw-r--r-- | pyproject.toml | 4 | ||||
| -rw-r--r-- | sphinx/config.py | 2 | ||||
| -rw-r--r-- | sphinx/ext/doctest.py | 4 | ||||
| -rw-r--r-- | tests/test_quickstart.py | 8 |
4 files changed, 11 insertions, 7 deletions
diff --git a/pyproject.toml b/pyproject.toml index 814e2beb1..c8c5bbe4b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -161,6 +161,9 @@ ignore = [ "PGH003", # pylint "PLC2201", + # flake8-bandit + "S101", # assert used + "S105", # possible hardcoded password ] external = [ # Whitelist for RUF100 unkown code warnings "E704", @@ -179,6 +182,7 @@ select = [ "PLE", # pylint "PLR", # pylint "PLW", # pylint + "S", # flake8-bandit "SIM", # flake8-simplify "RUF100", # yesqa ] diff --git a/sphinx/config.py b/sphinx/config.py index 67e8a6f2a..e2539a6cf 100644 --- a/sphinx/config.py +++ b/sphinx/config.py @@ -347,7 +347,7 @@ def eval_config_file(filename: str, tags: Optional[Tags]) -> Dict[str, Any]: try: with open(filename, 'rb') as f: code = compile(f.read(), filename.encode(fs_encoding), 'exec') - exec(code, namespace) + exec(code, namespace) # NoQA: S102 except SyntaxError as err: msg = __("There is a syntax error in your configuration file: %s\n") raise ConfigError(msg % err) from err diff --git a/sphinx/ext/doctest.py b/sphinx/ext/doctest.py index 63cda2117..427038b92 100644 --- a/sphinx/ext/doctest.py +++ b/sphinx/ext/doctest.py @@ -382,10 +382,10 @@ Doctest summary condition = node['skipif'] context: Dict[str, Any] = {} if self.config.doctest_global_setup: - exec(self.config.doctest_global_setup, context) + exec(self.config.doctest_global_setup, context) # NoQA: S102 should_skip = eval(condition, context) # NoQA: PGH001 if self.config.doctest_global_cleanup: - exec(self.config.doctest_global_cleanup, context) + exec(self.config.doctest_global_cleanup, context) # NoQA: S102 return should_skip def test_doc(self, docname: str, doctree: Node) -> None: diff --git a/tests/test_quickstart.py b/tests/test_quickstart.py index 068491c89..d95a314c7 100644 --- a/tests/test_quickstart.py +++ b/tests/test_quickstart.py @@ -100,7 +100,7 @@ def test_quickstart_defaults(tempdir): conffile = tempdir / 'conf.py' assert conffile.isfile() ns = {} - exec(conffile.read_text(encoding='utf8'), ns) + exec(conffile.read_text(encoding='utf8'), ns) # NoQA: S102 assert ns['extensions'] == [] assert ns['templates_path'] == ['_templates'] assert ns['project'] == 'Sphinx Test' @@ -150,7 +150,7 @@ def test_quickstart_all_answers(tempdir): conffile = tempdir / 'source' / 'conf.py' assert conffile.isfile() ns = {} - exec(conffile.read_text(encoding='utf8'), ns) + exec(conffile.read_text(encoding='utf8'), ns) # NoQA: S102 assert ns['extensions'] == [ 'sphinx.ext.autodoc', 'sphinx.ext.doctest', 'sphinx.ext.todo' ] @@ -231,7 +231,7 @@ def test_default_filename(tempdir): conffile = tempdir / 'conf.py' assert conffile.isfile() ns = {} - exec(conffile.read_text(encoding='utf8'), ns) + exec(conffile.read_text(encoding='utf8'), ns) # NoQA: S102 def test_extensions(tempdir): @@ -241,7 +241,7 @@ def test_extensions(tempdir): conffile = tempdir / 'conf.py' assert conffile.isfile() ns = {} - exec(conffile.read_text(encoding='utf8'), ns) + exec(conffile.read_text(encoding='utf8'), ns) # NoQA: S102 assert ns['extensions'] == ['foo', 'bar', 'baz'] |