This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
The following commit(s) were added to refs/heads/main by this push:
new b643ed8 Add some ruff bandit lints
b643ed8 is described below
commit b643ed8eba3b483c4c7ed1e780166b05881fd5cf
Author: Sean B. Palmer <[email protected]>
AuthorDate: Fri Nov 28 19:59:27 2025 +0000
Add some ruff bandit lints
---
atr/sbom/constants/maven.py | 5 ++---
atr/sbom/maven.py | 16 ++++++++++++----
atr/util.py | 2 +-
pyproject.toml | 12 +++++++++++-
4 files changed, 26 insertions(+), 9 deletions(-)
diff --git a/atr/sbom/constants/maven.py b/atr/sbom/constants/maven.py
index 5fd780f..efe5cf1 100644
--- a/atr/sbom/constants/maven.py
+++ b/atr/sbom/constants/maven.py
@@ -17,11 +17,8 @@
from __future__ import annotations
-import pathlib
from typing import Final
-CACHE_PATH: Final[pathlib.Path] = pathlib.Path("/tmp/sbomtool-cache.json")
-
PLUGIN_VERSIONS: Final[dict[str, str]] = {
"2024-11-28T21:29:12Z": "2.9.1",
"2024-10-08T04:31:11Z": "2.9.0",
@@ -76,3 +73,5 @@ PLUGIN_VERSIONS: Final[dict[str, str]] = {
"2018-05-24T23:24:10Z": "1.0.1",
"2018-05-02T16:34:05Z": "1.0.0",
}
+
+USE_CACHE: Final[bool] = True
diff --git a/atr/sbom/maven.py b/atr/sbom/maven.py
index 14c2f43..a443414 100644
--- a/atr/sbom/maven.py
+++ b/atr/sbom/maven.py
@@ -18,26 +18,34 @@
from __future__ import annotations
import datetime
-from typing import Any
+import pathlib
+import tempfile
+from typing import Any, Final
import yyjson
from . import constants, models
+_CACHE_PATH: Final[pathlib.Path] = pathlib.Path(tempfile.gettempdir()) /
"sbomtool-cache.json"
+
def cache_read() -> dict[str, Any]:
+ if not constants.maven.USE_CACHE:
+ return {}
try:
- with open(constants.maven.CACHE_PATH) as file:
+ with open(_CACHE_PATH) as file:
return yyjson.load(file)
except Exception:
return {}
def cache_write(cache: dict[str, Any]) -> None:
+ if not constants.maven.USE_CACHE:
+ return
try:
- with open(constants.maven.CACHE_PATH, "w") as file:
+ with open(_CACHE_PATH, "w") as file:
yyjson.dump(cache, file)
- except Exception:
+ except FileNotFoundError:
pass
diff --git a/atr/util.py b/atr/util.py
index 61b87a0..09e38ef 100644
--- a/atr/util.py
+++ b/atr/util.py
@@ -170,7 +170,7 @@ async def async_temporary_directory(
try:
await aioshutil.rmtree(temp_dir_path)
except Exception:
- pass
+ log.exception(f"Failed to remove temporary directory
{temp_dir_path}")
def chmod_directories(path: pathlib.Path, permissions: int = 0o755) -> None:
diff --git a/pyproject.toml b/pyproject.toml
index 0883b3e..1e4d3de 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -112,7 +112,16 @@ extend-exclude = [
]
[tool.ruff.lint]
-ignore = []
+ignore = [
+ "S101", # assert
+ "S104", # interfaces
+ "S106", # password keyword
+ "S314", # old expat concerns
+ "S603", # subprocess.run
+ "S607", # partial path
+ "S608", # SQL string query
+ "S704", # markupsafe
+]
select = [
"ASYNC", # flake8-async
"C90", # cyclomatic-complexity
@@ -121,6 +130,7 @@ select = [
"I", # isort
"N", # pep8-naming
"RUF", # ruff-checks
+ "S", # flake8-bandit
"TC", # flake8-type-checking
"TID", # flake8-tidy-imports
"UP", # pyupgrade
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
