From eb8554a731806fdb08f7bced44d57281395b7546 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Wed, 28 Jun 2023 22:10:33 -0700 Subject: [PATCH] Remove support for Python 3.7 due to end-of-life Python 3.7 was end-of-life as of 6-27-2023. As such, there is no need for Bandit to continue to support it. Fixes #992 Signed-off-by: Eric Brown --- .github/workflows/publish-to-pypi.yml | 4 +- .github/workflows/publish-to-test-pypi.yml | 4 +- .github/workflows/pythonpackage.yml | 6 +-- .pre-commit-config.yaml | 6 +-- bandit/core/utils.py | 50 +--------------------- setup.cfg | 1 - setup.py | 2 +- tests/functional/test_functional.py | 10 +---- tox.ini | 2 +- 9 files changed, 15 insertions(+), 70 deletions(-) diff --git a/.github/workflows/publish-to-pypi.yml b/.github/workflows/publish-to-pypi.yml index 6d4661b01..ce368c326 100644 --- a/.github/workflows/publish-to-pypi.yml +++ b/.github/workflows/publish-to-pypi.yml @@ -10,10 +10,10 @@ jobs: - uses: actions/checkout@v3 with: fetch-depth: 0 - - name: Set up Python 3.7 + - name: Set up Python 3.8 uses: actions/setup-python@v4 with: - python-version: 3.7 + python-version: 3.8 - name: Install dependencies run: pip install wheel diff --git a/.github/workflows/publish-to-test-pypi.yml b/.github/workflows/publish-to-test-pypi.yml index 6a0d364ab..2ad1e4646 100644 --- a/.github/workflows/publish-to-test-pypi.yml +++ b/.github/workflows/publish-to-test-pypi.yml @@ -10,10 +10,10 @@ jobs: - uses: actions/checkout@v3 with: fetch-depth: 0 - - name: Set up Python 3.7 + - name: Set up Python 3.8 uses: actions/setup-python@v4 with: - python-version: 3.7 + python-version: 3.8 - name: Install dependencies run: pip install wheel diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index 9f21cd7c0..2d58f04fa 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: [3.7] + python-version: [3.8] steps: - name: Checkout repository uses: actions/checkout@v3 @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: [3.7] + python-version: [3.8] steps: - name: Checkout repository uses: actions/checkout@v3 @@ -47,7 +47,7 @@ jobs: strategy: matrix: python-version: [ - ["3.7", "37"], ["3.8", "38"], ["3.9", "39"], ["3.10", "310"], ["3.11", "311"] + ["3.8", "38"], ["3.9", "39"], ["3.10", "310"], ["3.11", "311"] ] os: [ubuntu-latest, macos-latest] runs-on: ${{ matrix.os }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 1f8d7c6da..92c3c4c16 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -11,17 +11,17 @@ repos: rev: v3.9.0 hooks: - id: reorder-python-imports - args: [--application-directories, '.:src', --py37-plus] + args: [--application-directories, '.:src', --py38-plus] - repo: https://github.com/psf/black rev: 23.3.0 hooks: - id: black - args: [--line-length=79, --target-version=py37] + args: [--line-length=79, --target-version=py38] - repo: https://github.com/asottile/pyupgrade rev: v3.3.2 hooks: - id: pyupgrade - args: [--py37-plus] + args: [--py38-plus] - repo: https://github.com/jorisroovers/gitlint rev: v0.19.1 hooks: diff --git a/bandit/core/utils.py b/bandit/core/utils.py index 8d55b9c9e..1f63f3f2c 100644 --- a/bandit/core/utils.py +++ b/bandit/core/utils.py @@ -219,56 +219,8 @@ def calc_linerange(node): def linerange(node): """Get line number range from a node.""" - if sys.version_info >= (3, 8) and hasattr(node, "lineno"): + if hasattr(node, "lineno"): return list(range(node.lineno, node.end_lineno + 1)) - else: - if hasattr(node, "_bandit_linerange_stripped"): - lines_minmax = node._bandit_linerange_stripped - return list(range(lines_minmax[0], lines_minmax[1] + 1)) - - strip = { - "body": None, - "orelse": None, - "handlers": None, - "finalbody": None, - } - for key in strip.keys(): - if hasattr(node, key): - strip[key] = getattr(node, key) - setattr(node, key, []) - - lines_min = 9999999999 - lines_max = -1 - if hasattr(node, "lineno"): - lines_min = node.lineno - lines_max = node.lineno - for n in ast.iter_child_nodes(node): - lines_minmax = calc_linerange(n) - lines_min = min(lines_min, lines_minmax[0]) - lines_max = max(lines_max, lines_minmax[1]) - - for key in strip.keys(): - if strip[key] is not None: - setattr(node, key, strip[key]) - - if lines_max == -1: - lines_min = 0 - lines_max = 1 - - node._bandit_linerange_stripped = (lines_min, lines_max) - - lines = list(range(lines_min, lines_max + 1)) - - """Try and work around a known Python bug with multi-line strings.""" - # deal with multiline strings lineno behavior (Python issue #16806) - if hasattr(node, "_bandit_sibling") and hasattr( - node._bandit_sibling, "lineno" - ): - start = min(lines) - delta = node._bandit_sibling.lineno - start - if delta > 1: - return list(range(start, node._bandit_sibling.lineno)) - return lines def concat_string(node, stop=None): diff --git a/setup.cfg b/setup.cfg index 3879a32a5..61f87bdd1 100644 --- a/setup.cfg +++ b/setup.cfg @@ -18,7 +18,6 @@ classifier = Operating System :: MacOS :: MacOS X Programming Language :: Python Programming Language :: Python :: 3 - Programming Language :: Python :: 3.7 Programming Language :: Python :: 3.8 Programming Language :: Python :: 3.9 Programming Language :: Python :: 3.10 diff --git a/setup.py b/setup.py index 1350bc193..8400e38ec 100644 --- a/setup.py +++ b/setup.py @@ -4,5 +4,5 @@ import setuptools setuptools.setup( - python_requires=">=3.7", setup_requires=["pbr>=2.0.0"], pbr=True + python_requires=">=3.8", setup_requires=["pbr>=2.0.0"], pbr=True ) diff --git a/tests/functional/test_functional.py b/tests/functional/test_functional.py index a66115c1c..19fabbeb3 100644 --- a/tests/functional/test_functional.py +++ b/tests/functional/test_functional.py @@ -790,19 +790,13 @@ def test_multiline_code(self): issues[0].fname.endswith("examples/multiline_statement.py") ) self.assertEqual(1, issues[0].lineno) - if sys.version_info >= (3, 8): - self.assertEqual(list(range(1, 2)), issues[0].linerange) - else: - self.assertEqual(list(range(1, 3)), issues[0].linerange) + self.assertEqual(list(range(1, 2)), issues[0].linerange) self.assertIn("subprocess", issues[0].get_code()) self.assertEqual(5, issues[1].lineno) self.assertEqual(list(range(3, 6 + 1)), issues[1].linerange) self.assertIn("shell=True", issues[1].get_code()) self.assertEqual(11, issues[2].lineno) - if sys.version_info >= (3, 8): - self.assertEqual(list(range(8, 13 + 1)), issues[2].linerange) - else: - self.assertEqual(list(range(8, 12 + 1)), issues[2].linerange) + self.assertEqual(list(range(8, 13 + 1)), issues[2].linerange) self.assertIn("shell=True", issues[2].get_code()) def test_code_line_numbers(self): diff --git a/tox.ini b/tox.ini index e242c9b55..7a2208b53 100644 --- a/tox.ini +++ b/tox.ini @@ -1,6 +1,6 @@ [tox] minversion = 3.2.0 -envlist = py37,pep8 +envlist = py38,pep8 [testenv] usedevelop = True