Initial pre-commit linting #1539
Conversation
|
I'll be taking a look at the failed checks for this PR |
|
@shaidar the checks are now passing. Do you know why there's no pre-commit check here? |
.github/workflows/ci.yml
Outdated
| # TODO: Update Pylint or Integrate ruff | ||
| # - name: Lint | ||
| # run: poetry run pylint ./**/*.py |
There was a problem hiding this comment.
I think we should remove this since pre-commit should handle this.
.pre-commit-config.yaml
Outdated
| - --exclude-files | ||
| - ".*_test.js" | ||
| - --exclude-files | ||
| - "static/js/constants.js" |
There was a problem hiding this comment.
I don't think we should ignore this file. This file is prone to having secrets
| static/js/components/NewApplication.js | ||
| static/js/components/forms/ProfileFormFields.js | ||
| static/js/components/forms/elements/FormError.js | ||
| main/templates/background-images.css |
There was a problem hiding this comment.
This can be ignored, But I'm curious why we want to ignore prettier on this?
There was a problem hiding this comment.
Perhaps, @shaidar could provide a better answer to this
| }, | ||
| { | ||
| "name": "ArtifactoryDetector" | ||
| "name": "AWSKeyDetector" | ||
| }, | ||
| { |
There was a problem hiding this comment.
I was comparing it with xPRO where we have also added "name": "AzureStorageKeyDetector"
| @@ -10,4 +10,3 @@ class ApplicationConfig(AppConfig): | |||
|
|
|||
| def ready(self): | |||
| """Application is ready""" | |||
| import applications.signals # pylint:disable=unused-import, unused-variable | |||
There was a problem hiding this comment.
This is needed to load the signals. We should ignore the error on this line instead. e.g. # noqa: F401
There was a problem hiding this comment.
Why are we removing this file? If we've moved this step to somewhere else? Could you point me to that location?
There was a problem hiding this comment.
These scripts checks if someone mistakenly forgot to create a migration file against the changes made in the Django models. It's important that we check this.
There was a problem hiding this comment.
Feel free to add them back
scripts/test/no_auto_migrations.sh
Outdated
There was a problem hiding this comment.
Same as above comment. Why this file was removed
| } | ||
|
|
||
| run_test black --check . | ||
| run_test pytest --no-pylint | ||
| run_test ./scripts/test/detect_missing_migrations.sh |
There was a problem hiding this comment.
If we put the missing migrations scripts back, we will need to update this as well.
static/js/hello_test.js
Outdated
There was a problem hiding this comment.
I think we should remove this file.
docker-compose.travis.yml
Outdated
There was a problem hiding this comment.
We don't use travis now, I think we should remove this file.
Anas12091101
force-pushed
the
sar/pre_commit_linting
branch
from
00d1f02 to
4d29212
Compare
|
| GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
|---|---|---|---|---|---|
| 9430286 | Triggered | Generic Password | 8d4b9e3 | .github/workflows/ci.yml | View secret |
| 9430286 | Triggered | Generic Password | 8d4b9e3 | .github/workflows/ci.yml | View secret |
| 9430286 | Triggered | Generic Password | e1acbe9 | .github/workflows/ci.yml | View secret |
| 9430286 | Triggered | Generic Password | e1acbe9 | .github/workflows/ci.yml | View secret |
| 9430286 | Triggered | Generic Password | 0f7f2b9 | .github/workflows/ci.yml | View secret |
| 9430286 | Triggered | Generic Password | 29a9486 | .github/workflows/ci.yml | View secret |
| 9430286 | Triggered | Generic Password | 0f7f2b9 | .github/workflows/ci.yml | View secret |
| 9430286 | Triggered | Generic Password | 3a90bda | .github/workflows/ci.yml | View secret |
| 9430286 | Triggered | Generic Password | 3a90bda | .github/workflows/ci.yml | View secret |
| 9430286 | Triggered | Generic Password | 29a9486 | .github/workflows/ci.yml | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Anas12091101
force-pushed
the
sar/pre_commit_linting
branch
from
a2f6573 to
8d4b9e3
Compare
main/settings.py
Outdated
| # fmt: off | ||
| PASSWORD_RESET_CONFIRM_URL = "password_reset/confirm/{uid}/{token}/" # pragma: allowlist secret | ||
| # fmt: on |
There was a problem hiding this comment.
Can you cross-match the same setting with xPRO, We didn't to turn the fmt off/on there. Instead, we used
PASSWORD_RESET_CONFIRM_URL = "password_reset/confirm/{uid}/{token}/" # noqa: S105 # pragma: allowlist secret
* Initial pre-commit linting * fix: worked on the suggestions * fix: fixed some styling issues * fix: fixed some styling issues * fix: ignoring git guardian on a line in ci.yml * revert: ignoring git guardian on a line in ci.yml * fix: replaced fmt:off with noqa * fix: black formatting issue --------- Co-authored-by: Muhammad Anas <[email protected]>
* Initial pre-commit linting * fix: worked on the suggestions * fix: fixed some styling issues * fix: fixed some styling issues * fix: ignoring git guardian on a line in ci.yml * revert: ignoring git guardian on a line in ci.yml * fix: replaced fmt:off with noqa * fix: black formatting issue --------- Co-authored-by: Muhammad Anas <[email protected]>
* Initial pre-commit linting * fix: worked on the suggestions * fix: fixed some styling issues * fix: fixed some styling issues * fix: ignoring git guardian on a line in ci.yml * revert: ignoring git guardian on a line in ci.yml * fix: replaced fmt:off with noqa * fix: black formatting issue --------- Co-authored-by: Muhammad Anas <[email protected]>
* Initial pre-commit linting * fix: worked on the suggestions * fix: fixed some styling issues * fix: fixed some styling issues * fix: ignoring git guardian on a line in ci.yml * revert: ignoring git guardian on a line in ci.yml * fix: replaced fmt:off with noqa * fix: black formatting issue --------- Co-authored-by: Muhammad Anas <[email protected]>
* fix(deps): update dependency ramda to ^0.30.0 * fix: manual ramda fixes * Initial pre-commit linting (#1539) * Initial pre-commit linting * fix: worked on the suggestions * fix: fixed some styling issues * fix: fixed some styling issues * fix: ignoring git guardian on a line in ci.yml * revert: ignoring git guardian on a line in ci.yml * fix: replaced fmt:off with noqa * fix: black formatting issue --------- Co-authored-by: Muhammad Anas <[email protected]> * Initial pre-commit linting (#1539) * Initial pre-commit linting * fix: worked on the suggestions * fix: fixed some styling issues * fix: fixed some styling issues * fix: ignoring git guardian on a line in ci.yml * revert: ignoring git guardian on a line in ci.yml * fix: replaced fmt:off with noqa * fix: black formatting issue --------- Co-authored-by: Muhammad Anas <[email protected]> * fix: tests * fix: formatting issues * fix: some cleanup --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Asad Ali <[email protected]> Co-authored-by: Sar <[email protected]> Co-authored-by: Muhammad Anas <[email protected]>
What's this PR do?
This is initial and incomplete work on updating the pre-commit hooks. I was unable to get the prettier plugin to run locally due to
package.jsondependency issues and think someone more familiar with the project and those packages should take a closer look at resolving those.