diff options
-rw-r--r-- | .pre-commit-config.yaml | 6 | ||||
-rw-r--r-- | pylint/graph.py | 10 | ||||
-rw-r--r-- | pylint/pyreverse/dot_printer.py | 7 | ||||
-rw-r--r-- | requirements_test_pre_commit.txt | 1 | ||||
-rw-r--r-- | tests/profile/test_profile_against_externals.py | 3 |
5 files changed, 15 insertions, 12 deletions
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 15d6a71d2..022cfe4be 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -146,3 +146,9 @@ repos: pylint/__pkginfo__.py| setup.cfg )$ + - repo: https://github.com/PyCQA/bandit + rev: 1.7.4 + hooks: + - id: bandit + args: ["-r", "-lll"] + exclude: *fixtures diff --git a/pylint/graph.py b/pylint/graph.py index 21b5b2fee..5cffca615 100644 --- a/pylint/graph.py +++ b/pylint/graph.py @@ -13,7 +13,6 @@ import codecs import os import shutil import subprocess -import sys import tempfile from collections.abc import Sequence from typing import Any @@ -113,9 +112,8 @@ class DotBackend: "executable not found. Install graphviz, or specify a `.gv` " "outputfile to produce the DOT source code." ) - use_shell = sys.platform == "win32" if mapfile: - subprocess.call( + subprocess.run( [ self.renderer, "-Tcmapx", @@ -127,12 +125,12 @@ class DotBackend: "-o", outputfile, ], - shell=use_shell, + check=True, ) else: - subprocess.call( + subprocess.run( [self.renderer, "-T", target, dot_sourcepath, "-o", outputfile], - shell=use_shell, + check=True, ) os.unlink(dot_sourcepath) return outputfile diff --git a/pylint/pyreverse/dot_printer.py b/pylint/pyreverse/dot_printer.py index 1d5f2c32b..077e0552d 100644 --- a/pylint/pyreverse/dot_printer.py +++ b/pylint/pyreverse/dot_printer.py @@ -8,7 +8,6 @@ from __future__ import annotations import os import subprocess -import sys import tempfile from enum import Enum from pathlib import Path @@ -164,10 +163,8 @@ class DotPrinter(Printer): with open(dot_sourcepath, "w", encoding="utf8") as outfile: outfile.writelines(self.lines) if target not in graphviz_extensions: - use_shell = sys.platform == "win32" - subprocess.call( - ["dot", "-T", target, dot_sourcepath, "-o", outputfile], - shell=use_shell, + subprocess.run( + ["dot", "-T", target, dot_sourcepath, "-o", outputfile], check=True ) os.unlink(dot_sourcepath) diff --git a/requirements_test_pre_commit.txt b/requirements_test_pre_commit.txt index 74eec8d62..c5d1fcb92 100644 --- a/requirements_test_pre_commit.txt +++ b/requirements_test_pre_commit.txt @@ -1,5 +1,6 @@ # Everything in this file should reflect the pre-commit configuration # in .pre-commit-config.yaml +bandit==1.7.4 black==22.10.0 flake8==6.0.0 flake8-bugbear==22.10.27 diff --git a/tests/profile/test_profile_against_externals.py b/tests/profile/test_profile_against_externals.py index 7a429fad8..3ee7564f0 100644 --- a/tests/profile/test_profile_against_externals.py +++ b/tests/profile/test_profile_against_externals.py @@ -13,6 +13,7 @@ import pprint from pathlib import Path import pytest +from git.repo import Repo from pylint.testutils import GenericTestReporter as Reporter from pylint.testutils._run import _Run as Run @@ -45,7 +46,7 @@ def test_run(tmp_path: Path, name: str, git_repo: str) -> None: """Runs pylint against external sources.""" checkoutdir = tmp_path / name checkoutdir.mkdir() - os.system(f"git clone --depth=1 {git_repo} {checkoutdir}") + Repo.clone_from(url=git_repo, to_path=checkoutdir, depth=1) filepaths = _get_py_files(scanpath=str(checkoutdir)) print(f"Have {len(filepaths)} files") |