add bandit and flake8 plugins to tox, remove redundant deps

2020-06-18 17:39:34 -05:00 · 2020-06-18 17:39:34 -05:00 · 605a82680d
parent 14f6125f4e
commit 605a82680d
1 changed files with 15 additions and 11 deletions
--- a/tox.ini
+++ b/tox.ini
@ -4,22 +4,13 @@
 # and then run "tox" from this directory.

 [tox]
-envlist = py37,lint
+envlist = py37,security,lint

 [testenv]
 # build a wheel and test it
 wheel = true
 wheel_build_env = build

-deps =
-    flake8
-    flake8-docstrings
-    pytest
-    pytest-cov
-commands =
-    flake8
-    pytest --cov={envsitepackagesdir}/incorporealcms/
-
 # whitelist commands we need
 whitelist_externals = ln

@ -38,15 +29,28 @@ commands =
    coverage report -m --fail-under=80
    ln -sf {distdir} dist

+[testenv:security]
+# run security checks
+#
+# again it seems the most valuable here to run against the packaged code
+deps =
+    bandit
+commands =
+    bandit {envsitepackagesdir}/incorporealcms/ -r
+
 [testenv:lint]
 # run style checks
 skip_install = true
 deps =
    flake8
+    flake8-blind-except
+    flake8-builtins
    flake8-docstrings
+    flake8-executable
+    flake8-logging-format
 commands =
    flake8
-    - flake8 --disable-noqa --select=E,W,F,C,D
+    - flake8 --disable-noqa --select=E,W,F,C,D,A,G,B

 [flake8]
 max-line-length = 120