kitos
4e378540af
Snyk scan found 3 High severity vulns: two in ecdsa (pulled by python-jose) and one in diskcache (pulled by pySigma, never imported). Remove both vulnerable dependencies and migrate JWT handling to PyJWT. Fix test_logout_revokes_token which broke because test stubs sys.modules[jose] with a MagicMock at collection time; test now uses PyJWT directly.
28 lines
1.0 KiB
TOML
28 lines
1.0 KiB
TOML
# PEP8 line length: 120 chars — the codebase uses longer identifiers and SQLAlchemy chaining
|
|
line-length = 120
|
|
|
|
[lint]
|
|
# PEP8 compliance rules enforced:
|
|
# E/W — pycodestyle (core PEP8 style and warnings)
|
|
# F — pyflakes (unused imports, undefined names)
|
|
# I — isort (import ordering per PEP8 convention)
|
|
# N — pep8-naming (class/function/variable naming conventions)
|
|
# ANN — flake8-annotations (type hint enforcement)
|
|
select = ["E", "W", "F", "I", "N", "ANN", "D"]
|
|
|
|
ignore = [
|
|
# SQLAlchemy filter syntax requires `== True` / `== False` comparisons
|
|
"E712",
|
|
# ANN101/ANN102 (self/cls type annotations) removed from ruff — not needed
|
|
]
|
|
|
|
[lint.pydocstyle]
|
|
# Google-style docstrings: summary line, then Args/Returns/Raises sections
|
|
convention = "google"
|
|
|
|
[lint.per-file-ignores]
|
|
# Tests use broad exception catching and unusual import patterns
|
|
"tests/**" = ["E", "F", "N"]
|
|
# Data file: D3FEND technique descriptions contain URLs and long strings that cannot be meaningfully wrapped
|
|
"app/services/d3fend_import_service.py" = ["E501"]
|