Skip to content

Move the one directive from the bandit config to the pre-commit config#296

Open
jsf9k wants to merge 1 commit into
developfrom
improvement/get-rid-of-bandit-config
Open

Move the one directive from the bandit config to the pre-commit config#296
jsf9k wants to merge 1 commit into
developfrom
improvement/get-rid-of-bandit-config

Conversation

@jsf9k

@jsf9k jsf9k commented Apr 30, 2026
edited
Loading

Copy link
Copy Markdown
Member

🗣 Description

This pull request moves the one active directive from the bandit configuration to the pre-commit configuration.

💭 Motivation and context

This also allows us to remove the (now unused) Bandit config file. This should have been done as part of #288 but was missed.

🧪 Testing

All automated tests pass.

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All new and existing tests pass.

@jsf9k
Move the one directive from the Bandit config to the pre-commit config
89cd224 
This also allows us to remove the (now unused) Bandit config file.
@jsf9k jsf9k self-assigned this Apr 30, 2026
@jsf9k jsf9k added the kraken 🐙 This pull request is ready to merge during the next Lineage Kraken release label Apr 30, 2026
@github-actions github-actions Bot added dependencies Pull requests that update a dependency file test This issue or pull request adds or otherwise modifies test code labels Apr 30, 2026
@jsf9k jsf9k removed the dependencies Pull requests that update a dependency file label Apr 30, 2026
@jsf9k jsf9k moved this to In Progress in Next Kraken Apr 30, 2026
@jsf9k jsf9k marked this pull request as ready for review April 30, 2026 18:22
@jsf9k jsf9k requested review from dav3r, felddy and mcdonnnj as code owners April 30, 2026 18:22
Copilot AI review requested due to automatic review settings April 30, 2026 18:22
@jsf9k jsf9k requested a review from a team April 30, 2026 18:23
@jsf9k jsf9k moved this from In progress to Review in progress in Skeleton Maintenance Apr 30, 2026
Copilot AI reviewed Apr 30, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR removes the now-unused Bandit configuration file by moving its only active directive into the Bandit hook configuration within .pre-commit-config.yaml, keeping the same Bandit behavior for the tests/ tree while simplifying repo configuration.

Changes:

  • Update the Bandit pre-commit hook for tests/ to skip B101 via hook args (instead of a .bandit.yml file).
  • Remove the .bandit.yml file from the repository.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
.pre-commit-config.yaml Replaces the Bandit --config=.bandit.yml usage with an equivalent --skip=B101 argument for the tests-only hook.
.bandit.yml Deletes the obsolete Bandit config file now that its only active directive lives in pre-commit.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@dav3r dav3r dav3r approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

@jsf9k jsf9k

Labels

kraken 🐙 This pull request is ready to merge during the next Lineage Kraken release test This issue or pull request adds or otherwise modifies test code

Projects

Next Kraken
Status: In Progress
Skeleton Maintenance
Status: Review in progress

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jsf9k @dav3r