chore: configure bandit

Author: vil02

bandit.yml

@@ -0,0 +1,4 @@
+---
+assert_used:
+  skips: ['**/test_*.py', './tests/*.py']
+...

check_all_python_scripts.sh

@@ -2,4 +2,6 @@
 
 set -euo pipefail
 
+poetry run bandit -c bandit.yml -r .
+
 find . -name "*.py" -not -path "./tests/example_data/python3/*" -exec ./check_python_file.sh {} +

examples/example_general.py

@@ -8,7 +8,7 @@
 EXAMPLE_STR = "Hello, World!"
 TARGET_LANGUAGE = "ada"
 
-assert TARGET_LANGUAGE in string_to_code.get_target_languages()
+assert TARGET_LANGUAGE in string_to_code.get_target_languages()  # nosec B101
 
 CODE = string_to_code.proc(TARGET_LANGUAGE, EXAMPLE_STR)
 

examples/setup_examples.py

@@ -4,5 +4,5 @@
 import sys
 
 _PROJ_PATH_STR = str(pathlib.Path(__file__).parents[1])
-assert str(_PROJ_PATH_STR).endswith("string_to_code_proj")
+assert str(_PROJ_PATH_STR).endswith("string_to_code_proj")  # nosec B101
 sys.path.insert(0, _PROJ_PATH_STR)

pyproject.toml

@@ -25,6 +25,7 @@ ruff = "0.8.4"
 coverage = "7.6.10"
 black = "24.10.0"
 mypy = "1.14.0"
+bandit = "1.8.0"
 
 [build-system]
 requires = ["poetry-core"]

string_to_code/core.py

@@ -33,14 +33,14 @@ class SimpleFunction(typing.NamedTuple):
 
 def str_pieces(in_str: str, in_pieces_len: list[int]) -> Strings:
     """returns in_str split into pieces of lengths as in in_pieces_len"""
-    assert all(_ > 0 for _ in in_pieces_len)
-    assert sum(in_pieces_len) == len(in_str)
+    assert all(_ > 0 for _ in in_pieces_len)  # nosec B101
+    assert sum(in_pieces_len) == len(in_str)  # nosec B101
     cur_str = in_str
     res = []
     for _ in in_pieces_len:
         res.append(cur_str[:_])
         cur_str = cur_str[_:]
-    assert "".join(res) == in_str
+    assert "".join(res) == in_str  # nosec B101
     return res
 
 
@@ -49,11 +49,11 @@ def random_pieces_len(in_total_len: int) -> list[int]:
     cur_num = in_total_len
     res = []
     while cur_num > 0:
-        tmp_len = random.randint(1, max(cur_num, 1))
+        tmp_len = random.randint(1, max(cur_num, 1))  # nosec B311
         res.append(tmp_len)
         cur_num -= tmp_len
     random.shuffle(res)
-    assert sum(res) == in_total_len
+    assert sum(res) == in_total_len  # nosec B101
     return res
 
 
@@ -63,7 +63,7 @@ def random_split(in_str: str) -> Strings:
 
 
 def _interesting_random_split(in_str: str) -> Strings:
-    assert len(in_str) > 1
+    assert len(in_str) > 1  # nosec B101
     res = random_split(in_str)
     while len(res) == 1:
         res = random_split(in_str)
@@ -114,12 +114,14 @@ def __init__(self, initial_call: InitialCall, needed_functions: SimpleFunctions)
 
     def _check_data(self) -> None:
         if self.initial_call is not None and not isinstance(self.initial_call, Atom):
-            assert self.needed_functions
+            assert self.needed_functions  # nosec B101
         if self.needed_functions:
-            assert isinstance(self.initial_call, int)
-            assert self.initial_call + 1 == len(self.needed_functions)
+            assert isinstance(self.initial_call, int)  # nosec B101
+            assert self.initial_call + 1 == len(self.needed_functions)  # nosec B101
         for fun_id, fun in enumerate(self.needed_functions):
-            assert all(_ < fun_id for _ in fun.called_list if not isinstance(_, Atom))
+            assert all(
+                _ < fun_id for _ in fun.called_list if not isinstance(_, Atom)
+            )  # nosec B101
 
     def needed_function_definitions_str_list(
         self, in_function_to_str, **kwargs

string_to_code/string_to_code.py

@@ -9,7 +9,7 @@
 
 
 def _remove_prefix(in_str: str, in_prefix: str) -> str:
-    assert in_str.startswith(in_prefix)
+    assert in_str.startswith(in_prefix)  # nosec B101
     return in_str[len(in_prefix) :]
 
 

string_to_code/to_ada.py

@@ -79,7 +79,7 @@ def _join_to_final(main_call: str, function_definitions: list[str], **kwargs) ->
         ]
     )
     if function_definitions or main_call != _MAIN_NULL_CALL:
-        assert "Ada.Text_IO." in res
+        assert "Ada.Text_IO." in res  # nosec B101
         res = "with Ada.Text_IO;\n\n" + res
     return res
 

string_to_code/to_algol68.py

@@ -32,7 +32,7 @@ def atom_to_code(in_atom: core.Atom) -> str:
 def _merge_to_full_function(in_function_name: str, in_function_body: str) -> str:
     body_str = ""
     if in_function_body:
-        assert in_function_body[-1] == ";"
+        assert in_function_body[-1] == ";"  # nosec B101
         body_str = "\n" + in_function_body[:-1] + "\n"
     return f"PROC {in_function_name} = VOID :({body_str});\n"
 
@@ -46,12 +46,12 @@ def _main_call_to_code(in_initial_call: core.InitialCall, **kwargs) -> str:
     if in_initial_call is None:
         return 'print("")'
     res = _call_function_or_atom(in_initial_call, **kwargs)
-    assert res[-1] == ";"
+    assert res[-1] == ";"  # nosec B101
     return res[:-1]
 
 
 def _join_to_final(main_call: str, function_definitions: list[str], **_kwargs) -> str:
-    assert main_call[-1] != "\n"
+    assert main_call[-1] != "\n"  # nosec B101
     return "\n\n".join(function_definitions + [main_call + "\n"])
 
 

string_to_code/to_haskell.py

@@ -59,9 +59,9 @@ def _join_to_final(main_call, function_definitions, **_kwargs):
 
     import_list = ["IO", "putStr"]
     if function_definitions:
-        assert "String" in res
+        assert "String" in res  # nosec B101
         import_list.append("String")
-        assert "++" in res
+        assert "++" in res  # nosec B101
         import_list.append("(++)")
     res = f'import Prelude ({", ".join(import_list)})\n' + res