From 235af882fd485491f6f750c4f823eaa6d1ca4699 Mon Sep 17 00:00:00 2001 From: Steve Jalim Date: Wed, 24 Jan 2024 16:36:16 +0000 Subject: [PATCH] Add pre-commit config with sensible hooks; apply those hooks --- .github/workflows/ci.yaml | 2 +- .pre-commit-config.yaml | 24 ++++++++++++++++++++++++ CODE_OF_CONDUCT.md | 4 ++-- LICENSE | 1 - docs/trusted_types.rst | 2 +- ruff.toml | 2 +- 6 files changed, 29 insertions(+), 6 deletions(-) create mode 100644 .pre-commit-config.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 32a810c..66de6e5 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -54,4 +54,4 @@ jobs: uses: pypa/gh-action-pypi-publish@v1.4.2 with: user: __token__ - password: ${{ secrets.PYPI_API_TOKEN }} \ No newline at end of file + password: ${{ secrets.PYPI_API_TOKEN }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..198e4af --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,24 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at https://mozilla.org/MPL/2.0/. + +# Global excludes, override per repo below if different excludes required. +# exclude: > +# (?x)^( +# DIRNAME_OR_FILENAME_HERE +# | DIRNAME_OR_FILENAME_HERE +# | DIRNAME_OR_FILENAME_HERE +# ) +repos: + # Note: hooks that add content must run before ones which check formatting, lint, etc + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.5.0 # Use the ref you want to point at + hooks: + - id: check-yaml + - id: end-of-file-fixer + - id: trailing-whitespace + - repo: https://github.com/charliermarsh/ruff-pre-commit + rev: v0.1.14 + hooks: + - id: ruff + args: [--fix, --exit-non-zero-on-fix] diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 498baa3..041fbb6 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -1,8 +1,8 @@ # Community Participation Guidelines -This repository is governed by Mozilla's code of conduct and etiquette guidelines. +This repository is governed by Mozilla's code of conduct and etiquette guidelines. For more details, please read the -[Mozilla Community Participation Guidelines](https://www.mozilla.org/about/governance/policies/participation/). +[Mozilla Community Participation Guidelines](https://www.mozilla.org/about/governance/policies/participation/). ## How to Report For more information on how to report violations of the Community Participation Guidelines, please read our '[How to Report](https://www.mozilla.org/about/governance/policies/participation/reporting/)' page. diff --git a/LICENSE b/LICENSE index 9776754..8651744 100644 --- a/LICENSE +++ b/LICENSE @@ -25,4 +25,3 @@ LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - diff --git a/docs/trusted_types.rst b/docs/trusted_types.rst index 638536c..58d1bee 100644 --- a/docs/trusted_types.rst +++ b/docs/trusted_types.rst @@ -119,7 +119,7 @@ dangerous sink that requires Trusted Types. ``Step 3: Enforce Trusted Types`` ================================= Once you have addressed all of the Trusted Types violations present in your -application, you can begin enforcing Trusted Types to prevent DOM XSS. +application, you can begin enforcing Trusted Types to prevent DOM XSS. Configure django-csp so that ``CSP_REPORT_ONLY`` is set to *False*. diff --git a/ruff.toml b/ruff.toml index 532f2d0..42cf5a4 100644 --- a/ruff.toml +++ b/ruff.toml @@ -57,4 +57,4 @@ docstring-code-format = false # # This only has an effect when the `docstring-code-format` setting is # enabled. -docstring-code-line-length = "dynamic" \ No newline at end of file +docstring-code-line-length = "dynamic"