tox-poetry-installer/tox.ini
Ethan Paul df343396a4
Remove safety dependency vulnerability scanner
I went back and fourth on this, but ultimately decided that it's more trouble
than it's worth. Between false positives, deeply nested packages raising
vulnerabilities, and the brittleness of the poetry-plugin-export that the
tooling relies on, it causes more headaches than it avoids. A future PR will
enable dependabot tooling that will open PRs to automatically fix this problem
so I don't have to deal with it anymore (hopefully)
2024-08-16 13:26:12 -04:00

79 lines
1.6 KiB
INI

[tox]
envlist = py37, py38, py39, py310, py311, static, static-tests, security
skip_missing_interpreters = true
[testenv]
description = Run the tests
require_locked_deps = true
require_poetry = true
locked_deps =
pytest
pytest-cov
toml
commands =
pytest {toxinidir}/tests/ \
--cov {toxinidir}/tox_poetry_installer \
--cov-config {toxinidir}/.coveragerc \
--cov-report term-missing
[testenv:static]
description = Static formatting and quality enforcement
basepython = py310
platform = linux
ignore_errors = true
locked_deps =
black
blacken-docs
mdformat
mdformat-gfm
mypy
reorder-python-imports
pre-commit
pre-commit-hooks
pylint
types-toml
commands =
pre-commit run \
--all-files
pylint {toxinidir}/tox_poetry_installer/ \
--rcfile {toxinidir}/.pylintrc
mypy {toxinidir}/tox_poetry_installer/ \
--ignore-missing-imports \
--no-strict-optional
[testenv:static-tests]
description = Static formatting and quality enforcement for the tests
basepython = py310
platform = linux
ignore_errors = true
locked_deps =
pylint
pytest
mypy
types-toml
commands =
pylint {toxinidir}/tests/ \
--rcfile {toxinidir}/.pylintrc
mypy {toxinidir}/tests/ \
--ignore-missing-imports \
--no-strict-optional
[testenv:security]
description = Security checks
basepython = py310
platform = linux
ignore_errors = true
skip_install = true
locked_deps =
bandit
safety
poetry
commands =
bandit {toxinidir}/tox_poetry_installer/ \
--recursive \
--quiet
bandit {toxinidir}/tests/ \
--recursive \
--quiet \
--skip B101