[Security] Add Bandit (#795)

2025-03-01 19:19:26 +01:00
parent 9c1a893ee3
commit 8861546ad8
6 changed files with 67 additions and 38 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -2,6 +2,7 @@ exclude: ^(tests/data)
 default_language_version:
    python: python3.10
 repos:
+  ##### Style / Misc. #####
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v5.0.0
    hooks:
@@ -14,7 +15,7 @@ repos:
      - id: end-of-file-fixer
      - id: trailing-whitespace
  - repo: https://github.com/crate-ci/typos
-    rev: v1.29.10
+    rev: v1.30.0
    hooks:
      - id: typos
        args: [--force-exclude]
@@ -23,16 +24,24 @@ repos:
    hooks:
    -   id: pyupgrade
  - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.9.6
+    rev: v0.9.9
    hooks:
      - id: ruff
        args: [--fix]
      - id: ruff-format
+
+  ##### Security #####
  - repo: https://github.com/gitleaks/gitleaks
-    rev: v8.23.3
+    rev: v8.24.0
    hooks:
      - id: gitleaks
  - repo: https://github.com/woodruffw/zizmor-pre-commit
-    rev: v1.3.1
+    rev: v1.4.1
    hooks:
      - id: zizmor
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.8.3
+    hooks:
+    - id: bandit
+      args: ["-c", "pyproject.toml"]
+      additional_dependencies: ["bandit[toml]"]