Creating skeleton package in uv and adding some expected dependencies…

… and linters
owenlamont · Dec 7, 2024 · 3241a5f · 3241a5f
1 parent 43bdbf5
commit 3241a5f
Show file tree

Hide file tree

Showing 10 changed files with 782 additions and 1 deletion.
diff --git a/.gitignore b/.gitignore
@@ -159,4 +159,7 @@ cython_debug/
 #  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
 #  and can be added to the global gitignore or merged into this file.  For a more nuclear
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
-#.idea/
+.idea/
+
+# VS Code
+.code/
diff --git a/.markdownlint.yaml b/.markdownlint.yaml
@@ -0,0 +1,19 @@
+# See rule descriptions here:
+# https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md
+# See yaml schema here:
+# https://github.com/DavidAnson/markdownlint/blob/main/schema/.markdownlint.yaml
+
+default: true
+
+MD013:
+  line_length: 88
+  heading_line_length: 88
+  code_block_line_length: 88
+  code_blocks: true
+  tables: true
+  headings: true
+  strict: false
+  stern: false
+
+MD035:
+  style: "---"
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -0,0 +1,60 @@
+# See https://pre-commit.com for more information
+# See https://pre-commit.com/hooks.html for more hooks
+repos:
+  - repo: https://github.com/kynan/nbstripout
+    rev: 0.8.1
+    hooks:
+     - id: nbstripout
+       args: [--drop-empty-cells]
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v5.0.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-toml
+      - id: check-xml
+      - id: check-yaml
+      - id: check-added-large-files
+      - id: no-commit-to-branch
+      - id: pretty-format-json
+        args: [--autofix]
+        exclude: '\.ipynb$'
+      - id: mixed-line-ending
+        args: [--fix=lf]
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.8.0
+    hooks:
+        - id: bandit
+          args: [ "-c", "pyproject.toml" ]
+          additional_dependencies: [ "bandit[toml]" ]
+  - repo: https://github.com/igorshubovych/markdownlint-cli
+    rev: v0.43.0
+    hooks:
+      - id: markdownlint
+        args: [--fix]
+  - repo: https://github.com/pre-commit/mirrors-mypy
+    rev: v1.13.0
+    hooks:
+      - id: mypy
+        additional_dependencies:
+          - pydantic
+  - repo: https://github.com/charliermarsh/ruff-pre-commit
+    rev: v0.8.2
+    hooks:
+      - id: ruff-format
+        types_or: [python, pyi, jupyter]
+      - id: ruff
+        args: [--fix, --exit-non-zero-on-fix]
+        types_or: [python, pyi, jupyter]
+  - repo: https://github.com/crate-ci/typos
+    rev: v1.28.2
+    hooks:
+      - id: typos
+        args: [
+          --force-exclude,
+          # --write-changes (Don't use this to stop typos making auto-corrections)
+        ]
+  - repo: https://github.com/adrienverge/yamllint.git
+    rev: v1.35.1
+    hooks:
+      - id: yamllint
diff --git a/.python-version b/.python-version
@@ -0,0 +1 @@
+3.9
diff --git a/.yamllint b/.yamllint
@@ -0,0 +1,4 @@
+extends: relaxed
+
+rules:
+  line-length: disable
diff --git a/README.md b/README.md
@@ -1,2 +1,3 @@
 # uv-secure
+
 Scan your uv.lock file for dependencies with known vulnerabilities
diff --git a/pyproject.toml b/pyproject.toml
@@ -0,0 +1,151 @@
+[project]
+name = "uv-secure"
+version = "0.1.0"
+description = "Scan your uv.lock file for dependencies with known vulnerabilities"
+readme = "README.md"
+authors = [
+    { name = "Owen Lamont", email = "owenrlamont@gmail.com" }
+]
+requires-python = ">=3.9"
+dependencies = [
+    "httpx>=0.28.1",
+    "pydantic>=2.10.3",
+    "rich>=13.9.4",
+    "typer>=0.15.1",
+]
+
+[project.scripts]
+uv-secure = "uv_secure:main"
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[tool.bandit]
+exclude_dirs = ["tests"]
+
+[tool.mypy]
+plugins = [
+  "pydantic.mypy"
+]
+
+python_version = "3.9"
+files = ["src"]
+
+ignore_missing_imports = true
+follow_imports = "silent"
+
+check_untyped_defs = true
+disallow_incomplete_defs = true
+disallow_untyped_calls = true
+disallow_untyped_defs = true
+no_implicit_reexport = true
+warn_redundant_casts = true
+warn_return_any = true
+warn_unused_configs = true
+warn_unused_ignores = true
+
+[tool.pydantic-mypy]
+init_forbid_extra = true
+init_typed = true
+warn_required_dynamic_aliases = true
+
+[tool.pytest.ini_options]
+filterwarnings = [
+    "error",
+]
+testpaths = ["tests"]
+
+[tool.ruff]
+
+line-length = 88
+indent-width = 4
+target-version = "py39"
+
+[tool.ruff.format]
+quote-style = "double"
+indent-style = "space"
+skip-magic-trailing-comma = true
+line-ending = "lf"
+
+[tool.ruff.lint]
+# See https://docs.astral.sh/ruff/rules/
+select = [
+    "A",
+    "B",
+    "C4",
+    "D",
+    "E",
+    "F",
+    "FURB",
+    "I",
+    "ISC",
+    "NPY",
+    "PD",
+    "PT",
+    "Q",
+    "RET",
+    "RUF",
+    "SIM",
+    "UP"
+]
+ignore = [
+    "D100", # Missing docstring in public module
+    "D101", # Missing docstring in public class
+    "D102", # Missing docstring in public method
+    "D103", # Missing docstring in public function
+    "D104", # Missing docstring in public package
+    "D105", # Missing docstring in magic method
+    "D106", # Missing docstring in public nested class
+    "D107", # Missing docstring in __init__
+    "D202", # No blank lines allowed after function docstring
+    "D213", # Multi-line docstring summary should start at the second line
+    "D214", # Section is over-indented
+    "D215", # Section underline is over-indented
+    "D400", # First line should end with a period
+    "D401", # First line of docstring should be in imperative mood
+    "D415", # First line should end with a period, question mark, or exclamation
+    "D416", # Section name should end with a colon
+    "D417", # Missing argument descriptions in the docstring
+    "D418", # Function/ Method decorated with @overload shouldn't contain a docstring
+    "E203", # Whitespace before ':' (fights ruff format)
+    "ISC001", # Implicitly concatenated string literals on one line
+]
+
+# Allow fix for all enabled rules (when `--fix`) is provided.
+fixable = ["ALL"]
+unfixable = [
+    "B905", # Enforce strict argument on zip - but don't autofix as strict=False
+]
+
+[tool.ruff.lint.flake8-pytest-style]
+mark-parentheses = false
+
+[tool.ruff.lint.isort]
+case-sensitive = false
+combine-as-imports = true
+force-sort-within-sections = true
+lines-after-imports = 2
+order-by-type = false
+section-order = [
+    "future",
+    "standard-library",
+    "third-party",
+    "first-party",
+    "local-folder"
+]
+split-on-trailing-comma=false
+
+[tool.ruff.lint.pydocstyle]
+convention = "numpy"
+
+[tool.typos]
+
+[dependency-groups]
+dev = [
+    "coverage>=7.6.9",
+    "pytest>=8.3.4",
+    "pytest-cov>=6.0.0",
+    "pytest-httpx>=0.35.0",
+    "pytest-mock>=3.14.0",
+]
diff --git a/src/uv_secure/__init__.py b/src/uv_secure/__init__.py
@@ -0,0 +1,2 @@
+def main() -> None:
+    print("Hello from uv-secure!")
diff --git a/tests/uv_secure/conftest.py b/tests/uv_secure/conftest.py
Original file line number	Diff line number	Diff line change
		@@ -1,2 +1,3 @@
		# uv-secure

		Scan your uv.lock file for dependencies with known vulnerabilities
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		def main() -> None:
		print("Hello from uv-secure!")