[packages/python-bandit] - new

qboosh qboosh at pld-linux.org
Sat Feb 24 22:00:35 CET 2024


commit 6204b3d4a87b7e8ea1d78e884c6d6d7391c728e4
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Sat Feb 24 21:54:06 2024 +0100

    - new

 bandit-mock.patch  | 182 ++++++++++++++++++++++++++++++++++++++++++++++
 python-bandit.spec | 210 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 392 insertions(+)
---
diff --git a/python-bandit.spec b/python-bandit.spec
new file mode 100644
index 0000000..1238cca
--- /dev/null
+++ b/python-bandit.spec
@@ -0,0 +1,210 @@
+#
+# Conditional build:
+%bcond_without	doc	# Sphinx documentation
+%bcond_with	tests	# unit tests (python3 tests fail)
+%bcond_without	python2 # CPython 2.x module
+%bcond_without	python3 # CPython 3.x module
+
+Summary:	Security oriented static analyser for Python code
+Summary(pl.UTF-8):	Statyczny analizator kodu pythonowego zorientowany na bezpieczeństwo
+Name:		python-bandit
+# keep 1.6.x here for python2 support
+Version:	1.6.2
+Release:	1
+License:	Apache v2.0
+Group:		Libraries/Python
+#Source0Download: https://pypi.org/simple/bandit/
+Source0:	https://files.pythonhosted.org/packages/source/b/bandit/bandit-%{version}.tar.gz
+# Source0-md5:	c6a6772d7afa0af8828b3384e73b7085
+Patch0:		bandit-mock.patch
+URL:		https://pypi.org/project/bandit/
+%if %{with python2}
+BuildRequires:	python-modules >= 1:2.7
+BuildRequires:	python-setuptools
+%if %{with tests}
+BuildRequires:	python-PyYAML >= 3.13
+BuildRequires:	python-bs4 >= 4.6.0
+BuildRequires:	python-fixtures >= 3.0.0
+BuildRequires:	python-git >= 1.0.1
+BuildRequires:	python-mock >= 2.0.0
+BuildRequires:	python-oslotest >= 3.2.0
+BuildRequires:	python-six >= 1.10.0
+BuildRequires:	python-stestr >= 1.0.0
+BuildRequires:	python-stevedore >= 1.20.0
+BuildRequires:	python-testscenarios >= 0.4
+BuildRequires:	python-testtools >= 2.2.0
+%endif
+%endif
+%if %{with python3}
+BuildRequires:	python3-modules >= 1:3.5
+BuildRequires:	python3-setuptools
+%if %{with tests}
+BuildRequires:	python3-PyYAML >= 3.13
+BuildRequires:	python3-bs4 >= 4.6.0
+BuildRequires:	python3-fixtures >= 3.0.0
+BuildRequires:	python3-git >= 1.0.1
+BuildRequires:	python3-oslotest >= 3.2.0
+BuildRequires:	python3-six >= 1.10.0
+BuildRequires:	python3-stestr >= 1.0.0
+BuildRequires:	python3-stevedore >= 1.20.0
+BuildRequires:	python3-testscenarios >= 0.4
+BuildRequires:	python3-testtools >= 2.2.0
+%endif
+%endif
+BuildRequires:	rpm-pythonprov
+BuildRequires:	rpmbuild(macros) >= 1.714
+%if %{with doc}
+BuildRequires:	python-sphinx_rtd_theme >= 0.3.0
+BuildRequires:	sphinx-pdg-2 >= 1.6.8
+%endif
+Requires:	python-modules >= 1:2.7
+BuildArch:	noarch
+BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+Bandit is a tool designed to find common security issues in Python
+code. To do this Bandit processes each file, builds an AST from it,
+and runs appropriate plugins against the AST nodes. Once Bandit has
+finished scanning all the files it generates a report.
+
+%description -l pl.UTF-8
+Bandit to narzędzie zaprojektowane do szukania najczęstszych problemów
+z bezpieczeństwem w kodzie pythonowym. W tym celu Bandit przetwarza
+wszystkie pliki, tworzy z nich drzewo AST i uruchamia na jego węzłach
+odpowiednie wtyczki. Po zakończeniu skanowania wszystkich plików
+generuje raport.
+
+%package -n python3-bandit
+Summary:	Security oriented static analyser for Python code
+Summary(pl.UTF-8):	Statyczny analizator kodu pythonowego zorientowany na bezpieczeństwo
+Group:		Libraries/Python
+Requires:	python3-modules >= 1:3.5
+
+%description -n python3-bandit
+Bandit is a tool designed to find common security issues in Python
+code. To do this Bandit processes each file, builds an AST from it,
+and runs appropriate plugins against the AST nodes. Once Bandit has
+finished scanning all the files it generates a report.
+
+%description -n python3-bandit -l pl.UTF-8
+Bandit to narzędzie zaprojektowane do szukania najczęstszych problemów
+z bezpieczeństwem w kodzie pythonowym. W tym celu Bandit przetwarza
+wszystkie pliki, tworzy z nich drzewo AST i uruchamia na jego węzłach
+odpowiednie wtyczki. Po zakończeniu skanowania wszystkich plików
+generuje raport.
+
+%package apidocs
+Summary:	API documentation for Python bandit module
+Summary(pl.UTF-8):	Dokumentacja API modułu Pythona bandit
+Group:		Documentation
+
+%description apidocs
+API documentation for Python bandit module.
+
+%description apidocs -l pl.UTF-8
+Dokumentacja API modułu Pythona bandit.
+
+%prep
+%setup -q -n bandit-%{version}
+%patch0 -p1
+
+%build
+%if %{with python2}
+%py_build
+
+%if %{with tests}
+install -d build-2/bin
+cp -p bandit/__main__.py build-2/bin/bandit
+%{__sed} -i -e '1s,/usr/bin/env python,%{__python},' build-2/bin/bandit
+cat >build-2/bin/bandit-baseline <<EOF
+#!%{__python}
+from bandit.cli.baseline import main
+main()
+EOF
+chmod 755 build-2/bin/bandit build-2/bin/bandit-baseline
+
+PATH=$(pwd)/build-2/bin:$PATH \
+PYTHONPATH=$(pwd) \
+stestr-2 run tests
+%endif
+%endif
+
+%if %{with python3}
+%py3_build
+
+%if %{with tests}
+install -d build-3/bin
+cp -p bandit/__main__.py build-3/bin/bandit
+%{__sed} -i -e '1s,/usr/bin/env python,%{__python3},' build-3/bin/bandit
+cat >build-3/bin/bandit-baseline <<EOF
+#!%{__python3}
+from bandit.cli.baseline import main
+main()
+EOF
+chmod 755 build-3/bin/bandit build-3/bin/bandit-baseline
+
+PATH=$(pwd)/build-3/bin:$PATH \
+PYTHONPATH=$(pwd) \
+stestr-3 run tests
+%endif
+%endif
+
+%if %{with doc}
+sphinx-build-2 -b html doc/source doc/build/html
+%endif
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+%if %{with python2}
+%py_install
+
+%py_postclean
+
+for f in bandit bandit-baseline bandit-config-generator ; do
+	%{__mv} $RPM_BUILD_ROOT%{_bindir}/$f $RPM_BUILD_ROOT%{_bindir}/${f}-2
+done
+%endif
+
+%if %{with python3}
+%py3_install
+
+for f in bandit bandit-baseline bandit-config-generator ; do
+	%{__mv} $RPM_BUILD_ROOT%{_bindir}/$f $RPM_BUILD_ROOT%{_bindir}/${f}-3
+	ln -sf ${f}-3 $RPM_BUILD_ROOT%{_bindir}/$f
+done
+%endif
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%if %{with python2}
+%files
+%defattr(644,root,root,755)
+%doc AUTHORS ChangeLog README.rst
+%attr(755,root,root) %{_bindir}/bandit-2
+%attr(755,root,root) %{_bindir}/bandit-baseline-2
+%attr(755,root,root) %{_bindir}/bandit-config-generator-2
+%{py_sitescriptdir}/bandit
+%{py_sitescriptdir}/bandit-%{version}-py*.egg-info
+%endif
+
+%if %{with python3}
+%files -n python3-bandit
+%defattr(644,root,root,755)
+%doc AUTHORS ChangeLog README.rst
+%attr(755,root,root) %{_bindir}/bandit
+%attr(755,root,root) %{_bindir}/bandit-3
+%attr(755,root,root) %{_bindir}/bandit-baseline
+%attr(755,root,root) %{_bindir}/bandit-baseline-3
+%attr(755,root,root) %{_bindir}/bandit-config-generator
+%attr(755,root,root) %{_bindir}/bandit-config-generator-3
+%{py3_sitescriptdir}/bandit
+%{py3_sitescriptdir}/bandit-%{version}-py*.egg-info
+%endif
+
+%if %{with doc}
+%files apidocs
+%defattr(644,root,root,755)
+%doc doc/build/html/{_modules,_static,blacklists,formatters,man,plugins,*.html,*.js}
+%endif
diff --git a/bandit-mock.patch b/bandit-mock.patch
new file mode 100644
index 0000000..1a83409
--- /dev/null
+++ b/bandit-mock.patch
@@ -0,0 +1,182 @@
+--- bandit-1.6.2/tests/unit/cli/test_baseline.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/cli/test_baseline.py	2024-02-24 18:13:35.817326027 +0100
+@@ -19,7 +19,10 @@ import subprocess
+ 
+ import fixtures
+ import git
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import testtools
+ 
+ import bandit.cli.baseline as baseline
+--- bandit-1.6.2/tests/unit/cli/test_config_generator.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/cli/test_config_generator.py	2024-02-24 18:14:11.027135279 +0100
+@@ -17,7 +17,10 @@
+ import importlib
+ import logging
+ 
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import testtools
+ import yaml
+ 
+--- bandit-1.6.2/tests/unit/cli/test_main.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/cli/test_main.py	2024-02-24 18:14:37.853656614 +0100
+@@ -16,7 +16,10 @@ import logging
+ import os
+ 
+ import fixtures
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import testtools
+ 
+ from bandit.cli import main as bandit
+--- bandit-1.6.2/tests/unit/core/test_config.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/core/test_config.py	2024-02-24 18:15:18.673435475 +0100
+@@ -18,7 +18,10 @@ import textwrap
+ import uuid
+ 
+ import fixtures
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import testtools
+ 
+ from bandit.core import config
+--- bandit-1.6.2/tests/unit/core/test_context.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/core/test_context.py	2024-02-24 18:15:43.796632704 +0100
+@@ -16,7 +16,10 @@
+ 
+ import ast
+ 
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import six
+ import testtools
+ 
+--- bandit-1.6.2/tests/unit/core/test_issue.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/core/test_issue.py	2024-02-24 18:16:02.803196404 +0100
+@@ -14,7 +14,10 @@
+ # License for the specific language governing permissions and limitations
+ # under the License.
+ 
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import testtools
+ 
+ import bandit
+--- bandit-1.6.2/tests/unit/core/test_manager.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/core/test_manager.py	2024-02-24 18:16:27.039731770 +0100
+@@ -17,7 +17,10 @@
+ import os
+ 
+ import fixtures
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import testtools
+ 
+ from bandit.core import config
+--- bandit-1.6.2/tests/unit/core/test_test_set.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/core/test_test_set.py	2024-02-24 18:16:46.252961016 +0100
+@@ -14,7 +14,10 @@
+ #  License for the specific language governing permissions and limitations
+ #  under the License.
+ 
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ from stevedore import extension
+ import testtools
+ 
+--- bandit-1.6.2/tests/unit/formatters/test_html.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/formatters/test_html.py	2024-02-24 18:17:43.429317932 +0100
+@@ -17,7 +17,10 @@ import collections
+ import tempfile
+ 
+ import bs4
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import testtools
+ 
+ import bandit
+--- bandit-1.6.2/tests/unit/formatters/test_json.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/formatters/test_json.py	2024-02-24 18:18:08.525848639 +0100
+@@ -16,7 +16,10 @@ import collections
+ import json
+ import tempfile
+ 
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import testtools
+ 
+ import bandit
+--- bandit-1.6.2/tests/unit/formatters/test_screen.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/formatters/test_screen.py	2024-02-24 18:18:58.678910270 +0100
+@@ -16,7 +16,10 @@
+ import collections
+ import tempfile
+ 
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import testtools
+ 
+ import bandit
+--- bandit-1.6.2/tests/unit/formatters/test_text.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/formatters/test_text.py	2024-02-24 18:19:24.928768062 +0100
+@@ -16,7 +16,10 @@
+ import collections
+ import tempfile
+ 
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import testtools
+ 
+ import bandit
+--- bandit-1.6.2/tests/unit/formatters/test_yaml.py.orig	2019-06-15 08:47:40.000000000 +0200
++++ bandit-1.6.2/tests/unit/formatters/test_yaml.py	2024-02-24 18:19:43.488667514 +0100
+@@ -15,7 +15,10 @@
+ import collections
+ import tempfile
+ 
+-import mock
++try:
++    from unittest import mock
++except ImportError:
++    import mock
+ import testtools
+ import yaml
+ 
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/python-bandit.git/commitdiff/6204b3d4a87b7e8ea1d78e884c6d6d7391c728e4



More information about the pld-cvs-commit mailing list