-
Notifications
You must be signed in to change notification settings - Fork 276
/
Copy pathpyproject.toml
153 lines (141 loc) · 4 KB
/
pyproject.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
[build-system]
requires = ["hatchling==1.27.0"]
build-backend = "hatchling.build"
[project]
name = "tuf"
description = "A secure updater framework for Python"
readme = "README.md"
license = "Apache-2.0 OR MIT"
license-files = ["LICENSE", "LICENSE-MIT"]
requires-python = ">=3.8"
authors = [
{ email = "[email protected]" },
]
keywords = [
"authentication",
"compromise",
"key",
"revocation",
"secure",
"update",
"updater",
]
classifiers = [
"Development Status :: 5 - Production/Stable",
"Intended Audience :: Developers",
"Natural Language :: English",
"Operating System :: MacOS :: MacOS X",
"Operating System :: Microsoft :: Windows",
"Operating System :: POSIX",
"Operating System :: POSIX :: Linux",
"Programming Language :: Python",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
"Programming Language :: Python :: 3.11",
"Programming Language :: Python :: 3.12",
"Programming Language :: Python :: 3.13",
"Programming Language :: Python :: Implementation :: CPython",
"Topic :: Security",
"Topic :: Software Development",
]
dependencies = [
"securesystemslib~=1.0",
"urllib3<3,>=1.21.1",
]
dynamic = ["version"]
[project.urls]
Documentation = "https://theupdateframework.readthedocs.io/en/stable/"
Homepage = "https://www.updateframework.com"
Issues = "https://github.com/theupdateframework/python-tuf/issues"
Source = "https://github.com/theupdateframework/python-tuf"
[tool.hatch.version]
path = "tuf/__init__.py"
[tool.hatch.build.targets.sdist]
include = [
"/docs",
"/examples",
"/tests",
"/tuf",
"/requirements",
"/tox.ini",
"/setup.py",
]
# Ruff section
# Read more here: https://docs.astral.sh/ruff/linter/#rule-selection
[tool.ruff]
line-length=80
[tool.ruff.lint]
select = ["ALL"]
ignore = [
# Rulesets we do not use at this moment
"COM",
"EM",
"FIX",
"FBT",
"PERF",
"PT",
"PTH",
"TD",
"TRY",
# Individual rules that have been disabled
"D400", "D415", "D213", "D205", "D202", "D107", "D407", "D413", "D212", "D104", "D406", "D105", "D411", "D401", "D200", "D203",
"PLR0913", "PLR2004",
]
[tool.ruff.lint.per-file-ignores]
"tests/*" = [
"D", # pydocstyle: no docstrings required for tests
"E501", # line-too-long: embedded test data in "fmt: off" blocks is ok
"ERA001", # commented code is fine in tests
"RUF012", # ruff: mutable-class-default
"S", # bandit: Not running bandit on tests
"SLF001", # private member access is ok in tests
"T201", # print is ok in tests
]
"examples/*/*" = [
"D", # pydocstyle: no docstrings required for examples
"ERA001", # commented code is fine in examples
"INP001", # implicit package is fine in examples
"S", # bandit: Not running bandit on examples
"T201", # print is ok in examples
]
"verify_release" = [
"ERA001", # commented code is fine here
"S603", # bandit: this flags all uses of subprocess.run as vulnerable
"T201", # print is ok in verify_release
]
".github/scripts/*" = [
"T201", # print is ok in conformance client
]
[tool.ruff.lint.flake8-annotations]
mypy-init-return = true
# mypy section
# Read more here: https://mypy.readthedocs.io/en/stable/config_file.html#using-a-pyproject-toml-file
[tool.mypy]
warn_unused_configs = "True"
warn_redundant_casts = "True"
warn_unused_ignores = "True"
warn_unreachable = "True"
strict_equality = "True"
disallow_untyped_defs = "True"
disallow_untyped_calls = "True"
show_error_codes = "True"
disable_error_code = ["attr-defined"]
[[tool.mypy.overrides]]
module = [
"requests.*",
"securesystemslib.*",
]
ignore_missing_imports = "True"
[tool.coverage.report]
exclude_also = [
# abstract class method definition
"raise NotImplementedError",
# defensive programming: these cannot happen
"raise AssertionError",
# imports for mypy only
"if TYPE_CHECKING",
]
[tool.coverage.run]
branch = true
omit = [ "tests/*", "tuf/ngclient/requests_fetcher.py" ]