From ac751bed48da5678a86a5271b44670c5525f13a0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=89rico=20Andrei?= <ericof@gmail.com>
Date: Wed, 8 Nov 2023 16:43:04 -0300
Subject: [PATCH] Add bandit to pre-commit

---
 .meta.toml              | 14 ++++++++++++++
 .pre-commit-config.yaml |  6 ++++++
 pyproject.toml          |  4 ++++
 3 files changed, 24 insertions(+)

diff --git a/.meta.toml b/.meta.toml
index 36e0d2d..6d53cb1 100644
--- a/.meta.toml
+++ b/.meta.toml
@@ -21,6 +21,10 @@ towncrier_issue_format = "[#{issue}](https://github.com/collective/pas.plugins.o
 extra_lines = """
 [tool.coverage.run]
 omit = ["*/locales/*"]
+
+[tool.bandit]
+targets = "src/pas/plugins/oidc"
+exclude_dirs = ["src/pas/plugins/oidc/locales"]
 """
 
 [gitignore]
@@ -42,3 +46,13 @@ jobs = [
     "dependencies",
     "release_ready",
     ]
+
+[pre_commit]
+extra_lines = """
+- repo: https://github.com/PyCQA/bandit
+  rev: '1.7.5'
+  hooks:
+  - id: bandit
+    args: ["-c", "pyproject.toml"]
+    additional_dependencies: ["bandit[toml]"]
+"""
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index f13d059..907d758 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -84,6 +84,12 @@ repos:
 #  """
 ##
 
+- repo: https://github.com/PyCQA/bandit
+  rev: '1.7.5'
+  hooks:
+  - id: bandit
+    args: ["-c", "pyproject.toml"]
+    additional_dependencies: ["bandit[toml]"]
 
 ##
 # Add extra configuration options in .meta.toml:
diff --git a/pyproject.toml b/pyproject.toml
index c3e37bd..35911a9 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -160,6 +160,10 @@ ignore = [
 [tool.coverage.run]
 omit = ["*/locales/*"]
 
+[tool.bandit]
+targets = "src/pas/plugins/oidc"
+exclude_dirs = ["src/pas/plugins/oidc/locales"]
+
 ##
 # Add extra configuration options in .meta.toml:
 #  [pyproject]