Allow custom formatting options with black #266
Conversation
lib/python/pyflyby/_importstmt.py
Outdated
| black_cmd = [ | ||
| f'black --line-length {str(params.max_line_length)} -c "{str_to_format.strip()}"', | ||
| ] | ||
| try: | ||
| completed_process = subprocess.run( | ||
| black_cmd, | ||
| shell=True, | ||
| stdout=subprocess.PIPE, | ||
| stderr=subprocess.PIPE, | ||
| universal_newlines=True, | ||
| ) |
There was a problem hiding this comment.
You likely should not do that, in general every-time you see shell=True you should step back and think security.
The first argument to run is a list of your program arguments, unless you really want them parsed by the shell. And Here you are forming a string to get it parsed, while you could have ['black', '--line-length', 'str(params.max_line_length)', ...].
This is :
- Safer security wise (no risk to have shell escape, or alike
- More correct (no risk of bas escape in
str_to_format).
| import black | ||
| mode = black.FileMode() | ||
| return black.format_str(res, mode=mode) | ||
| return self.run_black(res, params) |
There was a problem hiding this comment.
Can't something along the following work w/o a subprocess ?
from black import read_pyproject_toml, find_pyproject_toml
from click import Context, Command
c = Context(Command("black"))
print(read_pyproject_toml(c, None, None))
c.default_map
mode = FileMode(...)I'm pretty sure you can find some inspiration in https://github.com/akaihola/darker/blob/e96018f086383a2dcfaab6825945fbee08daca2a/src/darker/black_diff.py#L97 that use black by importing it.
That would avoid an expensive subprocess and the subprocess parsing issues.
Carreau
force-pushed
the
black-custom-formatting
branch
from
a3f1fcb to
bdd71ee
Compare
Carreau
force-pushed
the
black-custom-formatting
branch
from
a7af375 to
805b584
Compare
|
Merging as failures seem to be issues upstream. |
Fixes #264
tidy-importto use black with available configuration, like saypyproject.tomlblackwithtidy-import