sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(validators): add noqa suppression support to security and performance validators
All checks were successful
CI / dependency-scanning (push) Successful in 27s
Details
CI / docs (push) Successful in 35s
Details
CI / ruff (push) Successful in 8s
Details
CI / pytest (push) Successful in 34m22s
Details
CI / validate (push) Successful in 19s
Details
CI / deploy (push) Successful in 2m25s
Details

Browse Source 
- Add centralized _is_noqa_suppressed() to BaseValidator with normalization
  (accepts both SEC001 and SEC-001 formats for ruff compatibility)
- Wire noqa support into all 21 security and 18 performance check functions
- Add ruff external config for SEC/PERF/MOD/EXC codes in pyproject.toml
- Convert all 280 Python noqa comments to dashless format (ruff-compatible)
- Add site/ to IGNORE_PATTERNS (excludes mkdocs build output)
- Suppress 152 false positive findings (test passwords, seed data, validator
  self-references, Apple Wallet SHA1, etc.)
- Security: 79 errors → 0, 60 warnings → 0
- Performance: 80 warnings → 77 (3 test script suppressions)
- Add proposal doc with noqa inventory and remaining findings recommendations

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Samir Boulahtit
2026-02-14 22:56:56 +01:00
parent f84c5d903e
commit 1b8a40f1ff
75 changed files with 404 additions and 310 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/modules/customers/exceptions.py
View File

@@ -53,7 +53,7 @@ class CustomerNotFoundException(ResourceNotFoundException):
)
class CustomerAlreadyExistsException(ConflictException): # noqa: MOD-025
class CustomerAlreadyExistsException(ConflictException): # noqa: MOD025
"""Raised when trying to create a customer that already exists."""
def __init__(self, email: str):
@@ -109,7 +109,7 @@ class CustomerValidationException(ValidationException):
self.error_code = "CUSTOMER_VALIDATION_FAILED"
class CustomerAuthorizationException(BusinessLogicException): # noqa: MOD-025
class CustomerAuthorizationException(BusinessLogicException): # noqa: MOD025
"""Raised when customer is not authorized for operation."""
def __init__(self, customer_email: str, operation: str):
@@ -170,7 +170,7 @@ class AddressLimitExceededException(BusinessLogicException):
)
class InvalidAddressTypeException(BusinessLogicException): # noqa: MOD-025
class InvalidAddressTypeException(BusinessLogicException): # noqa: MOD025
"""Raised when an invalid address type is provided."""
def __init__(self, address_type: str):

2
app/modules/customers/routes/api/storefront.py
View File

@@ -317,7 +317,7 @@ def forgot_password(request: Request, email: str, db: Session = Depends(get_db))
)
except Exception as e:
db.rollback()
logger.error(f"Failed to send password reset email: {e}") # noqa: SEC-021
logger.error(f"Failed to send password reset email: {e}") # noqa: SEC021
else:
logger.info(
f"Password reset requested for non-existent email {email} (store: {store.subdomain})"

2
app/modules/customers/services/customer_service.py
View File

@@ -570,7 +570,7 @@ class CustomerService:
# Mark token as used
token_record.mark_used(db)
logger.info(f"Password reset completed for customer {customer.id}") # noqa: SEC-021
logger.info(f"Password reset completed for customer {customer.id}") # noqa: SEC021
return customer

2
app/modules/customers/tests/unit/test_admin_customer_service.py
View File

@@ -36,7 +36,7 @@ def multiple_customers(db, test_store):
customer = Customer(
store_id=test_store.id,
email=f"customer{i}@example.com",
hashed_password="hashed_password_placeholder", # noqa: SEC-001
hashed_password="hashed_password_placeholder", # noqa: SEC001
first_name=f"First{i}",
last_name=f"Last{i}",
customer_number=f"CUST-00{i}",

12
app/modules/customers/tests/unit/test_customer_model.py
View File

@@ -16,7 +16,7 @@ class TestCustomerModel:
customer = Customer(
store_id=test_store.id,
email="customer@example.com",
hashed_password="hashed_password", # noqa: SEC-001
hashed_password="hashed_password", # noqa: SEC001
first_name="John",
last_name="Doe",
customer_number="CUST001",
@@ -40,7 +40,7 @@ class TestCustomerModel:
customer = Customer(
store_id=test_store.id,
email="defaults@example.com",
hashed_password="hash", # noqa: SEC-001
hashed_password="hash", # noqa: SEC001
customer_number="CUST_DEFAULTS",
)
db.add(customer)
@@ -57,7 +57,7 @@ class TestCustomerModel:
customer = Customer(
store_id=test_store.id,
email="fullname@example.com",
hashed_password="hash", # noqa: SEC-001
hashed_password="hash", # noqa: SEC001
customer_number="CUST_FULLNAME",
first_name="Jane",
last_name="Smith",
@@ -73,7 +73,7 @@ class TestCustomerModel:
customer = Customer(
store_id=test_store.id,
email="noname@example.com",
hashed_password="hash", # noqa: SEC-001
hashed_password="hash", # noqa: SEC001
customer_number="CUST_NONAME",
)
db.add(customer)
@@ -87,7 +87,7 @@ class TestCustomerModel:
customer = Customer(
store_id=test_store.id,
email="optional@example.com",
hashed_password="hash", # noqa: SEC-001
hashed_password="hash", # noqa: SEC001
customer_number="CUST_OPT",
phone="+352123456789",
preferences={"language": "en", "currency": "EUR"},
@@ -106,7 +106,7 @@ class TestCustomerModel:
customer = Customer(
store_id=test_store.id,
email="relationship@example.com",
hashed_password="hash", # noqa: SEC-001
hashed_password="hash", # noqa: SEC001
customer_number="CUST_REL",
)
db.add(customer)

18
app/modules/customers/tests/unit/test_customer_schema.py
View File

@@ -24,7 +24,7 @@ class TestCustomerRegisterSchema:
"""Test valid registration data."""
customer = CustomerRegister(
email="customer@example.com",
password="Password123", # noqa: SEC-001
password="Password123", # noqa: SEC001
first_name="John",
last_name="Doe",
)
@@ -36,7 +36,7 @@ class TestCustomerRegisterSchema:
"""Test email is normalized to lowercase."""
customer = CustomerRegister(
email="Customer@Example.COM",
password="Password123", # noqa: SEC-001
password="Password123", # noqa: SEC001
first_name="John",
last_name="Doe",
)
@@ -47,7 +47,7 @@ class TestCustomerRegisterSchema:
with pytest.raises(ValidationError) as exc_info:
CustomerRegister(
email="not-an-email",
password="Password123", # noqa: SEC-001
password="Password123", # noqa: SEC001
first_name="John",
last_name="Doe",
)
@@ -58,7 +58,7 @@ class TestCustomerRegisterSchema:
with pytest.raises(ValidationError) as exc_info:
CustomerRegister(
email="customer@example.com",
password="Pass1", # noqa: SEC-001
password="Pass1", # noqa: SEC001
first_name="John",
last_name="Doe",
)
@@ -69,7 +69,7 @@ class TestCustomerRegisterSchema:
with pytest.raises(ValidationError) as exc_info:
CustomerRegister(
email="customer@example.com",
password="Password", # noqa: SEC-001
password="Password", # noqa: SEC001
first_name="John",
last_name="Doe",
)
@@ -80,7 +80,7 @@ class TestCustomerRegisterSchema:
with pytest.raises(ValidationError) as exc_info:
CustomerRegister(
email="customer@example.com",
password="12345678", # noqa: SEC-001
password="12345678", # noqa: SEC001
first_name="John",
last_name="Doe",
)
@@ -91,7 +91,7 @@ class TestCustomerRegisterSchema:
with pytest.raises(ValidationError) as exc_info:
CustomerRegister(
email="customer@example.com",
password="Password123", # noqa: SEC-001
password="Password123", # noqa: SEC001
last_name="Doe",
)
assert "first_name" in str(exc_info.value).lower()
@@ -100,7 +100,7 @@ class TestCustomerRegisterSchema:
"""Test marketing_consent defaults to False."""
customer = CustomerRegister(
email="customer@example.com",
password="Password123", # noqa: SEC-001
password="Password123", # noqa: SEC001
first_name="John",
last_name="Doe",
)
@@ -110,7 +110,7 @@ class TestCustomerRegisterSchema:
"""Test optional phone field."""
customer = CustomerRegister(
email="customer@example.com",
password="Password123", # noqa: SEC-001
password="Password123", # noqa: SEC001
first_name="John",
last_name="Doe",
phone="+352 123 456",