sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(validators): add noqa suppression support to security and performance validators
All checks were successful
CI / dependency-scanning (push) Successful in 27s
Details
CI / docs (push) Successful in 35s
Details
CI / ruff (push) Successful in 8s
Details
CI / pytest (push) Successful in 34m22s
Details
CI / validate (push) Successful in 19s
Details
CI / deploy (push) Successful in 2m25s
Details

Browse Source 
- Add centralized _is_noqa_suppressed() to BaseValidator with normalization
  (accepts both SEC001 and SEC-001 formats for ruff compatibility)
- Wire noqa support into all 21 security and 18 performance check functions
- Add ruff external config for SEC/PERF/MOD/EXC codes in pyproject.toml
- Convert all 280 Python noqa comments to dashless format (ruff-compatible)
- Add site/ to IGNORE_PATTERNS (excludes mkdocs build output)
- Suppress 152 false positive findings (test passwords, seed data, validator
  self-references, Apple Wallet SHA1, etc.)
- Security: 79 errors → 0, 60 warnings → 0
- Performance: 80 warnings → 77 (3 test script suppressions)
- Add proposal doc with noqa inventory and remaining findings recommendations

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Samir Boulahtit
2026-02-14 22:56:56 +01:00
parent f84c5d903e
commit 1b8a40f1ff
75 changed files with 404 additions and 310 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
tests/unit/services/test_auth_service.py
View File

@@ -23,7 +23,7 @@ class TestAuthService:
def test_login_user_success(self, db, test_user):
"""Test successful user login."""
user_credentials = UserLogin(
email_or_username=test_user.username, password="testpass123" # noqa: SEC-001
email_or_username=test_user.username, password="testpass123" # noqa: SEC001
)
result = self.service.login_user(db, user_credentials)
@@ -39,7 +39,7 @@ class TestAuthService:
def test_login_user_with_email(self, db, test_user):
"""Test login with email instead of username."""
user_credentials = UserLogin(
email_or_username=test_user.email, password="testpass123" # noqa: SEC-001
email_or_username=test_user.email, password="testpass123" # noqa: SEC001
)
result = self.service.login_user(db, user_credentials)
@@ -50,7 +50,7 @@ class TestAuthService:
def test_login_user_wrong_username(self, db):
"""Test login fails with wrong username."""
user_credentials = UserLogin(
email_or_username="nonexistentuser", password="testpass123" # noqa: SEC-001
email_or_username="nonexistentuser", password="testpass123" # noqa: SEC001
)
with pytest.raises(InvalidCredentialsException) as exc_info:
@@ -64,7 +64,7 @@ class TestAuthService:
def test_login_user_wrong_password(self, db, test_user):
"""Test login fails with wrong password."""
user_credentials = UserLogin(
email_or_username=test_user.username, password="wrongpassword" # noqa: SEC-001
email_or_username=test_user.username, password="wrongpassword" # noqa: SEC001
)
with pytest.raises(InvalidCredentialsException) as exc_info:
@@ -85,7 +85,7 @@ class TestAuthService:
db.commit()
user_credentials = UserLogin(
email_or_username=test_user.username, password="testpass123" # noqa: SEC-001
email_or_username=test_user.username, password="testpass123" # noqa: SEC001
)
with pytest.raises(UserNotActiveException) as exc_info:
@@ -102,7 +102,7 @@ class TestAuthService:
def test_hash_password(self):
"""Test password hashing."""
password = "testpassword123" # noqa: SEC-001
password = "testpassword123" # noqa: SEC001
hashed = self.service.hash_password(password)
assert hashed != password
@@ -111,7 +111,7 @@ class TestAuthService:
def test_hash_password_different_results(self):
"""Test that hashing same password produces different hashes (salt)."""
password = "testpassword123" # noqa: SEC-001
password = "testpassword123" # noqa: SEC001
hash1 = self.service.hash_password(password)
hash2 = self.service.hash_password(password)

2
tests/unit/services/test_marketplace_service.py
View File

@@ -376,7 +376,7 @@ class TestMarketplaceImportJobSchema:
source_url="ftp://example.com/products.csv",
)
assert "URL must start with http://" in str(exc_info.value)
assert "URL must start with http://" in str(exc_info.value) # noqa: SEC034
def test_url_with_trailing_slash(self):
"""Test URL with trailing slash is accepted."""