sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: add security/performance/audit validators to pre-commit and CI
Some checks failed
CI / ruff (push) Successful in 10s
Details
CI / validate (push) Has been cancelled
Details
CI / dependency-scanning (push) Has been cancelled
Details
CI / docs (push) Has been cancelled
Details
CI / deploy (push) Has been cancelled
Details
CI / pytest (push) Has started running
Details

Browse Source 
- Add validate-security, validate-performance, validate-audit hooks
  to .pre-commit-config.yaml (previously only architecture was checked)
- Break single "Run all validators" CI step into 4 explicit steps
  (architecture, security, performance, audit) for clearer pipeline output
- Add noqa: SEC001 suppressions for test fixture hashed_password values

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Samir Boulahtit
2026-02-19 22:49:04 +01:00
parent 1dcb0e6c33
commit 1eef69f300
3 changed files with 47 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
tests/unit/api/test_deps.py
View File

@@ -210,7 +210,7 @@ class TestValidateCustomerToken:
owner = User(
email=f"owner_{uid}@test.com",
username=f"owner_{uid}",
hashed_password="not_a_real_hash",
hashed_password="not_a_real_hash", # noqa: SEC001
role="merchant_owner",
is_active=True,
)
@@ -239,7 +239,7 @@ class TestValidateCustomerToken:
customer = Customer(
store_id=store.id,
email=f"{email_prefix}_{uid}@example.com",
hashed_password="not_a_real_hash", # noqa: SEC001
hashed_password="not_a_real_hash", # noqa: SEC001 # noqa: SEC001
first_name="Test",
last_name="Customer",
customer_number=f"CUST_{uid}",
@@ -785,7 +785,7 @@ class TestGetCurrentCustomerFromCookieOrHeader:
owner = User(
email=f"csowner_{uid}@test.com",
username=f"csowner_{uid}",
hashed_password="not_a_real_hash",
hashed_password="not_a_real_hash", # noqa: SEC001
role="merchant_owner",
is_active=True,
)
@@ -813,7 +813,7 @@ class TestGetCurrentCustomerFromCookieOrHeader:
customer = Customer(
store_id=store.id,
email=f"cust_{uid}@example.com",
hashed_password="not_a_real_hash", # noqa: SEC001
hashed_password="not_a_real_hash", # noqa: SEC001 # noqa: SEC001
first_name="Test",
last_name="Customer",
customer_number=f"CUST_{uid}",
@@ -878,7 +878,7 @@ class TestGetCurrentCustomerApi:
owner = User(
email=f"caowner_{uid}@test.com",
username=f"caowner_{uid}",
hashed_password="not_a_real_hash",
hashed_password="not_a_real_hash", # noqa: SEC001
role="merchant_owner",
is_active=True,
)
@@ -906,7 +906,7 @@ class TestGetCurrentCustomerApi:
customer = Customer(
store_id=store.id,
email=f"capi_{uid}@example.com",
hashed_password="not_a_real_hash", # noqa: SEC001
hashed_password="not_a_real_hash", # noqa: SEC001 # noqa: SEC001
first_name="API",
last_name="Customer",
customer_number=f"CAPI_{uid}",
@@ -961,7 +961,7 @@ class TestGetCurrentCustomerOptional:
owner = User(
email=f"coowner_{uid}@test.com",
username=f"coowner_{uid}",
hashed_password="not_a_real_hash",
hashed_password="not_a_real_hash", # noqa: SEC001
role="merchant_owner",
is_active=True,
)
@@ -989,7 +989,7 @@ class TestGetCurrentCustomerOptional:
customer = Customer(
store_id=store.id,
email=f"copt_{uid}@example.com",
hashed_password="not_a_real_hash", # noqa: SEC001
hashed_password="not_a_real_hash", # noqa: SEC001 # noqa: SEC001
first_name="Optional",
last_name="Customer",
customer_number=f"COPT_{uid}",