19015773527

Committed 02 Nov 2025 05:33PM UTC coverage: 17.872% (-62.4%) from 80.3%

Build # 19015773527

Build Type

Pull #22816

github

Committed by

web-flow

Commit Message

Merge a12d75757 into 6c024e162

Pull Request Pull Request #22816: Update Pants internal Python to 3.14

Run Details

4 of 5 new or added lines in 3 files covered. (80.0%)

28452 existing lines in 683 files now uncovered.

9831 of 55007 relevant lines covered (17.87%)

0.18 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/python/pants/backend/python/lint/bandit/rules.py

1	# Copyright 2020 Pants project contributors (see CONTRIBUTORS.md).
2	# Licensed under the Apache License, Version 2.0 (see LICENSE).
3
UNCOV 4	from __future__ import annotations	×
5
UNCOV 6	from pants.backend.python.lint.bandit.subsystem import Bandit, BanditFieldSet	×
UNCOV 7	from pants.backend.python.subsystems.setup import PythonSetup	×
UNCOV 8	from pants.backend.python.util_rules import pex	×
UNCOV 9	from pants.backend.python.util_rules.interpreter_constraints import InterpreterConstraints	×
UNCOV 10	from pants.backend.python.util_rules.pex import VenvPexProcess, create_venv_pex	×
UNCOV 11	from pants.core.goals.lint import REPORT_DIR, LintResult, LintTargetsRequest, Partitions	×
UNCOV 12	from pants.core.util_rules.config_files import find_config_file	×
UNCOV 13	from pants.core.util_rules.partitions import Partition	×
UNCOV 14	from pants.core.util_rules.source_files import (	×
15	SourceFiles,
16	SourceFilesRequest,
17	determine_source_files,
18	)
UNCOV 19	from pants.engine.fs import CreateDigest, Directory, MergeDigests, RemovePrefix	×
UNCOV 20	from pants.engine.intrinsics import create_digest, execute_process, merge_digests, remove_prefix	×
UNCOV 21	from pants.engine.rules import collect_rules, concurrently, implicitly, rule	×
UNCOV 22	from pants.util.logging import LogLevel	×
UNCOV 23	from pants.util.strutil import pluralize	×
24
25
UNCOV 26	class BanditRequest(LintTargetsRequest):	×
UNCOV 27	field_set_type = BanditFieldSet	×
UNCOV 28	tool_subsystem = Bandit # type: ignore[assignment]	×
29
30
UNCOV 31	def generate_argv(source_files: SourceFiles, bandit: Bandit) -> tuple[str, ...]:	×
32	args: list[str] = []	×
33	if bandit.config is not None:	×
34	args.append(f"--config={bandit.config}")	×
35	args.extend(bandit.args)	×
36	args.extend(source_files.files)	×
37	return tuple(args)	×
38
39
UNCOV 40	@rule	×
UNCOV 41	async def partition_bandit(	×
42	request: BanditRequest.PartitionRequest[BanditFieldSet],
43	bandit: Bandit,
44	python_setup: PythonSetup,
45	) -> Partitions[BanditFieldSet, InterpreterConstraints]:
46	if bandit.skip:	×
47	return Partitions()	×
48
49	# NB: Bandit output depends upon which Python interpreter version it's run with
50	# ( https://github.com/PyCQA/bandit#under-which-version-of-python-should-i-install-bandit).
51	# We batch targets by their constraints to ensure, for example, that all Python 2 targets run
52	# together and all Python 3 targets run together.
53	constraints_to_field_sets = InterpreterConstraints.group_field_sets_by_constraints(	×
54	request.field_sets, python_setup
55	)
56
57	return Partitions(	×
58	Partition(field_sets, constraints)
59	for constraints, field_sets in constraints_to_field_sets.items()
60	)
61
62
UNCOV 63	@rule(desc="Lint with Bandit", level=LogLevel.DEBUG)	×
UNCOV 64	async def bandit_lint(	×
65	request: BanditRequest.Batch[BanditFieldSet, InterpreterConstraints], bandit: Bandit
66	) -> LintResult:
67	assert request.partition_metadata is not None	×
68
69	interpreter_constraints = request.partition_metadata	×
70	bandit_pex_get = create_venv_pex(	×
71	**implicitly(bandit.to_pex_request(interpreter_constraints=interpreter_constraints))
72	)
73	config_files_get = find_config_file(bandit.config_request)	×
74	source_files_get = determine_source_files(	×
75	SourceFilesRequest(field_set.source for field_set in request.elements)
76	)
77	# Ensure that the empty report dir exists.
78	report_directory_digest_get = create_digest(CreateDigest([Directory(REPORT_DIR)]))	×
79
80	bandit_pex, config_files, report_directory, source_files = await concurrently(	×
81	bandit_pex_get, config_files_get, report_directory_digest_get, source_files_get
82	)
83
84	input_digest = await merge_digests(	×
85	MergeDigests((source_files.snapshot.digest, config_files.snapshot.digest, report_directory))
86	)
87
88	result = await execute_process(	×
89	**implicitly(
90	VenvPexProcess(
91	bandit_pex,
92	argv=generate_argv(source_files, bandit),
93	input_digest=input_digest,
94	description=f"Run Bandit on {pluralize(len(request.elements), 'file')}.",
95	output_directories=(REPORT_DIR,),
96	level=LogLevel.DEBUG,
97	)
98	)
99	)
100	report = await remove_prefix(RemovePrefix(result.output_digest, REPORT_DIR))	×
101	return LintResult.create(request, result, report=report)	×
102
103
UNCOV 104	def rules():	×
UNCOV 105	return (	×
106	*collect_rules(),
107	*BanditRequest.rules(),
108	*pex.rules(),
109	)

pantsbuild / pants / 19015773527

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous