Update pre-commit-config hooks and apply them

bunkerity · Jun 24, 2024 · 7152b88 · 7152b88
1 parent 9e7f9ae
commit 7152b88
Show file tree

Hide file tree

Showing 20 changed files with 155 additions and 111 deletions.
diff --git a/.gitignore b/.gitignore
@@ -3,4 +3,4 @@
 *.zip
 env
 node_modules
-style.css
+style.css
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -3,7 +3,7 @@
 exclude: (^coraza/api/coreruleset|(^LICENSE.md|.svg)$)
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: c4a0b883114b00d8d76b479c820ce7950211c99b # frozen: v4.5.0
+    rev: 2c9f875913ee60ca25ce70243dc24d5b6415598c # frozen: v4.6.0
     hooks:
       - id: trailing-whitespace
       - id: end-of-file-fixer
@@ -12,7 +12,7 @@ repos:
       - id: check-case-conflict
 
   - repo: https://github.com/ambv/black
-    rev: e026c93888f91a47a9c9f4e029f3eb07d96375e6 # frozen: 24.1.1
+    rev: 3702ba224ecffbcec30af640c149f231d90aebdb # frozen: 24.4.2
     hooks:
       - id: black
         name: Black Python Formatter
@@ -31,34 +31,34 @@ repos:
         exclude: ^crowdsec/lib/
 
   - repo: https://github.com/lunarmodules/luacheck
-    rev: 418f48976c73be697fe64b0eba9ea9821ac9bca8 # frozen: v1.1.2
+    rev: cc089e3f65acdd1ef8716cc73a3eca24a6b845e4 # frozen: v1.2.0
     hooks:
       - id: luacheck
         exclude: ^crowdsec/lib/
         args: ["--std", "min", "--codes", "--ranges", "--no-cache"]
 
   - repo: https://github.com/pycqa/flake8
-    rev: 7d37d9032d0d161634be4554273c30efd4dea0b3 # frozen: 7.0.0
+    rev: 1978e2b0de6efa0cb2a2b6f3f7986aa6569dd2be # frozen: 7.1.0
     hooks:
       - id: flake8
         name: Flake8 Python Linter
         args: ["--max-line-length=250", "--ignore=E266,E402,E722,W503"]
 
   - repo: https://github.com/codespell-project/codespell
-    rev: 6e41aba91fb32e9feb741a6258eefeb9c6e4a482 # frozen: v2.2.6
+    rev: 193cd7d27cd571f79358af09a8fb8997e54f8fff # frozen: v2.3.0
     hooks:
       - id: codespell
         name: Codespell Spell Checker
-        entry: codespell --ignore-regex="(tabEl|Widgits)" --skip src/ui/static/js/utils/flatpickr.js,CHANGELOG.md
+        entry: codespell --ignore-regex="(tabEl|Widgits)" --skip */ui/template.html,src/ui/static/js/utils/flatpickr.js,CHANGELOG.md
         language: python
         types: [text]
 
   - repo: https://github.com/gitleaks/gitleaks
-    rev: 145400593c178304246371bc45290588bc72f43e # frozen: v8.18.2
+    rev: 77c3c6a34b2577d71083442326c60b8fd58926ec # frozen: v8.18.4
     hooks:
       - id: gitleaks
 
   - repo: https://github.com/koalaman/shellcheck-precommit
-    rev: 3f77b826548d8dc2d26675f077361c92773b50a7 # frozen: v0.9.0
+    rev: 2491238703a5d3415bb2b7ff11388bf775372f29 # frozen: v0.10.0
     hooks:
       - id: shellcheck
diff --git a/.tests/coraza.sh b/.tests/coraza.sh
@@ -1,5 +1,6 @@
 #!/bin/bash
 
+# shellcheck disable=SC1091
 . .tests/utils.sh
 
 echo "ℹ️ Starting Coraza tests ..."

diff --git a/.tests/virustotal.sh b/.tests/virustotal.sh
@@ -1,5 +1,6 @@
 #!/bin/bash
 
+# shellcheck disable=SC1091
 . .tests/utils.sh
 
 echo "ℹ️ Starting VirusTotal tests ..."

diff --git a/clamav/clamav.lua b/clamav/clamav.lua
@@ -155,13 +155,13 @@ function clamav:scan()
 		return false, "failed to create upload form"
 	end
 	local sha = sha512:new()
-	local socket = nil
+	local scan_socket = nil
 	while true do
 		-- Read part
 		local typ, res, err = form:read()
 		if not typ then
-			if socket then
-				socket:close()
+			if scan_socket then
+				scan_socket:close()
 			end
 			return false, "form:read() failed : " .. err
 		end
@@ -178,32 +178,32 @@ function clamav:scan()
 				end
 			end
 			if found then
-				if socket then
-					socket:close()
+				if scan_socket then
+					scan_socket:close()
 				end
-				socket, err = self:socket()
-				if not socket then
+				scan_socket, err = self:socket()
+				if not scan_socket then
 					read_all(form)
 					return false, "socket failed : " .. err
 				end
-				bytes, err = socket:send("nINSTREAM\n")
+				bytes, err = scan_socket:send("nINSTREAM\n")
 				if not bytes then
-					socket:close()
+					scan_socket:close()
 					read_all(form)
 					return false, "socket:send() failed : " .. err
 				end
 			end
 			-- Body case : update checksum and send to clamav
-		elseif typ == "body" and socket then
+		elseif typ == "body" and scan_socket then
 			sha:update(res)
-			bytes, err = socket:send(stream_size(#res) .. res)
+			bytes, err = scan_socket:send(stream_size(#res) .. res)
 			if not bytes then
-				socket:close()
+				scan_socket:close()
 				read_all(form)
 				return false, "socket:send() failed : " .. err
 			end
 			-- Part end case : get final checksum and clamav result
-		elseif typ == "part_end" and socket then
+		elseif typ == "part_end" and scan_socket then
 			local checksum = to_hex(sha:final())
 			sha:reset()
 			-- Check if file is in cache
@@ -214,30 +214,30 @@ function clamav:scan()
 					"can't check if file with checksum " .. checksum .. " is in cache : " .. cached
 				)
 			elseif cached then
-				socket:close()
-				socket = nil
+				scan_socket:close()
+				scan_socket = nil
 				if cached ~= "clean" then
 					read_all(form)
 					return true, cached, checksum
 				end
 			else
 				-- End the INSTREAM
-				bytes, err = socket:send(stream_size(0))
+				bytes, err = scan_socket:send(stream_size(0))
 				if not bytes then
-					socket:close()
+					scan_socket:close()
 					read_all(form)
 					return false, "socket:send() failed : " .. err
 				end
 				-- Read result
 				local data
-				data, err = socket:receive("*l")
+				data, err = scan_socket:receive("*l")
 				if not data then
-					socket:close()
+					scan_socket:close()
 					read_all(form)
 					return false, err
 				end
-				socket:close()
-				socket = nil
+				scan_socket:close()
+				scan_socket = nil
 				if data:match("^.*INSTREAM size limit exceeded.*$") then
 					self.logger:log(
 						ERR,
@@ -265,8 +265,8 @@ function clamav:scan()
 			end
 			-- End of body case : no file detected
 		elseif typ == "eof" then
-			if socket then
-				socket:close()
+			if scan_socket then
+				scan_socket:close()
 			end
 			return true
 		end

diff --git a/clamav/ui/actions.py b/clamav/ui/actions.py
@@ -1,5 +1,6 @@
 from traceback import format_exc
 
+
 def pre_render(**kwargs):
     pass
 
@@ -21,7 +22,7 @@ def clamav(**kwargs):
         ping = {"ping_status": ping_data["status"]}
     except BaseException:
         error = f"Error while trying to ping clamav : {format_exc()}"
-        print(error, flush=True)  
-        ping = {"ping_status": "error", "error" : error}
+        print(error, flush=True)
+        ping = {"ping_status": "error", "error": error}
 
     return {**ping}
diff --git a/clamav/ui/template.html b/clamav/ui/template.html
@@ -1,15 +1,20 @@
-{% extends "base.html" %}
-
-{% set read_doc_text = 'You will find more information about the clamav plugin <a target="_blank" href="https://github.com/bunkerity/bunkerweb-plugins/tree/v' + plugin['version'] + '/clamav"  class="core-card-text-doc-link">in the documentation</a>.' %}
-
-{% block content %}
+{% extends "base.html" %} {% set read_doc_text = 'You will find more information
+about the clamav plugin
+<a
+  target="_blank"
+  href="https://github.com/bunkerity/bunkerweb-plugins/tree/v' + plugin['version'] + '/clamav"
+  class="core-card-text-doc-link"
+  >in the documentation</a
+>.' %} {% block content %}
 
 <div class="core-layout">
   {% if is_used %}
-  <input id="csrf_token"
-  type="hidden"
-  name="csrf_token"
-  value="{{ csrf_token() }}" />
+  <input
+    id="csrf_token"
+    type="hidden"
+    name="csrf_token"
+    value="{{ csrf_token() }}"
+  />
   <!-- info-->
   <div class="core-card">
     <h5 class="core-card-title">INFO</h5>

diff --git a/coraza/api/coraza.conf b/coraza/api/coraza.conf
@@ -114,7 +114,7 @@ FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
 # 'strict' mode, which means if there are any lines with start of "--", then
 # Coraza blocked the content. But the next, commented example contains
 # the 'permissive' mode, then you check only if the necessary lines exists in
-# correct order. Whit this, you can enable to upload PEM files (eg "----BEGIN.."),
+# correct order. With this, you can enable to upload PEM files (eg "----BEGIN.."),
 # or other text files, which contains eg. HTTP headers.
 #
 # The difference is only the operator - in strict mode (first) the content blocked

diff --git a/coraza/ui/actions.py b/coraza/ui/actions.py
@@ -1,5 +1,6 @@
 from traceback import format_exc
 
+
 def pre_render(**kwargs):
     pass
 
@@ -21,7 +22,7 @@ def coraza(**kwargs):
         ping = {"ping_status": ping_data["status"]}
     except BaseException:
         error = f"Error while trying to ping coraza : {format_exc()}"
-        print(error, flush=True)  
-        ping = {"ping_status": "error", "error" : error}
+        print(error, flush=True)
+        ping = {"ping_status": "error", "error": error}
 
     return {**ping}
diff --git a/coraza/ui/template.html b/coraza/ui/template.html
@@ -1,15 +1,20 @@
-{% extends "base.html" %}
-
-{% set read_doc_text = 'You will find more information about the coraza plugin <a target="_blank" href="https://github.com/bunkerity/bunkerweb-plugins/tree/v' + plugin['version'] + '/coraza"  class="core-card-text-doc-link">in the documentation</a>.' %}
-
-{% block content %}
+{% extends "base.html" %} {% set read_doc_text = 'You will find more information
+about the coraza plugin
+<a
+  target="_blank"
+  href="https://github.com/bunkerity/bunkerweb-plugins/tree/v' + plugin['version'] + '/coraza"
+  class="core-card-text-doc-link"
+  >in the documentation</a
+>.' %} {% block content %}
 
 <div class="core-layout">
   {% if is_used %}
-  <input id="csrf_token"
-  type="hidden"
-  name="csrf_token"
-  value="{{ csrf_token() }}" />
+  <input
+    id="csrf_token"
+    type="hidden"
+    name="csrf_token"
+    value="{{ csrf_token() }}"
+  />
   <!-- info-->
   <div class="core-card">
     <h5 class="core-card-title">INFO</h5>

diff --git a/crowdsec/ui/actions.py b/crowdsec/ui/actions.py
@@ -1,5 +1,6 @@
 from traceback import format_exc
 
+
 def pre_render(**kwargs):
     pass
 
@@ -21,7 +22,7 @@ def crowdsec(**kwargs):
         ping = {"ping_status": ping_data["status"]}
     except BaseException:
         error = f"Error while trying to ping crowdsec : {format_exc()}"
-        print(error, flush=True)  
-        ping = {"ping_status": "error", "error" : error}
+        print(error, flush=True)
+        ping = {"ping_status": "error", "error": error}
 
     return {**ping}
diff --git a/crowdsec/ui/template.html b/crowdsec/ui/template.html
@@ -1,15 +1,20 @@
-{% extends "base.html" %}
-
-{% set read_doc_text = 'You will find more information about the crowdsec plugin <a target="_blank" href="https://github.com/bunkerity/bunkerweb-plugins/tree/v' + plugin['version'] + '/crowdsec"  class="core-card-text-doc-link">in the documentation</a>.' %}
-
-{% block content %}
+{% extends "base.html" %} {% set read_doc_text = 'You will find more information
+about the crowdsec plugin
+<a
+  target="_blank"
+  href="https://github.com/bunkerity/bunkerweb-plugins/tree/v' + plugin['version'] + '/crowdsec"
+  class="core-card-text-doc-link"
+  >in the documentation</a
+>.' %} {% block content %}
 
 <div class="core-layout">
   {% if is_used %}
-  <input id="csrf_token"
-  type="hidden"
-  name="csrf_token"
-  value="{{ csrf_token() }}" />
+  <input
+    id="csrf_token"
+    type="hidden"
+    name="csrf_token"
+    value="{{ csrf_token() }}"
+  />
   <!-- info-->
   <div class="core-card">
     <h5 class="core-card-title">INFO</h5>

diff --git a/discord/ui/actions.py b/discord/ui/actions.py
@@ -1,5 +1,6 @@
 from traceback import format_exc
 
+
 def pre_render(**kwargs):
     pass
 
@@ -21,7 +22,7 @@ def discord(**kwargs):
         ping = {"ping_status": ping_data["status"]}
     except BaseException:
         error = f"Error while trying to ping discord : {format_exc()}"
-        print(error, flush=True)  
-        ping = {"ping_status": "error", "error" : error}
+        print(error, flush=True)
+        ping = {"ping_status": "error", "error": error}
 
     return {**ping}
diff --git a/discord/ui/template.html b/discord/ui/template.html
@@ -1,15 +1,20 @@
-{% extends "base.html" %}
-
-{% set read_doc_text = 'You will find more information about the discord plugin <a target="_blank" href="https://github.com/bunkerity/bunkerweb-plugins/tree/v' + plugin['version'] + '/discord"  class="core-card-text-doc-link">in the documentation</a>.' %}
-
-{% block content %}
+{% extends "base.html" %} {% set read_doc_text = 'You will find more information
+about the discord plugin
+<a
+  target="_blank"
+  href="https://github.com/bunkerity/bunkerweb-plugins/tree/v' + plugin['version'] + '/discord"
+  class="core-card-text-doc-link"
+  >in the documentation</a
+>.' %} {% block content %}
 
 <div class="core-layout">
   {% if is_used %}
-  <input id="csrf_token"
-  type="hidden"
-  name="csrf_token"
-  value="{{ csrf_token() }}" />
+  <input
+    id="csrf_token"
+    type="hidden"
+    name="csrf_token"
+    value="{{ csrf_token() }}"
+  />
   <!-- info-->
   <div class="core-card">
     <h5 class="core-card-title">INFO</h5>