Date: Wed, 5 Apr 2023 17:33:15 GMT From: Po-Chuan Hsieh <sunpoet@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: dad043a77797 - main - devel/py-dodgy: Add py-dodgy 0.2.1 Message-ID: <202304051733.335HXFXu083253@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by sunpoet: URL: https://cgit.FreeBSD.org/ports/commit/?id=dad043a7779798a228bce76d38bb72a3c257bfc0 commit dad043a7779798a228bce76d38bb72a3c257bfc0 Author: Po-Chuan Hsieh <sunpoet@FreeBSD.org> AuthorDate: 2023-04-05 17:07:23 +0000 Commit: Po-Chuan Hsieh <sunpoet@FreeBSD.org> CommitDate: 2023-04-05 17:29:38 +0000 devel/py-dodgy: Add py-dodgy 0.2.1 Dodgy is a very basic tool to run against your codebase to search for "dodgy" looking values. It is a series of simple regular expressions designed to detect things such as accidental SCM diff checkins, or passwords or secret keys hard coded into files. While this is primarily aimed at open source projects (for whom a publicly available secret key is pretty dangerous), it can also be used in private projects, with the caveat that it will point out things which are not a problem for private projects and is not configurable enough currently to change that. Another note - this tool is probably best run pre-commit, since it will hopefully prevent dodgy things being checked in. To automatically execute before a commit use a git pre-commit hook. --- devel/Makefile | 1 + devel/py-dodgy/Makefile | 19 +++++++++++++++++++ devel/py-dodgy/distinfo | 3 +++ devel/py-dodgy/pkg-descr | 13 +++++++++++++ 4 files changed, 36 insertions(+) diff --git a/devel/Makefile b/devel/Makefile index 26ccd15a6148..2c3a609f9efd 100644 --- a/devel/Makefile +++ b/devel/Makefile @@ -4528,6 +4528,7 @@ SUBDIR += py-dockerpty SUBDIR += py-docopt SUBDIR += py-doctest-ignore-unicode + SUBDIR += py-dodgy SUBDIR += py-dogpile.cache SUBDIR += py-doit SUBDIR += py-dotted diff --git a/devel/py-dodgy/Makefile b/devel/py-dodgy/Makefile new file mode 100644 index 000000000000..819c6ade072d --- /dev/null +++ b/devel/py-dodgy/Makefile @@ -0,0 +1,19 @@ +PORTNAME= dodgy +PORTVERSION= 0.2.1 +CATEGORIES= devel python +MASTER_SITES= PYPI +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= sunpoet@FreeBSD.org +COMMENT= Search for dodgy looking lines in Python code +WWW= https://github.com/landscapeio/dodgy + +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/LICENSE + +USES= python:3.7+ +USE_PYTHON= autoplist concurrent distutils + +NO_ARCH= yes + +.include <bsd.port.mk> diff --git a/devel/py-dodgy/distinfo b/devel/py-dodgy/distinfo new file mode 100644 index 000000000000..ed58167ad123 --- /dev/null +++ b/devel/py-dodgy/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1679498490 +SHA256 (dodgy-0.2.1.tar.gz) = 28323cbfc9352139fdd3d316fa17f325cc0e9ac74438cbba51d70f9b48f86c3a +SIZE (dodgy-0.2.1.tar.gz) = 4896 diff --git a/devel/py-dodgy/pkg-descr b/devel/py-dodgy/pkg-descr new file mode 100644 index 000000000000..0335a2f7ded5 --- /dev/null +++ b/devel/py-dodgy/pkg-descr @@ -0,0 +1,13 @@ +Dodgy is a very basic tool to run against your codebase to search for "dodgy" +looking values. It is a series of simple regular expressions designed to detect +things such as accidental SCM diff checkins, or passwords or secret keys hard +coded into files. + +While this is primarily aimed at open source projects (for whom a publicly +available secret key is pretty dangerous), it can also be used in private +projects, with the caveat that it will point out things which are not a problem +for private projects and is not configurable enough currently to change that. + +Another note - this tool is probably best run pre-commit, since it will +hopefully prevent dodgy things being checked in. To automatically execute before +a commit use a git pre-commit hook.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202304051733.335HXFXu083253>