Merge remote-tracking branch 'origin/dev'

Author: funilrys

.github/workflows/branches.yml

@@ -29,11 +29,11 @@ jobs:
           - ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         name: Clone repository
 
       - name: Set up Python ${{ matrix.python_version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python_version }}
 
@@ -46,8 +46,38 @@ jobs:
       - name: Lint with Pylint
         run: pylint PyFunceble
 
+  sec_check:
+    name: Check the safety of the codebase with Bandit
+
+    runs-on: "${{ matrix.os }}"
+
+    strategy:
+      fail-fast: false
+      matrix:
+        python_version:
+          - "3.12"
+        os:
+          - ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v6
+        name: Clone repository
+
+      - name: Set up Python ${{ matrix.python_version }}
+        uses: actions/setup-python@v6
+        with:
+          python-version: ${{ matrix.python_version }}
+
+      - name: Install dependencies
+        run: |
+          pip install --upgrade pip
+          pip install .[test,dev]
+
+      - name: Check the safety of the codebase with Bandit
+        run: bandit --ini=setup.cfg -r PyFunceble
+
   test:
-    needs: [lint]
+    needs: [lint, sec_check]
     name: "[${{ matrix.os }}-py${{ matrix.python_version }}] Test Extension"
 
     runs-on: "${{ matrix.os }}"
@@ -67,11 +97,11 @@ jobs:
           - windows-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         name: Clone repository
 
       - name: Set up Python ${{ matrix.python_version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python_version }}
 
@@ -106,11 +136,11 @@ jobs:
           - windows-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         name: Clone repository
 
       - name: Set up Python ${{ matrix.python_version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python_version }}
 

.github/workflows/main.yml

@@ -27,11 +27,11 @@ jobs:
           - ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         name: Clone repository
 
       - name: Set up Python ${{ matrix.python_version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python_version }}
 
@@ -44,8 +44,38 @@ jobs:
       - name: Lint with Pylint
         run: pylint PyFunceble
 
+  sec_check:
+    name: Check the safety of the codebase with Bandit
+
+    runs-on: "${{ matrix.os }}"
+
+    strategy:
+      fail-fast: false
+      matrix:
+        python_version:
+          - "3.12"
+        os:
+          - ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v6
+        name: Clone repository
+
+      - name: Set up Python ${{ matrix.python_version }}
+        uses: actions/setup-python@v6
+        with:
+          python-version: ${{ matrix.python_version }}
+
+      - name: Install dependencies
+        run: |
+          pip install --upgrade pip
+          pip install .[test,dev]
+
+      - name: Check the safety of the codebase with Bandit
+        run: bandit --ini=setup.cfg -r PyFunceble
+
   test:
-    needs: [lint]
+    needs: [lint, sec_check]
     name: "[${{ matrix.os }}-py${{ matrix.python_version }}] Test Extension"
 
     runs-on: "${{ matrix.os }}"
@@ -65,11 +95,11 @@ jobs:
           - windows-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         name: Clone repository
 
       - name: Set up Python ${{ matrix.python_version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python_version }}
 
@@ -104,11 +134,11 @@ jobs:
           - windows-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         name: Clone repository
 
       - name: Set up Python ${{ matrix.python_version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python_version }}
 
@@ -143,11 +173,11 @@ jobs:
           - ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         name: Clone repository
 
       - name: Set up Python ${{ matrix.python_version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python_version }}
 
@@ -217,7 +247,7 @@ jobs:
         run: |
           echo "${{ secrets.AUR_SSH_KEY }}" | install -Dm600 /dev/stdin ~/.ssh/id_ed25519
 
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         name: Clone repository
 
       - name: Publish 📦 to the AUR - if necessary

PyFunceble/ext/process_manager/core.py

@@ -737,9 +737,9 @@ def push_to_input_queue(
                     data, source_worker=source_worker, destination_worker=worker.name
                 )
         elif workers:
-            random.choice(workers).push_to_input_queue(
-                data, source_worker=source_worker
-            )
+            random.choice(  # nosec: B311 # We aren't doing encryption here.
+                workers
+            ).push_to_input_queue(data, source_worker=source_worker)
 
         logger.debug("%s-manager | Pushed to input queue: %r", self.STD_NAME, data)
 
@@ -790,9 +790,9 @@ def push_to_output_queues(
                         destination_worker=worker.name,
                     )
             elif workers:
-                random.choice(workers).push_to_output_queues(
-                    data, source_worker=source_worker
-                )
+                random.choice(  # nosec: B311 # We aren't doing encryption here.
+                    workers
+                ).push_to_output_queues(data, source_worker=source_worker)
         else:
             for manager in self.dependent_managers:
                 # Their input queue is our output queue.
@@ -839,9 +839,9 @@ def push_to_configuration_queue(
                     data, source_worker=source_worker, destination_worker=worker.name
                 )
         elif workers:
-            random.choice(workers).push_to_configuration_queue(
-                data, source_worker=source_worker
-            )
+            random.choice(  # nosec: B311 # We aren't doing encryption here.
+                workers
+            ).push_to_configuration_queue(data, source_worker=source_worker)
 
         logger.debug(
             "%s-manager | Pushed to configuration queue: %r", self.STD_NAME, data

PyFunceble/ext/process_manager/worker/core.py

@@ -1074,7 +1074,7 @@ def shutdown_time_reached():  # pragma: no cover
                         continue
 
                     logger.debug(
-                        "%s | Stop signal received. Scheduling shutdown.",
+                        "%s | Stop signal received. Scheduling shutdown.", self.name
                     )
                     self.exit_event.set()
                     # Make sure that none of the concurrent workers are stuck or

requirements.dev.txt

@@ -1,4 +1,5 @@
 black
 flake8
 isort
-pylint
+pylint
+bandit

setup.cfg

@@ -27,3 +27,6 @@ minversion = 6.0
 addopts = --cov=PyFunceble --cov-report=html --cov-report=term
 testpaths =
     tests
+
+[bandit]
+exclude = tests