-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathoutput.txt
More file actions
385 lines (326 loc) · 15.7 KB
/
output.txt
File metadata and controls
385 lines (326 loc) · 15.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
[sudo] password for toor:
Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble InRelease
Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates InRelease
Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports InRelease
Hit:4 http://security.ubuntu.com/ubuntu noble-security InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
18 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
python3 is already the newest version (3.12.3-0ubuntu2).
python3-pip is already the newest version (24.0+dfsg-1ubuntu1).
python3-venv is already the newest version (3.12.3-0ubuntu2).
git is already the newest version (1:2.43.0-1ubuntu7.2).
0 upgraded, 0 newly installed, 0 to remove and 18 not upgraded.
Python 3.12.3
git version 2.43.0
pip 24.0 from /usr/lib/python3/dist-packages/pip (python 3.12)
hint: Using 'master' as the name for the initial branch. This default branch name
hint: is subject to change. To configure the initial branch name to use in all
hint: of your new repositories, which will suppress this warning, call:
hint:
hint: git config --global init.defaultBranch <name>
hint:
hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
hint: 'development'. The just-created branch can be renamed via this command:
hint:
hint: git branch -m <name>
Initialized empty Git repository in /home/toor/precommit-lab/.git/
Collecting pre-commit
Downloading pre_commit-3.8.0-py2.py3-none-any.whl.metadata (1.3 kB)
Collecting cfgv>=2.0.0
Downloading cfgv-3.4.0-py2.py3-none-any.whl.metadata (8.5 kB)
Collecting identify>=1.0.0
Downloading identify-2.6.1-py2.py3-none-any.whl.metadata (4.4 kB)
Collecting nodeenv>=0.11.1
Downloading nodeenv-1.9.1-py2.py3-none-any.whl.metadata (21 kB)
Collecting pyyaml>=5.1
Using cached PyYAML-6.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (2.1 kB)
Collecting virtualenv>=20.10.0
Downloading virtualenv-20.26.4-py3-none-any.whl.metadata (4.5 kB)
Collecting distlib<1,>=0.3.7
Downloading distlib-0.3.9-py2.py3-none-any.whl.metadata (5.2 kB)
Collecting filelock<4,>=3.12.2
Downloading filelock-3.16.1-py3-none-any.whl.metadata (2.9 kB)
Collecting platformdirs<5,>=3.9.1
Downloading platformdirs-4.3.6-py3-none-any.whl.metadata (11 kB)
Downloading pre_commit-3.8.0-py2.py3-none-any.whl (204 kB)
Downloading cfgv-3.4.0-py2.py3-none-any.whl (7.2 kB)
Downloading identify-2.6.1-py2.py3-none-any.whl (98 kB)
Downloading nodeenv-1.9.1-py2.py3-none-any.whl (22 kB)
Downloading virtualenv-20.26.4-py3-none-any.whl (6.0 MB)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 6.0/6.0 MB 12.1 MB/s eta 0:00:00
Downloading distlib-0.3.9-py2.py3-none-any.whl (468 kB)
Downloading filelock-3.16.1-py3-none-any.whl (16 kB)
Downloading platformdirs-4.3.6-py3-none-any.whl (18 kB)
Installing collected packages: distlib, pyyaml, platformdirs, nodeenv, identify, filelock, cfgv, virtualenv, pre-commit
Successfully installed cfgv-3.4.0 distlib-0.3.9 filelock-3.16.1 identify-2.6.1 nodeenv-1.9.1 platformdirs-4.3.6 pre-commit-3.8.0 pyyaml-6.0.2 virtualenv-20.26.4
pre-commit 3.8.0
pre-commit installed at .git/hooks/pre-commit
[INFO] Initializing environment for https://github.com/pre-commit/pre-commit-hooks.
[INFO] Initializing environment for https://github.com/psf/black.
[INFO] Initializing environment for https://github.com/PyCQA/flake8.
[INFO] Initializing environment for https://github.com/PyCQA/bandit.
[INFO] Installing environment for https://github.com/pre-commit/pre-commit-hooks.
[INFO] Once installed this environment will be reused.
[INFO] This may take a few minutes...
[INFO] Installing environment for https://github.com/psf/black.
[INFO] Once installed this environment will be reused.
[INFO] This may take a few minutes...
[INFO] Installing environment for https://github.com/PyCQA/flake8.
[INFO] Once installed this environment will be reused.
[INFO] This may take a few minutes...
[INFO] Installing environment for https://github.com/PyCQA/bandit.
[INFO] Once installed this environment will be reused.
[INFO] This may take a few minutes...
trim trailing whitespace.................................................Passed
fix end of files.........................................................Passed
check yaml...........................................(no files to check)Skipped
check for added large files..............................................Passed
check json...........................................(no files to check)Skipped
pretty format json...................................(no files to check)Skipped
black....................................................................Failed
- hook id: black
- files were modified by this hook
reformatted app.py
All done! ✨ 🍰 ✨
1 file reformatted.
flake8...................................................................Failed
- hook id: flake8
- exit code: 1
app.py:1:1: F401 'os' imported but unused
app.py:2:1: F401 'sys' imported but unused
app.py:6:5: F841 local variable 'password' is assigned to but never used
bandit...................................................................Failed
- hook id: bandit
- exit code: 1
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: B602,B607
[main] INFO running on Python 3.12.3
Run started:2026-04-12 16:12:07.998266
Test results:
>> Issue: [B105:hardcoded_password_string] Possible hardcoded password: 'hardcoded_password123'
Severity: Low Confidence: Medium
CWE: CWE-259 (https://cwe.mitre.org/data/definitions/259.html)
More Info: https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
Location: ./app.py:6:15
5 password = "hardcoded_password123"
6 result = a + b
7 return result
--------------------------------------------------
Code scanned:
Total lines of code: 11
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0
Low: 1
Medium: 0
High: 0
Total issues (by confidence):
Undefined: 0
Low: 0
Medium: 1
High: 0
Files skipped (0):
trim trailing whitespace.................................................Passed
fix end of files.........................................................Passed
check yaml...........................................(no files to check)Skipped
check for added large files..............................................Passed
check json...........................................(no files to check)Skipped
pretty format json...................................(no files to check)Skipped
black....................................................................Passed
flake8...................................................................Passed
bandit...................................................................Passed
pre-commit installed at .git/hooks/pre-commit
trim trailing whitespace.................................................Passed
fix end of files.........................................................Passed
check yaml...............................................................Passed
check for added large files..............................................Passed
check json...........................................(no files to check)Skipped
pretty format json...................................(no files to check)Skipped
black....................................................................Passed
flake8...................................................................Passed
bandit...................................................................Passed
Check for TODO comments..................................................Passed
trim trailing whitespace.................................................Passed
fix end of files.........................................................Passed
check yaml...............................................................Passed
check for added large files..............................................Passed
check json...............................................................Passed
pretty format json.......................................................Failed
- hook id: pretty-format-json
- files were modified by this hook
Fixing file config.json
black....................................................................Passed
flake8...................................................................Passed
bandit...................................................................Passed
Check for TODO comments..................................................Passed
trim trailing whitespace.................................................Passed
fix end of files.........................................................Passed
check yaml...............................................................Passed
check for added large files..............................................Passed
check json...............................................................Passed
pretty format json.......................................................Passed
black....................................................................Passed
flake8...................................................................Passed
bandit...................................................................Passed
Check for TODO comments..................................................Passed
[master (root-commit) 8f3b6d2] Add pre-commit configuration and sample files
6 files changed, 109 insertions(+)
create mode 100644 .bandit
create mode 100644 .flake8
create mode 100644 .pre-commit-config.yaml
create mode 100644 app.py
create mode 100644 app_fixed.py
create mode 100644 config.yaml
trim trailing whitespace.................................................Passed
fix end of files.........................................................Passed
check yaml...............................................................Passed
check for added large files..............................................Passed
check json...............................................................Passed
pretty format json.......................................................Passed
black....................................................................Failed
- hook id: black
- files were modified by this hook
reformatted bad_code.py
All done! ✨ 🍰 ✨
1 file reformatted.
flake8...................................................................Failed
- hook id: flake8
- exit code: 1
bad_code.py:2:5: F841 local variable 'password' is assigned to but never used
bandit...................................................................Failed
- hook id: bandit
- exit code: 1
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: B602,B607
[main] INFO running on Python 3.12.3
Run started:2026-04-12 16:18:44.011097
Test results:
>> Issue: [B105:hardcoded_password_string] Possible hardcoded password: 'secret123'
Severity: Low Confidence: Medium
CWE: CWE-259 (https://cwe.mitre.org/data/definitions/259.html)
More Info: https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
Location: ./bad_code.py:2:15
1 def bad_function(x, y):
2 password = "secret123"
3 return x + y
--------------------------------------------------
Code scanned:
Total lines of code: 29
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0
Low: 1
Medium: 0
High: 0
Total issues (by confidence):
Undefined: 0
Low: 0
Medium: 1
High: 0
Files skipped (0):
Check for TODO comments..................................................Passed
[master d4f7a39] Emergency commit
1 file changed, 3 insertions(+)
create mode 100644 bad_code.py
trim trailing whitespace.................................................Passed
fix end of files.........................................................Passed
check yaml...............................................................Passed
check for added large files..............................................Passed
check json...............................................................Passed
pretty format json.......................................................Passed
black....................................................................Passed
flake8...................................................................Failed
- hook id: flake8
- exit code: 1
bad_code.py:2:5: F841 local variable 'password' is assigned to but never used
bandit...................................................................Failed
- hook id: bandit
- exit code: 1
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: B602,B607
[main] INFO running on Python 3.12.3
Run started:2026-04-12 16:19:30.448594
Test results:
>> Issue: [B105:hardcoded_password_string] Possible hardcoded password: 'secret123'
Severity: Low Confidence: Medium
CWE: CWE-259 (https://cwe.mitre.org/data/definitions/259.html)
More Info: https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
Location: ./bad_code.py:2:15
1 def bad_function(x, y):
2 password = "secret123"
3 return x + y
--------------------------------------------------
Code scanned:
Total lines of code: 32
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0
Low: 1
Medium: 0
High: 0
Total issues (by confidence):
Undefined: 0
Low: 0
Medium: 1
High: 0
Files skipped (0):
Check for TODO comments..................................................Passed
total 72
drwxr-xr-x 2 toor toor 4096 Apr 12 16:11 .
drwxrwxr-x 8 toor toor 4096 Apr 12 16:19 ..
-rwxr-xr-x 1 toor toor 478 Apr 12 16:10 applypatch-msg.sample
-rwxr-xr-x 1 toor toor 896 Apr 12 16:10 commit-msg.sample
-rwxr-xr-x 1 toor toor 4726 Apr 12 16:10 fsmonitor-watchman.sample
-rwxr-xr-x 1 toor toor 189 Apr 12 16:11 post-update.sample
-rwxr-xr-x 1 toor toor 424 Apr 12 16:10 pre-applypatch.sample
-rwxr-xr-x 1 toor toor 603 Apr 12 16:11 pre-commit
-rwxr-xr-x 1 toor toor 1643 Apr 12 16:10 pre-commit.sample
-rwxr-xr-x 1 toor toor 416 Apr 12 16:10 pre-merge-commit.sample
-rwxr-xr-x 1 toor toor 1374 Apr 12 16:10 pre-push.sample
-rwxr-xr-x 1 toor toor 4898 Apr 12 16:10 pre-rebase.sample
-rwxr-xr-x 1 toor toor 544 Apr 12 16:10 pre-receive.sample
-rwxr-xr-x 1 toor toor 1492 Apr 12 16:10 prepare-commit-msg.sample
-rwxr-xr-x 1 toor toor 2783 Apr 12 16:10 push-to-checkout.sample
-rwxr-xr-x 1 toor toor 3650 Apr 12 16:10 update.sample
#!/usr/bin/env bash
# File generated by pre-commit: https://pre-commit.com
# ID: 138fd403232d2ddd5efb44317e38bf03
# start templated
INSTALL_PYTHON=/home/toor/precommit-lab/venv/bin/python3
ARGS=(hook-impl --config=.pre-commit-config.yaml --hook-type=pre-commit)
# end templated
HERE="$(cd "$(dirname "$0")" && pwd)"
ARGS+=(--hook-dir "$HERE" -- "$@")
if [ -x "$INSTALL_PYTHON" ]; then
exec "$INSTALL_PYTHON" -mpre_commit "${ARGS[@]}"
elif command -v pre-commit > /dev/null; then
exec pre-commit "${ARGS[@]}"
else
echo '`pre-commit` not found. Did you forget to activate your virtualenv?' 1>&2
exit 1
fi
[https://github.com/pre-commit/pre-commit-hooks] updating v4.5.0 -> v5.0.0
[https://github.com/psf/black] updating 23.12.1 -> 24.10.0
[https://github.com/PyCQA/flake8] updating 7.0.0 -> 7.1.1
[https://github.com/PyCQA/bandit] updating 1.7.6 -> 1.8.3
pre-commit uninstalled
pre-commit installed at .git/hooks/pre-commit
black....................................................................Passed
flake8...................................................................Failed
- hook id: flake8
- exit code: 1
bad_code.py:2:5: F841 local variable 'password' is assigned to but never used