diff options
author | Po-Chuan Hsieh <sunpoet@FreeBSD.org> | 2023-04-05 17:07:23 +0000 |
---|---|---|
committer | Po-Chuan Hsieh <sunpoet@FreeBSD.org> | 2023-04-05 17:29:38 +0000 |
commit | dad043a7779798a228bce76d38bb72a3c257bfc0 (patch) | |
tree | 690b288d6dcbb0facc8b8d21d8cae70daa6fafcf | |
parent | 2a685ab209b7b7d03f1d03f6bd2d33676f8efd36 (diff) | |
download | ports-dad043a7779798a228bce76d38bb72a3c257bfc0.tar.gz ports-dad043a7779798a228bce76d38bb72a3c257bfc0.zip |
devel/py-dodgy: Add py-dodgy 0.2.1
Dodgy is a very basic tool to run against your codebase to search for "dodgy"
looking values. It is a series of simple regular expressions designed to detect
things such as accidental SCM diff checkins, or passwords or secret keys hard
coded into files.
While this is primarily aimed at open source projects (for whom a publicly
available secret key is pretty dangerous), it can also be used in private
projects, with the caveat that it will point out things which are not a problem
for private projects and is not configurable enough currently to change that.
Another note - this tool is probably best run pre-commit, since it will
hopefully prevent dodgy things being checked in. To automatically execute before
a commit use a git pre-commit hook.
-rw-r--r-- | devel/Makefile | 1 | ||||
-rw-r--r-- | devel/py-dodgy/Makefile | 19 | ||||
-rw-r--r-- | devel/py-dodgy/distinfo | 3 | ||||
-rw-r--r-- | devel/py-dodgy/pkg-descr | 13 |
4 files changed, 36 insertions, 0 deletions
diff --git a/devel/Makefile b/devel/Makefile index 26ccd15a6148..2c3a609f9efd 100644 --- a/devel/Makefile +++ b/devel/Makefile @@ -4528,6 +4528,7 @@ SUBDIR += py-dockerpty SUBDIR += py-docopt SUBDIR += py-doctest-ignore-unicode + SUBDIR += py-dodgy SUBDIR += py-dogpile.cache SUBDIR += py-doit SUBDIR += py-dotted diff --git a/devel/py-dodgy/Makefile b/devel/py-dodgy/Makefile new file mode 100644 index 000000000000..819c6ade072d --- /dev/null +++ b/devel/py-dodgy/Makefile @@ -0,0 +1,19 @@ +PORTNAME= dodgy +PORTVERSION= 0.2.1 +CATEGORIES= devel python +MASTER_SITES= PYPI +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= sunpoet@FreeBSD.org +COMMENT= Search for dodgy looking lines in Python code +WWW= https://github.com/landscapeio/dodgy + +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/LICENSE + +USES= python:3.7+ +USE_PYTHON= autoplist concurrent distutils + +NO_ARCH= yes + +.include <bsd.port.mk> diff --git a/devel/py-dodgy/distinfo b/devel/py-dodgy/distinfo new file mode 100644 index 000000000000..ed58167ad123 --- /dev/null +++ b/devel/py-dodgy/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1679498490 +SHA256 (dodgy-0.2.1.tar.gz) = 28323cbfc9352139fdd3d316fa17f325cc0e9ac74438cbba51d70f9b48f86c3a +SIZE (dodgy-0.2.1.tar.gz) = 4896 diff --git a/devel/py-dodgy/pkg-descr b/devel/py-dodgy/pkg-descr new file mode 100644 index 000000000000..0335a2f7ded5 --- /dev/null +++ b/devel/py-dodgy/pkg-descr @@ -0,0 +1,13 @@ +Dodgy is a very basic tool to run against your codebase to search for "dodgy" +looking values. It is a series of simple regular expressions designed to detect +things such as accidental SCM diff checkins, or passwords or secret keys hard +coded into files. + +While this is primarily aimed at open source projects (for whom a publicly +available secret key is pretty dangerous), it can also be used in private +projects, with the caveat that it will point out things which are not a problem +for private projects and is not configurable enough currently to change that. + +Another note - this tool is probably best run pre-commit, since it will +hopefully prevent dodgy things being checked in. To automatically execute before +a commit use a git pre-commit hook. |