enable flake8-bandit and apply

Author: Borda

pyproject.toml

@@ -14,47 +14,26 @@ lint.select = [
     "W", # see: https://pypi.org/project/pycodestyle
     "F", # see: https://pypi.org/project/pyflakes
     "I", #see: https://pypi.org/project/isort/
+    "S", # see: https://pypi.org/project/flake8-bandit
 #    "D", # see: https://pypi.org/project/pydocstyle
 #    "N", # see: https://pypi.org/project/pep8-naming
-#    "S", # see: https://pypi.org/project/flake8-bandit
 ]
 #lint.extend-select = [
 #    "A",    # see: https://pypi.org/project/flake8-builtins
 #    "B",    # see: https://pypi.org/project/flake8-bugbear
 #    "C4",   # see: https://pypi.org/project/flake8-comprehensions
 #    "PT",   # see: https://pypi.org/project/flake8-pytest-style
 #    "RET",  # see: https://pypi.org/project/flake8-return
-#    "SIM",  # see: https://pypi.org/project/flake8-simplify
-#    "YTT",  # see: https://pypi.org/project/flake8-2020
 #    "ANN",  # see: https://pypi.org/project/flake8-annotations
-#    "TID",  # see: https://pypi.org/project/flake8-tidy-imports/
-#    "T10",  # see: https://pypi.org/project/flake8-debugger
-#    "Q",    # see: https://pypi.org/project/flake8-quotes
-#    "RUF",  # Ruff-specific rules
-#    "EXE",  # see: https://pypi.org/project/flake8-executable
-#    "ISC",  # see: https://pypi.org/project/flake8-implicit-str-concat
-#    "PIE",  # see: https://pypi.org/project/flake8-pie
-#    "PLE",  # see: https://pypi.org/project/pylint/
-#    "PERF", # see: https://pypi.org/project/perflint/
-#    "PYI",  # see: https://pypi.org/project/flake8-pyi/
 #]
 #lint.ignore = [
 #    "E731",   # Do not assign a lambda expression, use a def
-#    "D100",   # todo: Missing docstring in public module
-#    "D104",   # todo: Missing docstring in public package
-#    "D107",   # Missing docstring in `__init__`
-#    "ANN101", # Missing type annotation for `self` in method
-#    "S301",   # todo: `pickle` and modules that wrap it can be unsafe when used to deserialize untrusted data, possible security issue  # todo
-#    "S310",   # todo: Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.  # todo
-#    "B905",   # todo: `zip()` without an explicit `strict=` parameter
 #]
 lint.ignore-init-module-imports = true
 lint.unfixable = ["F401"]
 
-#[tool.ruff.lint.per-file-ignores]
-#"setup.py" = ["ANN202", "ANN401"]
-#"src/**" = ["ANN401"]
-#"tests/**" = ["S101", "ANN001", "ANN201", "ANN202", "ANN401"]
+[tool.ruff.lint.per-file-ignores]
+"test_*.py" = ["S101", "S311"]
 
 [tool.ruff.lint.pydocstyle]
 # Use Google-style docstrings.

pytest_rerunfailures.py

@@ -188,7 +188,7 @@ def evaluate_condition(item, mark, condition: object) -> bool:
         try:
             filename = f"<{mark.name} condition>"
             condition_code = compile(condition, filename, "eval")
-            result = eval(condition_code, globals_)
+            result = eval(condition_code, globals_)  # noqa: S307
         except SyntaxError as exc:
             msglines = [
                 "Error evaluating %r condition" % mark.name,
@@ -365,9 +365,7 @@ def __init__(self):
 
     def _hash(self, crashitem: str) -> str:
         if crashitem not in self.hmap:
-            self.hmap[crashitem] = hashlib.sha1(
-                crashitem.encode(),
-            ).hexdigest()[:10]
+            self.hmap[crashitem] = hashlib.sha1(crashitem.encode()).hexdigest()[:10]  # noqa: S324
 
         return self.hmap[crashitem]