WIP: don't merge #66
WIP: don't merge #66
Conversation
|
This PR was not deployed automatically as @Alc-Alc does not have access to the Railway project. In order to get automatic PR deploys, please add @Alc-Alc to the project inside the project settings page. |
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
There was a problem hiding this comment.
PR Type: Enhancement
PR Summary: This pull request introduces several enhancements and new features to the project. It includes changes to logging and settings configurations, introduces new utility functions for formatting and querying rules, and adds a new plugin for Astral Inc. related software. Additionally, it updates references to external resources and modifies the handling of certain settings to ignore extra fields.
Decision: Comment
📝 Type: 'Enhancement' - not supported yet.
- Sourcery currently only approves 'Typo fix' PRs.
📝 Issue not addressed: this change does not correctly address the issue or implement the desired feature.
No details provided.
📝 Complexity: the changes are too large or complex for Sourcery to approve.
- Unsupported files: the diff contains files that Sourcery does not currently support during reviews.
General suggestions:
- Ensure that all new functionalities introduced are accompanied by adequate documentation updates. This includes both prose and reference documentation, if applicable.
- Review the security implications of using subprocesses, especially in functions like
run_ruff_format. Consider implementing additional input sanitization or alternative methods to mitigate potential security risks. - Given the PR title 'WIP: don't merge', ensure that all work-in-progress aspects of the PR are completed and thoroughly tested before merging. This includes addressing any known issues or TODOs in the code.
- Verify that the changes made to settings configurations, such as the addition of the 'extra="ignore"' parameter, align with the project's overall configuration management strategy and do not inadvertently suppress important configuration errors.
Thanks for using Sourcery. We offer it for free for open source projects and would be very grateful if you could help us grow. If you like it, would you consider sharing Sourcery on your favourite social media? ✨
| def run_ruff_format(code: str) -> str: | ||
| """Formats code using Ruff. | ||
|
|
||
| Args: | ||
| code: The code to format. | ||
|
|
||
| Returns: | ||
| str: The formatted code. | ||
| """ | ||
| result = subprocess.run( | ||
| ["ruff", "format", "-"], # noqa: S603, S607 | ||
| input=code, | ||
| capture_output=True, | ||
| text=True, | ||
| check=False, | ||
| ) | ||
| return result.stdout if result.returncode == 0 else code |
There was a problem hiding this comment.
🚨 security (llm): Using subprocess.run with shell=True can be a security hazard if untrusted input is passed as part of the command. Ensure that code is sanitized or consider using a safer alternative to execute the command.
Pull Request Checklist
Description
Close Issue(s)