git: dad043a77797 - main - devel/py-dodgy: Add py-dodgy 0.2.1
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 05 Apr 2023 17:33:15 UTC
The branch main has been updated by sunpoet:
URL: https://cgit.FreeBSD.org/ports/commit/?id=dad043a7779798a228bce76d38bb72a3c257bfc0
commit dad043a7779798a228bce76d38bb72a3c257bfc0
Author: Po-Chuan Hsieh <sunpoet@FreeBSD.org>
AuthorDate: 2023-04-05 17:07:23 +0000
Commit: Po-Chuan Hsieh <sunpoet@FreeBSD.org>
CommitDate: 2023-04-05 17:29:38 +0000
devel/py-dodgy: Add py-dodgy 0.2.1
Dodgy is a very basic tool to run against your codebase to search for "dodgy"
looking values. It is a series of simple regular expressions designed to detect
things such as accidental SCM diff checkins, or passwords or secret keys hard
coded into files.
While this is primarily aimed at open source projects (for whom a publicly
available secret key is pretty dangerous), it can also be used in private
projects, with the caveat that it will point out things which are not a problem
for private projects and is not configurable enough currently to change that.
Another note - this tool is probably best run pre-commit, since it will
hopefully prevent dodgy things being checked in. To automatically execute before
a commit use a git pre-commit hook.
---
devel/Makefile | 1 +
devel/py-dodgy/Makefile | 19 +++++++++++++++++++
devel/py-dodgy/distinfo | 3 +++
devel/py-dodgy/pkg-descr | 13 +++++++++++++
4 files changed, 36 insertions(+)
diff --git a/devel/Makefile b/devel/Makefile
index 26ccd15a6148..2c3a609f9efd 100644
--- a/devel/Makefile
+++ b/devel/Makefile
@@ -4528,6 +4528,7 @@
SUBDIR += py-dockerpty
SUBDIR += py-docopt
SUBDIR += py-doctest-ignore-unicode
+ SUBDIR += py-dodgy
SUBDIR += py-dogpile.cache
SUBDIR += py-doit
SUBDIR += py-dotted
diff --git a/devel/py-dodgy/Makefile b/devel/py-dodgy/Makefile
new file mode 100644
index 000000000000..819c6ade072d
--- /dev/null
+++ b/devel/py-dodgy/Makefile
@@ -0,0 +1,19 @@
+PORTNAME= dodgy
+PORTVERSION= 0.2.1
+CATEGORIES= devel python
+MASTER_SITES= PYPI
+PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX}
+
+MAINTAINER= sunpoet@FreeBSD.org
+COMMENT= Search for dodgy looking lines in Python code
+WWW= https://github.com/landscapeio/dodgy
+
+LICENSE= MIT
+LICENSE_FILE= ${WRKSRC}/LICENSE
+
+USES= python:3.7+
+USE_PYTHON= autoplist concurrent distutils
+
+NO_ARCH= yes
+
+.include <bsd.port.mk>
diff --git a/devel/py-dodgy/distinfo b/devel/py-dodgy/distinfo
new file mode 100644
index 000000000000..ed58167ad123
--- /dev/null
+++ b/devel/py-dodgy/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1679498490
+SHA256 (dodgy-0.2.1.tar.gz) = 28323cbfc9352139fdd3d316fa17f325cc0e9ac74438cbba51d70f9b48f86c3a
+SIZE (dodgy-0.2.1.tar.gz) = 4896
diff --git a/devel/py-dodgy/pkg-descr b/devel/py-dodgy/pkg-descr
new file mode 100644
index 000000000000..0335a2f7ded5
--- /dev/null
+++ b/devel/py-dodgy/pkg-descr
@@ -0,0 +1,13 @@
+Dodgy is a very basic tool to run against your codebase to search for "dodgy"
+looking values. It is a series of simple regular expressions designed to detect
+things such as accidental SCM diff checkins, or passwords or secret keys hard
+coded into files.
+
+While this is primarily aimed at open source projects (for whom a publicly
+available secret key is pretty dangerous), it can also be used in private
+projects, with the caveat that it will point out things which are not a problem
+for private projects and is not configurable enough currently to change that.
+
+Another note - this tool is probably best run pre-commit, since it will
+hopefully prevent dodgy things being checked in. To automatically execute before
+a commit use a git pre-commit hook.