ci: add ruff linting and mypy type checking
Add ruff and mypy to dev dependencies with configuration in pyproject.toml. Add a lint CI job that runs ruff check, ruff format --check, and mypy. Auto-fix import sorting and formatting across the codebase. Exclude alembic/versions from linting (auto-generated migrations). Ignore B008 (FastAPI Depends pattern) and RUF001 (unicode in user-facing strings). 21 ruff lint errors and 50 mypy errors remain for manual review. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
399276ea69
commit
bf04c77aa9
137 changed files with 3066 additions and 1900 deletions
|
|
@ -1,2 +1 @@
|
|||
"""Security middleware and helpers for scholarr."""
|
||||
|
||||
|
|
|
|||
|
|
@ -38,7 +38,9 @@ class CSRFMiddleware(BaseHTTPMiddleware):
|
|||
session_token = request.session.get(CSRF_SESSION_KEY)
|
||||
if not session_token:
|
||||
structured_log(
|
||||
logger, "warning", "csrf.missing_session_token",
|
||||
logger,
|
||||
"warning",
|
||||
"csrf.missing_session_token",
|
||||
method=request.method,
|
||||
path=request.url.path,
|
||||
)
|
||||
|
|
@ -56,7 +58,9 @@ class CSRFMiddleware(BaseHTTPMiddleware):
|
|||
|
||||
if not request_token or not compare_digest(str(session_token), str(request_token)):
|
||||
structured_log(
|
||||
logger, "warning", "csrf.invalid_token",
|
||||
logger,
|
||||
"warning",
|
||||
"csrf.invalid_token",
|
||||
method=request.method,
|
||||
path=request.url.path,
|
||||
)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue