chore: switch to ruff format over black

.pre-commit-config.yaml

@@ -57,8 +57,8 @@ repos:
     hooks:
 
       # note: this is used in lieu of autopep8 and yapf
-      - id: black
-        name: black
+      - id: format
+        name: format
         # note: why not use the official black pre-commit hook? so we can use poetry to control which version of black is used.
         entry: make format
         pass_filenames: false

Makefile

@@ -109,8 +109,8 @@ lint-fix: virtual-env-check  ## Fix linting issues (ruff)
 	ruff check . --fix
 
 .PHONY: format
-format: virtual-env-check  ## Format all code (black)
-	black src tests
+format: virtual-env-check  ## Format all code (ruff format)
+	ruff format src tests
 	poetry run python scripts/format-json-snapshots.py
 
 .PHONY: check-types

pyproject.toml

@@ -63,7 +63,6 @@ zstandard = ">=0.22,<0.24"
 [tool.poetry.group.dev.dependencies]
 pytest = ">=7.2.2,<9.0.0"
 pre-commit = ">=3.2,<5.0"
-black = ">=23.1,<25.0"
 jsonschema = "^4.17.3"
 pytest-unordered = ">=0.5.2,<0.7.0"
 pytest-sugar = ">=0.9.6,<1.1.0"
@@ -77,7 +76,7 @@ types-requests = "^2.28.11.7"
 mypy = "^1.1"
 radon = ">=5.1,<7.0"
 dunamai = "^1.15.0"
-ruff = ">=0.5.1,<0.9.2"
+ruff = "^0.9.2"
 yardstick = {git = "https://github.com/anchore/yardstick", rev = "dd0410273860e765386bc29046cb26dd9d5fda8c"}
 # yardstick = {path = "../yardstick", develop=true }
 tabulate = "0.9.0"
@@ -123,32 +122,27 @@ exclude = '''(?x)(
     | ^tests/.*$     # any tests
 )'''
 
-[tool.black]
-line-length = 130
-exclude = '''
-(
-  /(
-      \.eggs         # exclude a few common directories in the
-    | \.git          # root of the project
-    | \.hg
-    | \.mypy_cache
-    | \.tox
-    | \.venv
-    | _build
-    | buck-out
-    | build
-    | dist
-    | data
-    | backup
-    | src/vunnel/providers/mariner/model # files in here are generated
-    | tests/quality/vulnerability-match-labels
-    | tests/quality/.yardstick
-    | tests/quality/data
-    | tests/quality/build
-    | tests/quality/bin
-  )/
-)
-'''
+[tool.ruff.format]
+exclude = [
+    ".eggs",         # exclude a few common directories in the
+    ".git",          # root of the project
+    ".hg",
+    ".mypy_cache",
+    ".tox",
+    ".venv",
+    "_build",
+    "buck-out",
+    "build",
+    "dist",
+    "data",
+    "backup",
+    "src/vunnel/providers/mariner/model", # files in here are generated
+    "tests/quality/vulnerability-match-labels",
+    "tests/quality/.yardstick",
+    "tests/quality/data",
+    "tests/quality/build",
+    "tests/quality/bin",
+]
 
 [tool.coverage.run]
 omit = [
@@ -172,7 +166,6 @@ dirty = true
 
 [tool.ruff]
 cache-dir = ".cache/ruff"
-# allow for a wide-birth relative to what black will correct to
 line-length = 150
 
 extend-exclude = [

src/vunnel/providers/alpine/__init__.py

@@ -24,7 +24,6 @@ class Config:
 
 
 class Provider(provider.Provider):
-
     __schema__ = schema.OSSchema()
     __distribution_version__ = int(__schema__.major_version)
 

src/vunnel/providers/amazon/__init__.py

@@ -29,7 +29,6 @@ def __post_init__(self) -> None:
 
 
 class Provider(provider.Provider):
-
     __schema__ = schema.OSSchema()
     __distribution_version__ = int(__schema__.major_version)
 

src/vunnel/providers/chainguard/__init__.py

@@ -23,7 +23,6 @@ class Config:
 
 
 class Provider(provider.Provider):
-
     __schema__ = schema.OSSchema()
     __distribution_version__ = int(__schema__.major_version)
 

src/vunnel/providers/debian/__init__.py

@@ -28,7 +28,6 @@ def __post_init__(self) -> None:
 
 
 class Provider(provider.Provider):
-
     __schema__ = schema.OSSchema()
     __distribution_version__ = int(__schema__.major_version)
 

src/vunnel/providers/debian/parser.py

@@ -346,11 +346,7 @@ def _normalize_json(self, ns_cve_dsalist=None):  # noqa: PLR0912,PLR0915,C901
                             else:
                                 sev = "Unknown"
 
-                            if (
-                                sev
-                                and vulnerability.severity_order[sev]
-                                > vulnerability.severity_order[vuln_record["Vulnerability"]["Severity"]]
-                            ):
+                            if sev and vulnerability.severity_order[sev] > vulnerability.severity_order[vuln_record["Vulnerability"]["Severity"]]:
                                 vuln_record["Vulnerability"]["Severity"] = sev
 
                             # add fixedIn
@@ -404,22 +400,16 @@ def _normalize_json(self, ns_cve_dsalist=None):  # noqa: PLR0912,PLR0915,C901
                                         "AdvisorySummary": [{"ID": x.dsa, "Link": x.link} for x in matched_dsas],
                                     }
                                     # all_matched_dsas |= set([x.dsa for x in matched_dsas])
-                                    adv_mets[met_ns][met_sev]["dsa"][
-                                        "notfixed" if fixed_el["Version"] == "None" else "fixed"
-                                    ] += 1
+                                    adv_mets[met_ns][met_sev]["dsa"]["notfixed" if fixed_el["Version"] == "None" else "fixed"] += 1
                                 elif "nodsa" in distro_record:
                                     fixed_el["VendorAdvisory"] = {"NoAdvisory": True}
-                                    adv_mets[met_ns][met_sev]["nodsa"][
-                                        "notfixed" if fixed_el["Version"] == "None" else "fixed"
-                                    ] += 1
+                                    adv_mets[met_ns][met_sev]["nodsa"]["notfixed" if fixed_el["Version"] == "None" else "fixed"] += 1
                                 else:
                                     fixed_el["VendorAdvisory"] = {
                                         "NoAdvisory": False,
                                         "AdvisorySummary": [],
                                     }
-                                    adv_mets[met_ns][met_sev]["neither"][
-                                        "notfixed" if fixed_el["Version"] == "None" else "fixed"
-                                    ] += 1
+                                    adv_mets[met_ns][met_sev]["neither"]["notfixed" if fixed_el["Version"] == "None" else "fixed"] += 1
 
                                 # append fixed in record to vulnerability
                                 vuln_record["Vulnerability"]["FixedIn"].append(fixed_el)

src/vunnel/providers/github/__init__.py

@@ -39,7 +39,6 @@ def __str__(self) -> str:
 
 
 class Provider(provider.Provider):
-
     __schema__ = schema.GithubSecurityAdvisorySchema()
     __distribution_version__ = int(__schema__.major_version)
 

src/vunnel/providers/github/parser.py

@@ -445,9 +445,7 @@ def graphql_advisories(cursor=None, timestamp=None, vuln_cursor=None):
 
     if vuln_cursor:
         vuln_after = f'after: "{vuln_cursor}", '
-    vulnerabilities = (
-        f"{vuln_after}classifications: [GENERAL, MALWARE], first: 100, orderBy: {{field: UPDATED_AT, direction: ASC}}"
-    )
+    vulnerabilities = f"{vuln_after}classifications: [GENERAL, MALWARE], first: 100, orderBy: {{field: UPDATED_AT, direction: ASC}}"
 
     return f"""
     {{

src/vunnel/providers/mariner/__init__.py

@@ -24,7 +24,6 @@ class Config:
 
 
 class Provider(provider.Provider):
-
     __schema__ = schema.OSSchema()
     __distribution_version__ = int(__schema__.major_version)
 

src/vunnel/providers/nvd/__init__.py

@@ -54,8 +54,7 @@ def __init__(self, root: str, config: Config | None = None):
 
         if self.config.runtime.skip_if_exists and config.runtime.existing_results != result.ResultStatePolicy.KEEP:
             raise ValueError(
-                "if 'skip_if_exists' is set then 'runtime.existing_results' must be 'keep' "
-                "(otherwise incremental updates will fail)",
+                "if 'skip_if_exists' is set then 'runtime.existing_results' must be 'keep' (otherwise incremental updates will fail)",
             )
 
         if self.config.runtime.result_store != result.StoreStrategy.SQLITE: