jaymd96-pants-baseline 0.1.0__py3-none-any.whl

pants_baseline/goals/audit.py

@@ -0,0 +1,78 @@
+"""Audit goal for uv security scanning."""
+
+from __future__ import annotations
+
+from typing import Iterable
+
+from pants.engine.console import Console
+from pants.engine.goal import Goal, GoalSubsystem
+from pants.engine.rules import Get, collect_rules, goal_rule
+from pants.engine.target import Targets
+
+from pants_baseline.rules.audit_rules import AuditResult, UvAuditRequest
+from pants_baseline.subsystems.baseline import BaselineSubsystem
+from pants_baseline.subsystems.uv import UvSubsystem
+
+
+class BaselineAuditSubsystem(GoalSubsystem):
+    """Subsystem for the baseline-audit goal."""
+
+    name = "baseline-audit"
+    help = "Run uv security audit on dependencies."
+
+
+class BaselineAudit(Goal):
+    """Goal to run uv security audit."""
+
+    subsystem_cls = BaselineAuditSubsystem
+
+
+@goal_rule
+async def run_baseline_audit(
+    console: Console,
+    targets: Targets,
+    baseline_subsystem: BaselineSubsystem,
+    uv_subsystem: UvSubsystem,
+) -> BaselineAudit:
+    """Run uv security audit on dependencies."""
+    if not baseline_subsystem.enabled:
+        console.print_stdout("Python baseline is disabled.")
+        return BaselineAudit(exit_code=0)
+
+    if not uv_subsystem.audit_enabled:
+        console.print_stdout("Security audit is disabled.")
+        return BaselineAudit(exit_code=0)
+
+    console.print_stdout("Running uv security audit...")
+    console.print_stdout(f"  Lock file: {uv_subsystem.lock_file}")
+    if uv_subsystem.audit_ignore_vulns:
+        console.print_stdout(f"  Ignoring: {', '.join(uv_subsystem.audit_ignore_vulns)}")
+    console.print_stdout("")
+
+    result = await Get(
+        AuditResult,
+        UvAuditRequest(
+            lock_file=uv_subsystem.lock_file,
+            ignore_vulns=tuple(uv_subsystem.audit_ignore_vulns),
+            output_format=uv_subsystem.output_format,
+        ),
+    )
+
+    if result.stdout:
+        console.print_stdout(result.stdout)
+    if result.stderr:
+        console.print_stderr(result.stderr)
+
+    if result.exit_code == 0:
+        console.print_stdout("\nNo vulnerabilities found.")
+    else:
+        console.print_stderr(
+            f"\nFound {result.vulnerabilities_found} vulnerabilities!"
+        )
+
+    return BaselineAudit(exit_code=result.exit_code)
+
+
+def rules() -> Iterable:
+    """Return all audit goal rules."""
+    return collect_rules()

pants_baseline/goals/fmt.py

@@ -0,0 +1,56 @@
+"""Format goal for Ruff formatting."""
+
+from __future__ import annotations
+
+from typing import Iterable
+
+from pants.engine.console import Console
+from pants.engine.goal import Goal, GoalSubsystem
+from pants.engine.rules import collect_rules, goal_rule
+from pants.engine.target import Targets
+
+from pants_baseline.subsystems.baseline import BaselineSubsystem
+from pants_baseline.subsystems.ruff import RuffSubsystem
+
+
+class BaselineFmtSubsystem(GoalSubsystem):
+    """Subsystem for the baseline-fmt goal."""
+
+    name = "baseline-fmt"
+    help = "Run Ruff formatting with baseline configuration."
+
+
+class BaselineFmt(Goal):
+    """Goal to run Ruff formatting."""
+
+    subsystem_cls = BaselineFmtSubsystem
+
+
+@goal_rule
+async def run_baseline_fmt(
+    console: Console,
+    targets: Targets,
+    baseline_subsystem: BaselineSubsystem,
+    ruff_subsystem: RuffSubsystem,
+) -> BaselineFmt:
+    """Run Ruff formatting on all targets."""
+    if not baseline_subsystem.enabled:
+        console.print_stdout("Python baseline is disabled.")
+        return BaselineFmt(exit_code=0)
+
+    console.print_stdout("Running Ruff formatter...")
+    console.print_stdout(f"  Target Python version: {baseline_subsystem.python_version}")
+    console.print_stdout(f"  Line length: {baseline_subsystem.line_length}")
+    console.print_stdout(f"  Quote style: {ruff_subsystem.quote_style}")
+    console.print_stdout(f"  Indent style: {ruff_subsystem.indent_style}")
+    console.print_stdout("")
+
+    # The actual formatting is handled by the FmtTargetsRequest mechanism
+    # This goal just provides a user-friendly entry point
+
+    return BaselineFmt(exit_code=0)
+
+
+def rules() -> Iterable:
+    """Return all fmt goal rules."""
+    return collect_rules()

pants_baseline/goals/lint.py

@@ -0,0 +1,59 @@
+"""Lint goal for Ruff linting."""
+
+from __future__ import annotations
+
+from typing import Iterable
+
+from pants.core.goals.lint import LintFilesRequest, LintResult
+from pants.engine.console import Console
+from pants.engine.fs import PathGlobs, Paths
+from pants.engine.goal import Goal, GoalSubsystem
+from pants.engine.rules import Get, collect_rules, goal_rule
+from pants.engine.target import Targets
+from pants.util.logging import LogLevel
+
+from pants_baseline.rules.lint_rules import RuffLintRequest
+from pants_baseline.subsystems.baseline import BaselineSubsystem
+from pants_baseline.subsystems.ruff import RuffSubsystem
+
+
+class BaselineLintSubsystem(GoalSubsystem):
+    """Subsystem for the baseline-lint goal."""
+
+    name = "baseline-lint"
+    help = "Run Ruff linting with baseline configuration."
+
+
+class BaselineLint(Goal):
+    """Goal to run Ruff linting."""
+
+    subsystem_cls = BaselineLintSubsystem
+
+
+@goal_rule
+async def run_baseline_lint(
+    console: Console,
+    targets: Targets,
+    baseline_subsystem: BaselineSubsystem,
+    ruff_subsystem: RuffSubsystem,
+) -> BaselineLint:
+    """Run Ruff linting on all targets."""
+    if not baseline_subsystem.enabled:
+        console.print_stdout("Python baseline is disabled.")
+        return BaselineLint(exit_code=0)
+
+    console.print_stdout("Running Ruff linter...")
+    console.print_stdout(f"  Target Python version: {baseline_subsystem.python_version}")
+    console.print_stdout(f"  Line length: {baseline_subsystem.line_length}")
+    console.print_stdout(f"  Rules: {', '.join(ruff_subsystem.select[:5])}...")
+    console.print_stdout("")
+
+    # The actual linting is handled by the LintTargetsRequest mechanism
+    # This goal just provides a user-friendly entry point
+
+    return BaselineLint(exit_code=0)
+
+
+def rules() -> Iterable:
+    """Return all lint goal rules."""
+    return collect_rules()

pants_baseline/goals/test.py

@@ -0,0 +1,53 @@
+"""Test goal for pytest testing."""
+
+from __future__ import annotations
+
+from typing import Iterable
+
+from pants.engine.console import Console
+from pants.engine.goal import Goal, GoalSubsystem
+from pants.engine.rules import collect_rules, goal_rule
+from pants.engine.target import Targets
+
+from pants_baseline.subsystems.baseline import BaselineSubsystem
+
+
+class BaselineTestSubsystem(GoalSubsystem):
+    """Subsystem for the baseline-test goal."""
+
+    name = "baseline-test"
+    help = "Run pytest with coverage and baseline configuration."
+
+
+class BaselineTest(Goal):
+    """Goal to run pytest tests."""
+
+    subsystem_cls = BaselineTestSubsystem
+
+
+@goal_rule
+async def run_baseline_test(
+    console: Console,
+    targets: Targets,
+    baseline_subsystem: BaselineSubsystem,
+) -> BaselineTest:
+    """Run pytest on all test targets."""
+    if not baseline_subsystem.enabled:
+        console.print_stdout("Python baseline is disabled.")
+        return BaselineTest(exit_code=0)
+
+    console.print_stdout("Running pytest with coverage...")
+    console.print_stdout(f"  Source roots: {', '.join(baseline_subsystem.src_roots)}")
+    console.print_stdout(f"  Test roots: {', '.join(baseline_subsystem.test_roots)}")
+    console.print_stdout(f"  Coverage threshold: {baseline_subsystem.coverage_threshold}%")
+    console.print_stdout("")
+
+    # The actual testing is handled by the TestRequest mechanism
+    # This goal just provides a user-friendly entry point
+
+    return BaselineTest(exit_code=0)
+
+
+def rules() -> Iterable:
+    """Return all test goal rules."""
+    return collect_rules()

pants_baseline/goals/typecheck.py

@@ -0,0 +1,55 @@
+"""Type check goal for ty type checking."""
+
+from __future__ import annotations
+
+from typing import Iterable
+
+from pants.engine.console import Console
+from pants.engine.goal import Goal, GoalSubsystem
+from pants.engine.rules import collect_rules, goal_rule
+from pants.engine.target import Targets
+
+from pants_baseline.subsystems.baseline import BaselineSubsystem
+from pants_baseline.subsystems.ty import TySubsystem
+
+
+class BaselineTypecheckSubsystem(GoalSubsystem):
+    """Subsystem for the baseline-typecheck goal."""
+
+    name = "baseline-typecheck"
+    help = "Run ty type checking with baseline configuration."
+
+
+class BaselineTypecheck(Goal):
+    """Goal to run ty type checking."""
+
+    subsystem_cls = BaselineTypecheckSubsystem
+
+
+@goal_rule
+async def run_baseline_typecheck(
+    console: Console,
+    targets: Targets,
+    baseline_subsystem: BaselineSubsystem,
+    ty_subsystem: TySubsystem,
+) -> BaselineTypecheck:
+    """Run ty type checking on all targets."""
+    if not baseline_subsystem.enabled:
+        console.print_stdout("Python baseline is disabled.")
+        return BaselineTypecheck(exit_code=0)
+
+    console.print_stdout("Running ty type checker...")
+    console.print_stdout(f"  Target Python version: {baseline_subsystem.python_version}")
+    console.print_stdout(f"  Strict mode: {ty_subsystem.strict}")
+    console.print_stdout(f"  Output format: {ty_subsystem.output_format}")
+    console.print_stdout("")
+
+    # The actual type checking is handled by the CheckRequest mechanism
+    # This goal just provides a user-friendly entry point
+
+    return BaselineTypecheck(exit_code=0)
+
+
+def rules() -> Iterable:
+    """Return all typecheck goal rules."""
+    return collect_rules()

pants_baseline/register.py

@@ -0,0 +1,46 @@
+"""Register the Python Baseline plugin with Pants.
+
+This module is the entry point for the Pants plugin system.
+It registers all rules, targets, and subsystems provided by this plugin.
+"""
+
+from typing import Iterable
+
+from pants.engine.rules import Rule, collect_rules
+
+from pants_baseline.goals import audit as audit_goal
+from pants_baseline.goals import fmt as fmt_goal
+from pants_baseline.goals import lint as lint_goal
+from pants_baseline.goals import test as test_goal
+from pants_baseline.goals import typecheck as typecheck_goal
+from pants_baseline.rules import audit_rules, fmt_rules, lint_rules, test_rules, typecheck_rules
+from pants_baseline.subsystems.baseline import BaselineSubsystem
+from pants_baseline.subsystems.ruff import RuffSubsystem
+from pants_baseline.subsystems.ty import TySubsystem
+from pants_baseline.subsystems.uv import UvSubsystem
+from pants_baseline.targets import BaselinePythonProject
+
+
+def rules() -> Iterable[Rule]:
+    """Return all rules provided by this plugin."""
+    return [
+        *collect_rules(lint_rules),
+        *collect_rules(fmt_rules),
+        *collect_rules(typecheck_rules),
+        *collect_rules(test_rules),
+        *collect_rules(audit_rules),
+        *collect_rules(lint_goal),
+        *collect_rules(fmt_goal),
+        *collect_rules(typecheck_goal),
+        *collect_rules(test_goal),
+        *collect_rules(audit_goal),
+        *BaselineSubsystem.rules(),
+        *RuffSubsystem.rules(),
+        *TySubsystem.rules(),
+        *UvSubsystem.rules(),
+    ]
+
+
+def target_types() -> Iterable[type]:
+    """Return all custom target types provided by this plugin."""
+    return [BaselinePythonProject]

pants_baseline/rules/__init__.py

@@ -0,0 +1,11 @@
+"""Rules for the Python Baseline plugin."""
+
+from pants_baseline.rules import audit_rules, fmt_rules, lint_rules, test_rules, typecheck_rules
+
+__all__ = [
+    "audit_rules",
+    "fmt_rules",
+    "lint_rules",
+    "test_rules",
+    "typecheck_rules",
+]

pants_baseline/rules/audit_rules.py

@@ -0,0 +1,135 @@
+"""Rules for uv security auditing."""
+
+from __future__ import annotations
+
+from dataclasses import dataclass
+from typing import Iterable
+
+from pants.engine.console import Console
+from pants.engine.fs import Digest
+from pants.engine.goal import Goal, GoalSubsystem
+from pants.engine.process import FallibleProcessResult, Process
+from pants.engine.rules import Get, collect_rules, goal_rule, rule
+from pants.engine.target import Targets
+from pants.util.logging import LogLevel
+
+from pants_baseline.subsystems.baseline import BaselineSubsystem
+from pants_baseline.subsystems.uv import UvSubsystem
+
+
+@dataclass(frozen=True)
+class AuditResult:
+    """Result of running uv audit."""
+
+    exit_code: int
+    stdout: str
+    stderr: str
+    vulnerabilities_found: int
+
+
+class AuditSubsystem(GoalSubsystem):
+    """Subsystem for the audit goal."""
+
+    name = "baseline-audit"
+    help = "Run security audit on dependencies using uv."
+
+
+class Audit(Goal):
+    """Goal to run security audit."""
+
+    subsystem_cls = AuditSubsystem
+
+
+@dataclass(frozen=True)
+class UvAuditRequest:
+    """Request to run uv audit."""
+
+    lock_file: str
+    ignore_vulns: tuple[str, ...]
+    output_format: str
+
+
+@rule(desc="Audit dependencies with uv", level=LogLevel.DEBUG)
+async def run_uv_audit(
+    request: UvAuditRequest,
+) -> AuditResult:
+    """Run uv audit on dependencies."""
+    # Build ignore args
+    ignore_args = []
+    for vuln in request.ignore_vulns:
+        ignore_args.extend(["--ignore", vuln])
+
+    argv = [
+        "uv",
+        "audit",
+        f"--output-format={request.output_format}",
+        *ignore_args,
+    ]
+
+    process = Process(
+        argv=argv,
+        description="Run uv security audit",
+        level=LogLevel.DEBUG,
+    )
+
+    result = await Get(FallibleProcessResult, Process, process)
+
+    stdout = result.stdout.decode()
+    stderr = result.stderr.decode()
+
+    # Parse vulnerability count from output (simplified)
+    vulnerabilities_found = 0
+    if result.exit_code != 0:
+        # Count lines that look like vulnerability reports
+        for line in stdout.split("\n"):
+            if "vulnerability" in line.lower() or "CVE-" in line or "GHSA-" in line:
+                vulnerabilities_found += 1
+
+    return AuditResult(
+        exit_code=result.exit_code,
+        stdout=stdout,
+        stderr=stderr,
+        vulnerabilities_found=vulnerabilities_found,
+    )
+
+
+@goal_rule
+async def run_audit_goal(
+    console: Console,
+    targets: Targets,
+    uv_subsystem: UvSubsystem,
+    baseline_subsystem: BaselineSubsystem,
+) -> Audit:
+    """Execute the security audit goal."""
+    if not baseline_subsystem.enabled or not uv_subsystem.audit_enabled:
+        console.print_stdout("Security audit is disabled.")
+        return Audit(exit_code=0)
+
+    console.print_stdout("Running security audit with uv...")
+
+    result = await Get(
+        AuditResult,
+        UvAuditRequest(
+            lock_file=uv_subsystem.lock_file,
+            ignore_vulns=tuple(uv_subsystem.audit_ignore_vulns),
+            output_format=uv_subsystem.output_format,
+        ),
+    )
+
+    console.print_stdout(result.stdout)
+    if result.stderr:
+        console.print_stderr(result.stderr)
+
+    if result.vulnerabilities_found > 0:
+        console.print_stderr(
+            f"\nFound {result.vulnerabilities_found} vulnerabilities!"
+        )
+    else:
+        console.print_stdout("\nNo vulnerabilities found.")
+
+    return Audit(exit_code=result.exit_code)
+
+
+def rules() -> Iterable:
+    """Return all audit rules."""
+    return collect_rules()

pants_baseline/rules/fmt_rules.py

@@ -0,0 +1,122 @@
+"""Rules for Ruff formatting."""
+
+from __future__ import annotations
+
+from dataclasses import dataclass
+from typing import Iterable
+
+from pants.core.goals.fmt import FmtResult, FmtTargetsRequest
+from pants.core.util_rules.source_files import SourceFiles, SourceFilesRequest
+from pants.engine.fs import Digest, Snapshot
+from pants.engine.process import FallibleProcessResult, Process
+from pants.engine.rules import Get, collect_rules, rule
+from pants.engine.target import FieldSet
+from pants.engine.unions import UnionRule
+from pants.util.logging import LogLevel
+
+from pants_baseline.subsystems.baseline import BaselineSubsystem
+from pants_baseline.subsystems.ruff import RuffSubsystem
+from pants_baseline.targets import BaselineSourcesField, SkipFormatField
+
+
+@dataclass(frozen=True)
+class RuffFmtFieldSet(FieldSet):
+    """Field set for Ruff formatting."""
+
+    required_fields = (BaselineSourcesField,)
+
+    sources: BaselineSourcesField
+    skip_fmt: SkipFormatField
+
+
+class RuffFmtRequest(FmtTargetsRequest):
+    """Request to run Ruff formatting."""
+
+    field_set_type = RuffFmtFieldSet
+    tool_name = "ruff"
+
+
+@rule(desc="Format with Ruff", level=LogLevel.DEBUG)
+async def run_ruff_fmt(
+    request: RuffFmtRequest,
+    ruff_subsystem: RuffSubsystem,
+    baseline_subsystem: BaselineSubsystem,
+) -> FmtResult:
+    """Run Ruff formatter on Python files."""
+    if not baseline_subsystem.enabled:
+        return FmtResult(
+            input=request.snapshot,
+            output=request.snapshot,
+            stdout="",
+            stderr="",
+            formatter_name="ruff",
+        )
+
+    # Filter out skipped targets
+    field_sets = [fs for fs in request.field_sets if not fs.skip_fmt.value]
+
+    if not field_sets:
+        return FmtResult(
+            input=request.snapshot,
+            output=request.snapshot,
+            stdout="No targets to format",
+            stderr="",
+            formatter_name="ruff",
+        )
+
+    # Get source files
+    sources = await Get(
+        SourceFiles,
+        SourceFilesRequest(
+            sources_fields=[fs.sources for fs in field_sets],
+            for_sources_types=(BaselineSourcesField,),
+        ),
+    )
+
+    if not sources.files:
+        return FmtResult(
+            input=request.snapshot,
+            output=request.snapshot,
+            stdout="No files to format",
+            stderr="",
+            formatter_name="ruff",
+        )
+
+    # Build Ruff format command
+    argv = [
+        "ruff",
+        "format",
+        f"--target-version={baseline_subsystem.get_python_target_version()}",
+        f"--line-length={baseline_subsystem.line_length}",
+        f"--quote-style={ruff_subsystem.quote_style}",
+        f"--indent-style={ruff_subsystem.indent_style}",
+        *sources.files,
+    ]
+
+    process = Process(
+        argv=argv,
+        input_digest=sources.snapshot.digest,
+        output_files=sources.files,
+        description=f"Run Ruff format on {len(sources.files)} files",
+        level=LogLevel.DEBUG,
+    )
+
+    result = await Get(FallibleProcessResult, Process, process)
+
+    output_snapshot = await Get(Snapshot, Digest, result.output_digest)
+
+    return FmtResult(
+        input=sources.snapshot,
+        output=output_snapshot,
+        stdout=result.stdout.decode(),
+        stderr=result.stderr.decode(),
+        formatter_name="ruff",
+    )
+
+
+def rules() -> Iterable:
+    """Return all format rules."""
+    return [
+        *collect_rules(),
+        UnionRule(FmtTargetsRequest, RuffFmtRequest),
+    ]