anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
c7713c622823f844b5e0842cc91b53b48a65782a
DECNET/pyproject.toml
anti 24f02c3466 fix: resolve all bandit SAST findings in templates/ 
- Add # nosec B104 to all intentional 0.0.0.0 binds in honeypot servers
  (hardcoded_bind_all_interfaces is by design — deckies must accept attacker connections)
- Add # nosec B101 to assert statements used for protocol validation in ldap/snmp
- Add # nosec B105 to fake SASL placeholder in ldap
- Add # nosec B108 to /tmp usage in smb template
- Exclude root-owned auto-generated decnet_logging.py copies from bandit scan
  via pyproject.toml [tool.bandit] config (synced by _sync_logging_helper at deploy)
2026-04-10 00:24:40 -04:00

77 lines
1.7 KiB
TOML
Raw Blame History

[build-system]
requires = ["setuptools>=68", "wheel"]
build-backend = "setuptools.build_meta"
[project]
name = "decnet"
version = "0.1.0"
description = "Deception network: deploy honeypot deckies that appear as real LAN hosts"
requires-python = ">=3.11"
dependencies = [
"typer[all]>=0.12",
"pydantic>=2.0",
"docker>=7.0",
"pyyaml>=6.0",
"jinja2>=3.1",
"fastapi>=0.110.0",
"uvicorn>=0.29.0",
"aiosqlite>=0.20.0",
"PyJWT>=2.8.0",
"bcrypt>=4.1.0",
"psutil>=5.9.0",
"python-dotenv>=1.0.0",
"sqlmodel>=0.0.16",
]
[project.optional-dependencies]
dev = [
"pytest>=8.0",
"ruff>=0.4",
"bandit>=1.7",
"pip-audit>=2.0",
"httpx>=0.27.0",
"hypothesis>=6.0",
"pytest-cov>=7.0",
"pytest-asyncio>=1.0",
"freezegun>=1.5",
"schemathesis>=4.0",
"pytest-xdist>=3.8.0",
]
[project.scripts]
decnet = "decnet.cli:app"
[tool.pytest.ini_options]
asyncio_mode = "auto"
addopts = "-m 'not fuzz' -v -q -x -n logical"
markers = [
"fuzz: hypothesis-based fuzz tests (slow, run with -m fuzz or -m '' for all)",
]
filterwarnings = [
"ignore::pytest.PytestUnhandledThreadExceptionWarning",
"ignore::DeprecationWarning",
]
[tool.coverage.run]
source = ["decnet"]
omit = ["*/tests/*", "templates/*"]
parallel = true
[tool.coverage.report]
show_missing = true
skip_covered = false
# Run with: pytest --cov --cov-report=term-missing
[tool.setuptools.packages.find]
where = ["."]
include = ["decnet*"]
[tool.bandit]
exclude_dirs = [
"templates/http/decnet_logging.py",
"templates/imap/decnet_logging.py",
"templates/pop3/decnet_logging.py",
"templates/real_ssh/decnet_logging.py",
"templates/smtp/decnet_logging.py",
]
Reference in New Issue View Git Blame Copy Permalink