From 9117709fd74bf82c59dea09d31bb3d628929ac03 Mon Sep 17 00:00:00 2001 From: KMohZaid <68484509+KMohZaid@users.noreply.github.com> Date: Sun, 25 Aug 2024 01:28:52 +0530 Subject: [PATCH 1/6] notfy: give ack. about ruff linter and formatter (#94) * notfy: give ack. about ruff linter and formatter --- pylsp_ruff/plugin.py | 62 ++++++++++++++++++++++++-------------------- 1 file changed, 34 insertions(+), 28 deletions(-) diff --git a/pylsp_ruff/plugin.py b/pylsp_ruff/plugin.py index 833f16b..7b95212 100644 --- a/pylsp_ruff/plugin.py +++ b/pylsp_ruff/plugin.py @@ -116,6 +116,7 @@ def pylsp_format_document(workspace: Workspace, document: Document) -> Generator Document to apply ruff on. """ + log.debug(f"textDocument/formatting: {document}") outcome = yield result = outcome.get_result() @@ -128,34 +129,37 @@ def pylsp_format_document(workspace: Workspace, document: Document) -> Generator if not settings.format_enabled: return - new_text = run_ruff_format( - settings=settings, document_path=document.path, document_source=source - ) - - if settings.format: - # A second pass through the document with `ruff check` and only the rules - # enabled via the format config property. This allows for things like - # specifying `format = ["I"]` to get import sorting as part of formatting. - new_text = run_ruff( - settings=PluginSettings( - ignore=["ALL"], select=settings.format, executable=settings.executable - ), - document_path=document.path, - document_source=new_text, - fix=True, + with workspace.report_progress("format: ruff"): + new_text = run_ruff_format( + settings=settings, document_path=document.path, document_source=source ) - # Avoid applying empty text edit - if not new_text or new_text == source: - return + if settings.format: + # A second pass through the document with `ruff check` and only the rules + # enabled via the format config property. This allows for things like + # specifying `format = ["I"]` to get import sorting as part of formatting. + new_text = run_ruff( + settings=PluginSettings( + ignore=["ALL"], + select=settings.format, + executable=settings.executable, + ), + document_path=document.path, + document_source=new_text, + fix=True, + ) - range = Range( - start=Position(line=0, character=0), - end=Position(line=len(document.lines), character=0), - ) - text_edit = TextEdit(range=range, new_text=new_text) + # Avoid applying empty text edit + if not new_text or new_text == source: + return + + range = Range( + start=Position(line=0, character=0), + end=Position(line=len(document.lines), character=0), + ) + text_edit = TextEdit(range=range, new_text=new_text) - outcome.force_result(converter.unstructure([text_edit])) + outcome.force_result(converter.unstructure([text_edit])) @hookimpl @@ -174,10 +178,12 @@ def pylsp_lint(workspace: Workspace, document: Document) -> List[Dict]: List of dicts containing the diagnostics. """ - settings = load_settings(workspace, document.path) - checks = run_ruff_check(document=document, settings=settings) - diagnostics = [create_diagnostic(check=c, settings=settings) for c in checks] - return converter.unstructure(diagnostics) + + with workspace.report_progress("lint: ruff"): + settings = load_settings(workspace, document.path) + checks = run_ruff_check(document=document, settings=settings) + diagnostics = [create_diagnostic(check=c, settings=settings) for c in checks] + return converter.unstructure(diagnostics) def create_diagnostic(check: RuffCheck, settings: PluginSettings) -> Diagnostic: From 790e76c4ba4c062bd7a027f97419e21395c78691 Mon Sep 17 00:00:00 2001 From: Julian Hossbach Date: Tue, 10 Sep 2024 21:29:15 +0200 Subject: [PATCH 2/6] add json config --- README.md | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/README.md b/README.md index 0fc961c..8035184 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,9 @@ file is present in the project, `python-lsp-ruff` will ignore specific options ( The plugin follows [python-lsp-server's configuration](https://github.com/python-lsp/python-lsp-server/#configuration). This example configuration using for `neovim` shows the possible options: +
+Lua + ```lua pylsp = { plugins = { @@ -66,6 +69,42 @@ pylsp = { } } ``` +
+ +
+JSON + +``` +{ + "pylsp": { + "plugins": { + "ruff": { + "enabled": true, + "formatEnabled": true, + "executable": "", + "config": "", + "extendSelect": [ "I" ], + "extendIgnore": [ "C90"], + "format": [ "I" ], + "severities": { + "D212": "I" + }, + "unsafeFixes": false, + "lineLength": 88, + "exclude": ["__about__.py"], + "select": ["F"], + "ignore": ["D210"], + "perFileIgnores": { + "__init__.py": "CPY001" + }, + "preview": false, + "targetVersion": "py310" + } + } + } +} +``` +
For more information on the configuration visit [Ruff's homepage](https://beta.ruff.rs/docs/configuration/). From 46dadcc0b6fcb0103fbc1ca7791a813c7c622b60 Mon Sep 17 00:00:00 2001 From: Jonas Jelten Date: Tue, 3 Sep 2024 17:14:08 +0200 Subject: [PATCH 3/6] support for system ruff executable --- pylsp_ruff/plugin.py | 58 +++++++++++++++++++++++++++++--------------- 1 file changed, 38 insertions(+), 20 deletions(-) diff --git a/pylsp_ruff/plugin.py b/pylsp_ruff/plugin.py index 7b95212..9b80a51 100644 --- a/pylsp_ruff/plugin.py +++ b/pylsp_ruff/plugin.py @@ -1,8 +1,11 @@ import enum +import importlib.util import json import logging import re +import shutil import sys +from functools import lru_cache from pathlib import PurePath from subprocess import PIPE, Popen from typing import Dict, Generator, List, Optional @@ -116,7 +119,6 @@ def pylsp_format_document(workspace: Workspace, document: Document) -> Generator Document to apply ruff on. """ - log.debug(f"textDocument/formatting: {document}") outcome = yield result = outcome.get_result() @@ -178,7 +180,6 @@ def pylsp_lint(workspace: Workspace, document: Document) -> List[Dict]: List of dicts containing the diagnostics. """ - with workspace.report_progress("lint: ruff"): settings = load_settings(workspace, document.path) checks = run_ruff_check(document=document, settings=settings) @@ -487,6 +488,36 @@ def run_ruff_format( ) +@lru_cache +def find_executable(executable) -> List[str]: + cmd = None + # use the explicit executable configuration + if executable is not None: + exe_path = shutil.which(executable) + if exe_path is not None: + cmd = [exe_path] + else: + raise RuntimeError(f"configured ruff executable not found: {executable!r}") + + # try the python module + if cmd is None: + if importlib.util.find_spec("ruff") is not None: + cmd = [sys.executable, "-m", "ruff"] + + # try system's ruff executable + if cmd is None: + system_exe = shutil.which("ruff") + if system_exe is not None: + cmd = [system_exe] + + if cmd is None: + raise RuntimeError( + "no suitable ruff invocation could be found (executable, python module)" + ) + + return cmd + + def run_ruff( settings: PluginSettings, document_path: str, @@ -522,27 +553,14 @@ def run_ruff( arguments = subcommand.build_args(document_path, settings, fix, extra_arguments) - p = None - if executable is not None: - log.debug(f"Calling {executable} with args: {arguments} on '{document_path}'") - try: - cmd = [executable, str(subcommand)] - cmd.extend(arguments) - p = Popen(cmd, stdin=PIPE, stdout=PIPE, stderr=PIPE) - except Exception: - log.error(f"Can't execute ruff with given executable '{executable}'.") - if p is None: - log.debug( - f"Calling ruff via '{sys.executable} -m ruff'" - f" with args: {arguments} on '{document_path}'" - ) - cmd = [sys.executable, "-m", "ruff", str(subcommand)] - cmd.extend(arguments) - p = Popen(cmd, stdin=PIPE, stdout=PIPE, stderr=PIPE) + cmd = [*find_executable(executable), str(subcommand), *arguments] + + log.debug(f"Calling {cmd} on '{document_path}'") + p = Popen(cmd, stdin=PIPE, stdout=PIPE) (stdout, stderr) = p.communicate(document_source.encode()) if p.returncode != 0: - log.error(f"Error running ruff: {stderr.decode()}") + log.error(f"Ruff returned {p.returncode} != 0") return stdout.decode() From c0ed81d8cc5eafa91e3975a69a6aae1481dc5603 Mon Sep 17 00:00:00 2001 From: Jonas Jelten Date: Thu, 12 Sep 2024 17:55:23 +0200 Subject: [PATCH 4/6] fake a ruff executable for testing the executable parameter --- tests/test_ruff_lint.py | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/tests/test_ruff_lint.py b/tests/test_ruff_lint.py index 2933d26..fa915fc 100644 --- a/tests/test_ruff_lint.py +++ b/tests/test_ruff_lint.py @@ -2,6 +2,7 @@ # Copyright 2021- Python Language Server Contributors. import os +import stat import sys import tempfile from unittest.mock import Mock, patch @@ -100,17 +101,24 @@ def test_ruff_config_param(workspace): def test_ruff_executable_param(workspace): with patch("pylsp_ruff.plugin.Popen") as popen_mock: - mock_instance = popen_mock.return_value - mock_instance.communicate.return_value = [bytes(), bytes()] + with tempfile.NamedTemporaryFile() as ruff_exe: + mock_instance = popen_mock.return_value + mock_instance.communicate.return_value = [bytes(), bytes()] - ruff_executable = "/tmp/ruff" - workspace._config.update({"plugins": {"ruff": {"executable": ruff_executable}}}) + ruff_executable = ruff_exe.name + # chmod +x the file + st = os.stat(ruff_executable) + os.chmod(ruff_executable, st.st_mode | stat.S_IEXEC) - _name, doc = temp_document(DOC, workspace) - ruff_lint.pylsp_lint(workspace, doc) + workspace._config.update( + {"plugins": {"ruff": {"executable": ruff_executable}}} + ) - (call_args,) = popen_mock.call_args[0] - assert ruff_executable in call_args + _name, doc = temp_document(DOC, workspace) + ruff_lint.pylsp_lint(workspace, doc) + + (call_args,) = popen_mock.call_args[0] + assert ruff_executable in call_args def get_ruff_settings(workspace, doc, config_str): From 30163776ed932f91f415506c769d94ae7187e167 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20Ho=C3=9Fbach?= Date: Thu, 12 Sep 2024 23:44:50 +0200 Subject: [PATCH 5/6] convert exceptions to logging errors --- pylsp_ruff/plugin.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pylsp_ruff/plugin.py b/pylsp_ruff/plugin.py index 9b80a51..23af27e 100644 --- a/pylsp_ruff/plugin.py +++ b/pylsp_ruff/plugin.py @@ -497,7 +497,7 @@ def find_executable(executable) -> List[str]: if exe_path is not None: cmd = [exe_path] else: - raise RuntimeError(f"configured ruff executable not found: {executable!r}") + log.error(f"Configured ruff executable not found: {executable!r}") # try the python module if cmd is None: @@ -511,9 +511,10 @@ def find_executable(executable) -> List[str]: cmd = [system_exe] if cmd is None: - raise RuntimeError( - "no suitable ruff invocation could be found (executable, python module)" + log.error( + "No suitable ruff invocation could be found (executable, python module)." ) + cmd = [] return cmd @@ -557,7 +558,7 @@ def run_ruff( log.debug(f"Calling {cmd} on '{document_path}'") p = Popen(cmd, stdin=PIPE, stdout=PIPE) - (stdout, stderr) = p.communicate(document_source.encode()) + (stdout, _) = p.communicate(document_source.encode()) if p.returncode != 0: log.error(f"Ruff returned {p.returncode} != 0") From 0c3270d5ecedae87cb358c499be50dd344871848 Mon Sep 17 00:00:00 2001 From: "C.A.M. Gerlach" Date: Thu, 19 Jun 2025 22:04:42 -0500 Subject: [PATCH 6/6] Add new security policy --- SECURITY.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..635b638 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,17 @@ +# Security Policy + + +## Supported Versions + +We normally support only the most recently released version with bug fixes, security updates and compatibility improvements. + + +## Reporting a Vulnerability + +If you believe you've discovered a security vulnerability in this project, please open a new security advisory with [our GitHub repo's private vulnerability reporting](https://github.com/python-lsp/python-lsp-ruff/security/advisories/new). +Please be sure to carefully document the vulnerability, including a summary, describing the impacts, identifying the line(s) of code affected, stating the conditions under which it is exploitable and including a minimal reproducible test case. +Further information and advice or patches on how to mitigate it is always welcome. +You can usually expect to hear back within 1 week, at which point we'll inform you of our evaluation of the vulnerability and what steps we plan to take, and will reach out if we need further clarification from you. +We'll discuss and update the advisory thread, and are happy to update you on its status should you further inquire. +While this is a volunteer project and we don't have financial compensation to offer, we can certainly publicly thank and credit you for your help if you would like. +Thanks!