Skip to content

fixed bug no version detected in pre-commit installation #1283

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fixed bug no version detected in pre-commit installation #1283

Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e3213c9
fixed bug no version detected in pre-commit installation
daniel-mohr Jun 27, 2025
2ffb042
[pre-commit.ci] auto fixes from pre-commit.com hooks
pre-commit-ci[bot] Jun 27, 2025
cb346e2
typo
daniel-mohr Jun 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions bandit/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,3 +18,7 @@

__author__ = metadata.metadata("bandit")["Author"]
__version__ = metadata.version("bandit")
# __version__ = metadata.version(__package__)
# running bandit inside pre-commit we do not get a version here, workaround:
if __version__ == "0.0.0":
__version__ = "latest"
Comment on lines +21 to +23
Copy link
Member

@ericwb ericwb Jun 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems a bit hacky. I'd rather we get to the root cause on why the semver doesn't get into pre-commit.

Copy link
Member

@sigmavirus24 sigmavirus24 Jun 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree. This seems like a bug where this is hiding that bug rather than fixing it.

Copy link
Member

@sigmavirus24 sigmavirus24 Jun 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My guess is this is a pbr problem. If we switched to a more modern build-system we might not have this bug at all.

Copy link
Contributor Author

@daniel-mohr daniel-mohr Jun 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this is a workaround.

After init_repo follows pre-commit clone_strategy and does something like this:

p="$(mktemp -d --tmpdir "$HOME"/.cache/pre-commit/)"
cd "$p"
git init .
git init
git remote add origin https://github.com/PyCQA/bandit
git fetch origin 1.8.5 --depth=1
git checkout FETCH_HEAD

And the repo has no version info. Neither the working tree nor the .git contains the version. Tags were not fetched.

I think a clean solution here would be to define the version in setup.cfg or setup.py -- or with more modern build systems that would probably be pyproject.toml or so.