Fix safety issue by upgrading black, ignore jinja2 issue

.safety-policy.yml

@@ -0,0 +1,80 @@
+# Safety Security and License Configuration file
+# We recommend checking this file into your source control in the root of your Python project
+# If this file is named .safety-policy.yml and is in the same directory where you run `safety check` it will be used by default.
+# Otherwise, you can use the flag `safety check --policy-file <path-to-this-file>` to specify a custom location and name for the file.
+# To validate and review your policy file, run the validate command: `safety validate policy_file --path <path-to-this-file>`
+security: # configuration for the `safety check` command
+    ignore-cvss-severity-below: 0 # A severity number between 0 and 10. Some helpful reference points: 9=ignore all vulnerabilities except CRITICAL severity. 7=ignore all vulnerabilities except CRITICAL & HIGH severity. 4=ignore all vulnerabilities except CRITICAL, HIGH & MEDIUM severity.
+    ignore-cvss-unknown-severity: False # True or False. We recommend you set this to False.
+    ignore-vulnerabilities: # Here you can list multiple specific vulnerabilities you want to ignore (optionally for a time period)
+        # We recommend making use of the optional `reason` and `expires` keys for each vulnerability that you ignore.
+        70612: # Example vulnerability ID
+            reason: we don't use jinja2 from_string
+    continue-on-vulnerability-error: False # Suppress non-zero exit codes when vulnerabilities are found. Enable this in pipelines and CI/CD processes if you want to pass builds that have vulnerabilities. We recommend you set this to False.
+alert: # configuration for the `safety alert` command
+    security:
+        # Configuration specific to Safety's GitHub Issue alerting
+        github-issue:
+            # Same as for security - these allow controlling if this alert will fire based
+            # on severity information.
+            # default: not set
+            # ignore-cvss-severity-below: 6
+            # ignore-cvss-unknown-severity: False
+
+            # Add a label to pull requests with the cvss severity, if available
+            # default: true
+            # label-severity: True
+
+            # Add a label to pull requests, default is 'security'
+            # requires private repo permissions, even on public repos
+            # default: security
+            # labels:
+            #  - security
+
+            # Assign users to pull requests, default is not set
+            # requires private repo permissions, even on public repos
+            # default: empty
+            # assignees:
+            #  - example-user
+
+            # Prefix to give issues when creating them. Note that changing
+            # this might cause duplicate issues to be created.
+            # default: "[PyUp] "
+            # issue-prefix: "[PyUp] "
+
+        # Configuration specific to Safety's GitHub PR alerting
+        github-pr:
+            # Same as for security - these allow controlling if this alert will fire based
+            # on severity information.
+            # default: not set
+            # ignore-cvss-severity-below: 6
+            # ignore-cvss-unknown-severity: False
+
+            # Set the default branch (ie, main, master)
+            # default: empty, the default branch on GitHub
+            branch: ''
+
+            # Add a label to pull requests with the cvss severity, if available
+            # default: true
+            # label-severity: True
+
+            # Add a label to pull requests, default is 'security'
+            # requires private repo permissions, even on public repos
+            # default: security
+            # labels:
+            #  - security
+
+            # Assign users to pull requests, default is not set
+            # requires private repo permissions, even on public repos
+            # default: empty
+            # assignees:
+            #  - example-user
+
+            # Configure the branch prefix for PRs created by this alert.
+            # NB: Changing this will likely cause duplicate PRs.
+            # default: pyup/
+            branch-prefix: pyup/
+
+            # Set a global prefix for PRs
+            # default: "[PyUp] "
+            pr-prefix: "[PyUp] "

pyproject.toml

@@ -118,12 +118,12 @@ doc = [
     "mkdocs-section-index>=0.3.4",
 ]
 security = [
-    "safety>=2.3.1",
+    "safety>=2.3.1, <3",
     "bandit>=1.7.3",
 ]
 fixers = [
     "autoimport>=1.2.2",
-    "black>=22.8.0, <23.0.0",
+    "black>=24.3.0",
     "isort>=5.10.1",
     "yamlfix>=1.0.1",
 ]
@@ -279,6 +279,8 @@ pycodestyle = [
   "-W503", # No longer applies, incompatible with newer version of PEP8
            # see https://github.com/PyCQA/pycodestyle/issues/197
            # and https://github.com/psf/black/issues/113
+  "-E704", # Black collapses implementations of classes/functions consisting solely of ...
+           # See https://black.readthedocs.io/en/stable/guides/using_black_with_other_tools.html#e701-e704
 ]
 pyflakes = [
   "+*",

src/yamlfix/model.py

@@ -1,4 +1,5 @@
 """Define program entities like configuration value entities."""
+
 from enum import Enum
 from typing import Optional
 

src/yamlfix/services.py

@@ -19,20 +19,19 @@
 
 
 @overload
-def fix_files(files: Files) -> Optional[str]:
-    ...  # pragma: no cover
+def fix_files(files: Files) -> Optional[str]: ...  # pragma: no cover
 
 
 @overload
-def fix_files(files: Files, dry_run: Optional[bool]) -> Tuple[Optional[str], bool]:
-    ...  # pragma: no cover
+def fix_files(
+    files: Files, dry_run: Optional[bool]
+) -> Tuple[Optional[str], bool]: ...  # pragma: no cover
 
 
 @overload
 def fix_files(
     files: Files, dry_run: Optional[bool], config: Optional[YamlfixConfig]
-) -> Tuple[Optional[str], bool]:
-    ...  # pragma: no cover
+) -> Tuple[Optional[str], bool]: ...  # pragma: no cover
 
 
 def fix_files(  # pylint: disable=too-many-branches