swing-collection
diff --git a/‎.bandit.yaml‎
Lines changed: 137 additions & 0 deletions b/‎.bandit.yaml‎
Lines changed: 137 additions & 0 deletions
diff --git a/‎.black.toml‎
Lines changed: 160 additions & 0 deletions b/‎.black.toml‎
Lines changed: 160 additions & 0 deletions
@@ -0,0 +1,137 @@
+# =============================================================================
+# Bandit Configuration
+# =============================================================================
+#
+# Python security linter for finding common security issues.
+# Documentation: https://bandit.readthedocs.io/
+#
+# This file is portable - copy to other repos without modification.
+#
+# -----------------------------------------------------------------------------
+# Usage
+# -----------------------------------------------------------------------------
+#
+#   Scan source directory:
+#     bandit -r src/ -c .bandit.yaml
+#
+#   Scan with verbose output:
+#     bandit -r src/ -c .bandit.yaml -v
+#
+#   Generate report (JSON):
+#     bandit -r src/ -c .bandit.yaml -f json -o bandit-report.json
+#
+#   List all available tests:
+#     bandit --list
+#
+# -----------------------------------------------------------------------------
+# Severity Levels
+# -----------------------------------------------------------------------------
+#
+#   LOW:    Informational, low impact
+#   MEDIUM: Possible security issue, should investigate
+#   HIGH:   Likely security vulnerability, requires attention
+#
+# -----------------------------------------------------------------------------
+# Confidence Levels
+# -----------------------------------------------------------------------------
+#
+#   LOW:    Uncertain detection, may be false positive
+#   MEDIUM: Likely correct, review recommended
+#   HIGH:   Very likely a real issue
+#
+# =============================================================================
+
+# =============================================================================
+# Excluded Directories
+# =============================================================================
+#
+# Directories to skip during scanning.
+# Typically excludes tests, dependencies, and development artifacts.
+#
+# -----------------------------------------------------------------------------
+
+exclude_dirs:
+  # Test directories (assertions and test data are expected)
+  - tst
+  - tests
+
+  # Development scratch directories
+  - bup
+  - wip
+  - tmp
+
+  # Django migrations (auto-generated, not security-relevant)
+  - migrations
+
+  # Dependencies (scanned separately or not our code)
+  - node_modules
+  - .venv
+  - venv
+
+# =============================================================================
+# Skipped Tests
+# =============================================================================
+#
+# Test IDs to skip globally. Use sparingly - prefer inline # nosec comments
+# for specific false positives.
+#
+# Test ID Reference: https://bandit.readthedocs.io/en/latest/plugins/
+#
+# Format: B### where ### is the test number
+#
+# Common categories:
+#   B1xx: Miscellaneous tests
+#   B2xx: Application/framework-specific
+#   B3xx: Blacklists (dangerous function calls)
+#   B4xx: Cryptographic issues
+#   B5xx: Shell injection risks
+#   B6xx: SSH/XML issues
+#   B7xx: Django/Flask-specific
+#
+# -----------------------------------------------------------------------------
+
+skips:
+  # -------------------------------------------------------------------------
+  # B101: assert_used
+  # -------------------------------------------------------------------------
+  # Using assert statements for validation.
+  # Asserts are stripped in optimized bytecode (python -O), but we use them
+  # intentionally in tests and for internal invariant checks.
+  # Skip: Tests use assert; non-test asserts should use proper validation.
+  - B101
+
+  # -------------------------------------------------------------------------
+  # B311: random
+  # -------------------------------------------------------------------------
+  # Using pseudo-random generators (random module).
+  # The random module is NOT cryptographically secure, but is fine for:
+  #   - Test data generation
+  #   - UI shuffling
+  #   - Non-security randomness
+  # Skip: We don't use random for security-sensitive operations.
+  - B311
+
+  # -------------------------------------------------------------------------
+  # B601: paramiko_calls
+  # -------------------------------------------------------------------------
+  # Paramiko SSH library usage.
+  # Skip: This project doesn't use Paramiko.
+  - B601
+
+# =============================================================================
+# Per-File Ignores (Alternative to skips)
+# =============================================================================
+#
+# Instead of global skips, you can use inline comments:
+#
+#   # nosec B101
+#   assert user.is_authenticated
+#
+#   result = random.choice(items)  # nosec B311 - not security-sensitive
+#
+# Or configure per-file in pyproject.toml:
+#
+#   [tool.bandit.assert_used]
+#   skips = ["**/test_*.py", "**/conftest.py"]
+#
+# =============================================================================
@@ -0,0 +1,160 @@
+# =============================================================================
+# Black Configuration
+# =============================================================================
+#
+# The uncompromising Python code formatter.
+# Documentation: https://black.readthedocs.io/
+#
+# This file is portable - copy to other repos without modification.
+#
+# -----------------------------------------------------------------------------
+# Usage
+# -----------------------------------------------------------------------------
+#
+#   Format all Python files:
+#     black src/ tst/ exe/
+#
+#   Check without modifying (CI mode):
+#     black --check src/ tst/ exe/
+#
+#   Show diff of changes:
+#     black --diff src/
+#
+#   Format single file:
+#     black src/swing/package/module.py
+#
+# -----------------------------------------------------------------------------
+# Philosophy
+# -----------------------------------------------------------------------------
+#
+# Black is opinionated by design - it has very few configuration options.
+# This reduces bikeshedding and ensures consistent formatting across projects.
+#
+# "Any color you like, as long as it's black."
+#
+# -----------------------------------------------------------------------------
+# Integration
+# -----------------------------------------------------------------------------
+#
+# Black works well with:
+#   - isort: Import sorting (configure with profile = "black")
+#   - flake8: Linting (disable E501 line length, let Black handle it)
+#   - pre-commit: Auto-format on commit
+#
+# =============================================================================
+
+
+[tool.black]
+
+
+# =============================================================================
+# Line Length
+# =============================================================================
+#
+# Maximum line length. Black defaults to 88, but we use 79 to match PEP 8.
+#
+# PEP 8 recommends 79 for code, 72 for docstrings/comments.
+# This works well for side-by-side diffs and smaller screens.
+#
+# -----------------------------------------------------------------------------
+
+line-length = 79
+
+
+# =============================================================================
+# Target Python Version
+# =============================================================================
+#
+# Python versions to target. Black uses this to determine which syntax
+# features are available (e.g., walrus operator :=, match statements).
+#
+# Format: List of "pyXY" strings
+# Include all supported versions from pyproject.toml
+# Note: py314 not yet supported by Black
+#
+# -----------------------------------------------------------------------------
+
+target-version = ["py312", "py313", "py314", "py315"]
+
+
+# =============================================================================
+# File Selection
+# =============================================================================
+#
+# include: Regex pattern for files to format (default: \.pyi?$)
+# extend-exclude: Patterns to exclude in addition to defaults
+#
+# Black's defaults already exclude:
+#   .git, .hg, .mypy_cache, .tox, .venv, _build, buck-out, build, dist
+#
+# -----------------------------------------------------------------------------
+
+include = '\.pyi?$'
+
+
+# =============================================================================
+# Exclusions
+# =============================================================================
+#
+# Extended regex pattern for directories to exclude.
+# Uses verbose regex (can span multiple lines with comments).
+#
+# Note: Use extend-exclude instead of exclude to keep Black's defaults.
+#
+# -----------------------------------------------------------------------------
+
+exclude = '''
+/(
+    # Version control
+    \.git
+  | \.hg
+
+    # Python tooling caches
+  | \.mypy_cache
+  | \.tox
+  | \.venv
+  | __pycache__
+
+    # Build outputs
+  | _build
+  | buck-out
+  | build
+  | dist
+
+    # Coverage reports
+  | htmlcov
+
+    # Development scratch directories
+  | bup
+  | wip
+  | tmp
+
+    # Django auto-generated files
+  | migrations
+)/
+'''
+
+
+# =============================================================================
+# Additional Options (Usually Left as Defaults)
+# =============================================================================
+#
+# skip-string-normalization:
+#   false (default): Prefer double quotes "
+#   true: Keep original quote style
+#
+# skip-magic-trailing-comma:
+#   false (default): Respect trailing commas as "expand this" hints
+#   true: Ignore trailing commas, Black decides formatting
+#
+# preview:
+#   false (default): Stable formatting only
+#   true: Enable preview style (may change between versions)
+#
+# -----------------------------------------------------------------------------
+
+# Uncomment to keep single quotes:
+# skip-string-normalization = true
+
+# Uncomment to enable preview features:
+# preview = true