Naming convention

.flake8

@@ -3,13 +3,12 @@ color=always
 max-line-length=120
 ; Auto generated
 exclude=src/gen/
-; TODO: We want to configure this
-ignore=W503,N801,N802,N803,N806,N815,N816
-per-file-ignores =
-    ; imported but unused
-    ; line too long
-    ; mixed case
-    __init__.pyi:F401,E501,N816
-; TODO: Bring WAY down
+ignores=Y015
+per-file-ignores=
+    ; Quotes
+    __init__.pyi:Q000
+; PyQt methods
+ignore-names=closeEvent,paintEvent,keyPressEvent,mousePressEvent,mouseMoveEvent,mouseReleaseEvent
+; TODO: Bring down to 15, same as SonarLint
 max-complexity=55
-inline-quotes = "
+inline-quotes="

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,67 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main, master, develop, dev, 2.0.0]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ develop, dev, 2.0.0 ]
+  schedule:
+    - cron: '26 13 * * 6'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'python' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/build-and-lint.yml → .github/workflows/lint-and-build.yml

@@ -1,17 +1,26 @@
 # https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions
-name: Build and lint
+name: Lint and build
 on:
   push:
     branches:
       - main
       - master
       - 2.0.0
+    paths:
+      - '**.py'
+      - '**.pyi'
+      - '**.ui'
   pull_request:
     branches:
       - main
       - master
       - dev
       - dev*
+      - 2.0.0
+    paths:
+      - '**.py'
+      - '**.pyi'
+      - '**.ui'
 jobs:
   Pyright:
     runs-on: windows-latest
@@ -54,7 +63,7 @@ jobs:
       - run: scripts/compile_resources.bat
       - name: Analysing the code with ${{ job.name }}
         run: pylint --reports=y --output-format=colorized $(git ls-files '**/*.py*')
-  Bandit:
+  Flake8:
     runs-on: windows-latest
     strategy:
       matrix:
@@ -72,8 +81,8 @@ jobs:
           pip install -r "scripts/requirements.txt"
       - run: scripts/compile_resources.bat
       - name: Analysing the code with ${{ job.name }}
-        run: bandit -n 1 --severity-level medium --recursive src
-  Flake8:
+        run: flake8
+  Bandit:
     runs-on: windows-latest
     strategy:
       matrix:
@@ -91,7 +100,7 @@ jobs:
           pip install -r "scripts/requirements.txt"
       - run: scripts/compile_resources.bat
       - name: Analysing the code with ${{ job.name }}
-        run: flake8
+        run: bandit -n 1 --severity-level medium --recursive src
   Build:
     runs-on: windows-latest
     strategy:

.markdownlint.json

@@ -1,5 +1,6 @@
 {
   "default": true,
-  "MD025": false,
-  "MD013": false
+  "MD001": false,
+  "MD013": false,
+  "MD025": false
 }

.vscode/extensions.json

@@ -1,15 +1,27 @@
+// Keep in alphabetical order
 {
   "recommendations": [
     "bungcip.better-toml",
     "davidanson.vscode-markdownlint",
     "eamodio.gitlens",
     "ms-python.python",
     "ms-python.vscode-pylance",
+    "pkief.material-icon-theme",
     "shardulm94.trailing-spaces",
     "sonarsource.sonarlint-vscode"
   ],
   "unwantedRecommendations": [
+    // VSCode has implemented an optimized version
+    "coenraads.bracket-pair-colorizer",
+    "coenraads.bracket-pair-colorizer-2",
+    // Lots of conflicts
+    "esbenp.prettier-vscode",
+    // Replaced by ESLint
+    "eg2.tslint",
+    "ms-vscode.vscode-typescript-tslint-plugin",
+    // Obsoleted by Pylance
     "ms-pyright.pyright",
-    "esbenp.prettier-vscode"
+    // The ESLint plugin is sufficient in JS-only projects
+    "sonarsource.sonarlint-vscode",
   ]
 }

.vscode/settings.json

@@ -10,36 +10,11 @@
   },
   "editor.detectIndentation": false,
   "editor.tabSize": 2,
-  "[python]": {
-    "editor.tabSize": 4,
-    "editor.rulers": [
-      72, // PEP8-17 docstrings
-      // 79, // PEP8-17 default max
-      // 88, // Black default
-      99, // PEP8-17 acceptable max
-      120, // Our hard rule
-    ]
-  },
   "editor.formatOnSave": true,
   "editor.codeActionsOnSave": {
     "source.fixAll": true,
     "source.fixAll.markdownlint": true,
   },
-  "python.linting.enabled": true,
-  "python.linting.pylintEnabled": true,
-  "python.linting.pylintCategorySeverity.convention": "Warning",
-  "python.linting.pylintCategorySeverity.refactor": "Warning",
-  "python.linting.flake8Enabled": true,
-  "python.linting.flake8CategorySeverity.E": "Warning",
-  // PyRight obsoletes mypy
-  "python.linting.mypyEnabled": false,
-  // Is already wrapped by Flake8, prospector and pylama
-  "python.linting.pycodestyleEnabled": false,
-  // Just another wrapper, use Flake8 OR this
-  "python.linting.prospectorEnabled": false,
-  // Just another wrapper, use Flake8 OR this
-  "python.linting.pylamaEnabled": false,
-  "python.linting.banditEnabled": true,
   "files.insertFinalNewline": true,
   "trailing-spaces.includeEmptyLines": true,
   "trailing-spaces.trimOnSave": true,
@@ -67,4 +42,41 @@
     "**/*.code-search": true,
     "typings": true,
   },
+  "[python]": {
+    "editor.tabSize": 4,
+    "editor.rulers": [
+      72, // PEP8-17 docstrings
+      // 79, // PEP8-17 default max
+      // 88, // Black default
+      99, // PEP8-17 acceptable max
+      120, // Our hard rule
+    ]
+  },
+  "python.linting.enabled": true,
+  "python.linting.pylintEnabled": true,
+  "python.linting.pylintCategorySeverity.convention": "Warning",
+  "python.linting.pylintCategorySeverity.refactor": "Warning",
+  "python.linting.flake8Enabled": true,
+  "python.linting.flake8CategorySeverity.E": "Warning",
+  // PyRight obsoletes mypy
+  "python.linting.mypyEnabled": false,
+  // Is already wrapped by Flake8, prospector and pylama
+  "python.linting.pycodestyleEnabled": false,
+  // Just another wrapper, use Flake8 OR this
+  "python.linting.prospectorEnabled": false,
+  // Just another wrapper, use Flake8 OR this
+  "python.linting.pylamaEnabled": false,
+  "python.linting.banditEnabled": true,
+  // Copy those over to your user settings
+  "sonarlint.rules": {
+    "python:S1192": {
+      "level": "off"
+    },
+    "python:S3776": {
+      "level": "off"
+    },
+    "python:S107": {
+      "level": "off"
+    },
+  },
 }

PyInstaller/hooks/hook-cv2.py

@@ -0,0 +1,23 @@
+# ------------------------------------------------------------------
+# Copyright (c) 2020 PyInstaller Development Team.
+#
+# This file is distributed under the terms of the GNU General Public
+# License (version 2.0 or later).
+#
+# The full license is available in LICENSE.GPL.txt, distributed with
+# this software.
+#
+# SPDX-License-Identifier: GPL-2.0-or-later
+# ------------------------------------------------------------------
+# https://github.com/pyinstaller/pyinstaller-hooks-contrib/blob/master/src/_pyinstaller_hooks_contrib/hooks/stdhooks/hook-cv2.py
+
+from PyInstaller.utils.hooks import collect_dynamic_libs, collect_data_files
+
+hiddenimports = ["numpy"]
+
+# Include any DLLs from site-packages/cv2 (opencv_videoio_ffmpeg*.dll can be found there in the PyPI version)
+binaries = collect_dynamic_libs("cv2")
+
+# https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/110
+# OpenCV loader from 4.5.4.60 requires extra config files and modules
+datas = collect_data_files("cv2", include_py_files=True, includes=["**/*.py"])

PyInstaller/hooks/hook-requests.py

@@ -0,0 +1,4 @@
+from PyInstaller.utils.hooks import collect_data_files
+
+# Get the cacert.pem
+datas = collect_data_files("certifi")

SECURITY.md

@@ -0,0 +1,13 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported |
+| ------- | :-------: |
+| main | :white_check_mark: |
+| dev* | :white_check_mark: |
+| everything else | WIP branches, security support may be lacking |
+
+## Reporting a Vulnerability
+
+This is a small project, maintained by a few volunteers of the community. Just open up an issue, be clear, explain why it's a vulnerability as well as your recommendations to fix it. Please provide sources if possible.

pyproject.toml

@@ -36,9 +36,9 @@ reportUnknownMemberType = "none"
 # https://pylint.pycqa.org/en/latest/technical_reference/features.html
 [tool.pylint.REPORTS]
 # Just like default but any error will make drop to 9 or less
-evaluation="10.0 - error - ((float(warning + refactor + convention) / statement) * 10)"
+evaluation = "10.0 - error - ((float(warning + refactor + convention) / statement) * 10)"
 [tool.pylint.MASTER]
-fail-under=9.0
+fail-under = 9.0
 # https://pylint.pycqa.org/en/latest/technical_reference/extensions.html
 load-plugins = [
   "pylint.extensions.emptystring",
@@ -71,18 +71,27 @@ ignore-paths = [
   "^src/gen/.*$",
 ]
 # No need to mention the fixmes
-disable=["fixme"]
+disable = ["fixme"]
 extension-pkg-allow-list = ["PyQt6", "win32ui"]
 
 [tool.pylint.FORMAT]
 max-line-length = 120
 
 [tool.pylint.'MESSAGES CONTROL']
+# Same as SonarLint
+max-complexity = 15
+max-branches = 15
+# https://pylint.pycqa.org/en/latest/user_guide/options.html#naming-styles
+module-naming-style = "any"
+# Can't make private class with PascalCase
+class-rgx = "_?_?[a-zA-Z]+?$"
+good-names = [
+  # PyQt methods
+  "closeEvent", "paintEvent", "keyPressEvent", "mousePressEvent", "mouseMoveEvent", "mouseReleaseEvent",
+  # https://github.com/PyCQA/pylint/issues/2018
+  "x", "y", "a0", "i", "t0", "t1"]
 disable = [
   "missing-docstring",
-  # TODO: We want to configure this
-  # https://pylint.pycqa.org/en/latest/user_guide/options.html#naming-styles
-  "invalid-name",
   # We group imports
   "wrong-import-position",
   # Already taken care of and grayed out. Also conflicts with Pylance reportIncompatibleMethodOverride