Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

config file as described in README.rst does not work #317

Open
davidak opened this issue Jun 18, 2018 · 4 comments
Open

config file as described in README.rst does not work #317

davidak opened this issue Jun 18, 2018 · 4 comments
Labels
bug good first issue
Milestone
Near Future

Comments

@davidak
Copy link

@davidak davidak commented Jun 18, 2018

Describe the bug
A clear and concise description of what the bug is.

To Reproduce
Steps to reproduce the behavior:

  1. create .bandit file with content:
[bandit]
tests: B101,B102,B301
  1. run bandit -c .bandit -r module/
  2. get error:
    [main] ERROR .bandit : Error parsing file.

Expected behavior
working as described in readme

Bandit version

bandit 1.4.0

Additional context
Docs say it should be YAML and not INI. https://bandit.readthedocs.io/en/latest/config.html
@lukehinds lukehinds added the good first issue label Jun 18, 2018
@lukehinds
Copy link
Member

@lukehinds lukehinds commented Jun 18, 2018

want to take this one on @davidak ?

@davidak
Copy link
Author

@davidak davidak commented Jun 18, 2018

#318 is needed to use a sane name. I might find the time to do it then, but feel free to do it yourself.

@lassejar
Copy link

@lassejar lassejar commented Aug 30, 2018
edited

This bug seems to be caused by inconsistent behavior of Bandit (and incomplete documentation).

If you use .bandit file, you need to start the file with text “[bandit]” and then add the arguments. For example:

[bandit]
exclude: \tests,\doc,\misc
tests: B101,B102,B104

But if you want to use separate config file with "–configfile" argument on the command line, you have to remove the text “[bandit]”, replace “exclude” with “exclude_dirs” and add the values inside square brackets like this:

exclude_dirs: [\tests,\doc,\misc]
tests: [B101,B102,B104]

@ericwb ericwb added the bug label May 9, 2019
@ericwb ericwb added this to the Release 1.6.1 milestone May 9, 2019
@ericwb ericwb removed this from the Release 1.6.1 milestone May 9, 2019
@ericwb ericwb added this to the Near Future milestone May 9, 2019
@Stannislav Stannislav mentioned this issue Dec 1, 2020
Merged
@diegovalenzuelaiturra
Copy link

@diegovalenzuelaiturra diegovalenzuelaiturra commented Nov 17, 2021

Hi, the following may be helpful to configure bandit, for example, to avoid raising B101 assert_used warnings on python tests

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug good first issue
Projects
None yet
Milestone
Near Future
Development

No branches or pull requests
5 participants
@davidak @ericwb @lukehinds @lassejar @diegovalenzuelaiturra