Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't set (severity) level through .bandit ini file #938

Open
ap-- opened this issue Jul 28, 2022 · 0 comments · May be fixed by #939
Open

Can't set (severity) level through .bandit ini file #938

ap-- opened this issue Jul 28, 2022 · 0 comments · May be fixed by #939
Labels
bug Something isn't working

Comments

@ap--
Copy link

ap-- commented Jul 28, 2022

Describe the bug

With a simple .bandit ini file like this:

[bandit]
level = 1

bandit crashes with:

[main]  INFO    Using command line arg for selected targets
[main]  INFO    profile include tests: None
[main]  INFO    profile exclude tests: None
[main]  INFO    cli include tests: None
[main]  INFO    cli exclude tests: None
[main]  INFO    running on Python 3.9.13
[manager]       WARNING Skipping directory (.), use -r flag to scan contents
Traceback (most recent call last):
  File "/Users/poehlmann/Development/bandit/venv/bin/bandit", line 10, in <module>
    sys.exit(main())
  File "/Users/poehlmann/Development/bandit/bandit/cli/main.py", line 670, in main
    sev_level = constants.RANKING[args.severity - 1]
TypeError: unsupported operand type(s) for -: 'str' and 'int'

Reproduction steps

1. create `.bandit` ini from description
2. run `bandit --ini .bandit .`

Expected behavior

bandit should allow configuration of available settings through the ini file.

Bandit version

1.7.4 (Default)

Python version

3.9

Additional context

No response
@ap-- ap-- added the bug Something isn't working label Jul 28, 2022
ap-- added a commit to ap--/bandit that referenced this issue Jul 28, 2022
@ap--
Use the argparse parser to validate the ini config
59f3ff5 
Closes PyCQA#938

Additionally this provides better error messages for
.bandit ini config files and ensures that the ini options
are parsed correctly by reusing the argparse parser in
`bandit.cli.main`
@ap-- ap-- linked a pull request Jul 28, 2022 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix ini config parsing ap--/bandit
1 participant
@ap--