Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

config file as described in README.rst does not work #317

Open
davidak opened this issue Jun 18, 2018 · 5 comments · May be fixed by #944
Open

config file as described in README.rst does not work #317

davidak opened this issue Jun 18, 2018 · 5 comments · May be fixed by #944
Labels
bug Something isn't working good first issue Good for newcomers
Milestone
Near Future

Comments

@davidak
Copy link

davidak commented Jun 18, 2018

Describe the bug
A clear and concise description of what the bug is.

To Reproduce
Steps to reproduce the behavior:

  1. create .bandit file with content:
[bandit]
tests: B101,B102,B301
  1. run bandit -c .bandit -r module/
  2. get error:
    [main] ERROR .bandit : Error parsing file.

Expected behavior
working as described in readme

Bandit version

bandit 1.4.0

Additional context
Docs say it should be YAML and not INI. https://bandit.readthedocs.io/en/latest/config.html
@lukehinds lukehinds added the good first issue Good for newcomers label Jun 18, 2018
@lukehinds
Copy link
Member

want to take this one on @davidak ?

@davidak
Copy link
Author

davidak commented Jun 18, 2018

#318 is needed to use a sane name. I might find the time to do it then, but feel free to do it yourself.

@lassejar
Copy link

lassejar commented Aug 30, 2018
edited

This bug seems to be caused by inconsistent behavior of Bandit (and incomplete documentation).

If you use .bandit file, you need to start the file with text “[bandit]” and then add the arguments. For example:

[bandit]
exclude: \tests,\doc,\misc
tests: B101,B102,B104

But if you want to use separate config file with "–configfile" argument on the command line, you have to remove the text “[bandit]”, replace “exclude” with “exclude_dirs” and add the values inside square brackets like this:

exclude_dirs: [\tests,\doc,\misc]
tests: [B101,B102,B104]

@ericwb ericwb added the bug Something isn't working label May 9, 2019
@ericwb ericwb modified the milestones: Release 1.6.1, Near Future May 9, 2019
@Stannislav Stannislav mentioned this issue Dec 1, 2020
Merged
@diegovalenzuelaiturra
Copy link

Hi, the following may be helpful to configure bandit, for example, to avoid raising B101 assert_used warnings on python tests

@CTimmerman
Copy link

CTimmerman commented Aug 20, 2022
edited

https://bandit.readthedocs.io/en/latest/config.html says .bandit should be an INI file (which uses = instead of :). The only thing incorrect is that it implies you don't need to use -c .bandit because that's --ini .bandit and not needed when using -r which is false here. I suggest Bandit prefer .bandit, pyproject.toml, and setup.cfg by default, overridable with arguments like -c, and to replace --ini with -c or --config (aka --configfile).

This was referenced Aug 20, 2022
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working good first issue Good for newcomers
Projects
None yet
Milestone
Near Future
Development

Successfully merging a pull request may close this issue.

Make -c support ini as well. CTimmerman/bandit
6 participants
@davidak @ericwb @lukehinds @CTimmerman @lassejar @diegovalenzuelaiturra