New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
with "pip install bandit", toml is missing if we want use a configfil… #779
with "pip install bandit", toml is missing if we want use a configfil… #779
Conversation
…e like pyproject.toml.
This looks much like #755 |
Fixed with #755 |
Hello, For me it's not fixed with your suggestion. and we can use a pyproject.toml It's not a normal way to use We use a pip cacher and it's not possible to use pip from git by the way i have error if i test your suggestion !
The import toml is really use in your project is not an extra Could you review your position ? |
I think we need to fix the code importing toml, not make this a hard requirement |
To install toml as an optional feature of Bandit, use That being said, the import line you found should be more robust with something like a try-exception block. |
Yes, eventually if we have an exception on Thanks for your feedback. It's works on my side with this tips. |
We only want to rely on toml when it's present and tell the user how to resolve things if in fact they want to use toml Closes #779
See #780 |
We only want to rely on toml when it's present and tell the user how to resolve things if in fact they want to use toml Closes #779
We only want to rely on toml when it's present and tell the user how to resolve things if in fact they want to use toml Closes #779
Hello,
We use bandit in a stage pipeline git and we have an issue when we use a configfile pyproject.toml :
It seems the dependency toml is missing.
Could you accept to add it in requirements.txt ?
Thanks for your feedbacks.
See you
Nicolas Monfort