Skip to content

Commit

Permalink
move bandit excludes to pyproject.toml
Browse files Browse the repository at this point in the history 
Move the list of excluded files from --exclude in tox.ini to
exclude_dirs in pyproject.toml to centralize configuration in
pyproject.toml and make it accessible to tools and bandit invocations
outside of tox.

- Remove the comment that exclude is ignored by bandit 1.6.3+, which was
  fixed by PyCQA/bandit#722 in bandit 1.7.1.
- Change exclude (which only works for INI files) to exclude_dirs (which
  only works for TOML and YAML files), as described in
  PyCQA/bandit#876
- Add /.git/ and /__pycache__/ to exclude_dirs to match --exclude.
- Remove --exclude from invocation in tox.ini

Signed-off-by: Kevin Locke <kevin@kevinlocke.name>
  • Loading branch information
@kevinoid
kevinoid committed Mar 17, 2023
1 parent 6209c86 commit 2468b69
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
6 changes: 3 additions & 3 deletions pyproject.toml
View file
Expand Up @@ -18,11 +18,11 @@ requires = [
build-backend = 'setuptools.build_meta'

[tool.bandit]
# Note: exclude is ignored by bandit 1.6.3 and later.
# See https://github.com/PyCQA/bandit/issues/657
exclude = [
exclude_dirs = [
'/.git/',
'/.tox/',
'/.venv/',
'/__pycache__/',
]
skips = [
'B101', # assert_used (needed for pytest, arguably useful outside)
Expand Down
2 changes: 1 addition & 1 deletion tox.ini
View file
Expand Up @@ -44,7 +44,7 @@ commands =
# List files and top-level packages/directories explicitly for now.
pylint docs setup.py src/packagename tests
isort --check --diff .
bandit -c pyproject.toml -f txt --exclude /.git/,/.tox/,/.venv/,/__pycache__/ -r .
bandit -c pyproject.toml -f txt -r .
pyroma .
vulture --exclude */docs/*,*/tests/*,*/.tox/*,*/.venv*/* .
black --check --diff .

0 comments on commit 2468b69

Please sign in to comment.