bandit
bandit copied to clipboard
PyCQA
Bandit is a tool designed to find common security issues in Python code.
This commit improves handling nosecs in multi-line strings, like: ``` 1. nosec_not_working = f""" 2. SELECT * FROM {table} 3. """ # nosec ``` Before this change, bandit was checking...
As discovered in #488 (latest comments) and reported in #528. Also attempts to improve the documentation code by aligning code block indenting replacing simple code blocks (`::`) with source code...
Closes #938 This adds a test with the current default ini configuration for bandit. Additionally this provides better error messages for `.bandit` ini config files and ensures that the ini...
### Describe the bug With a simple `.bandit` ini file like this: ```ini [bandit] level = 1 ``` bandit crashes with: ```python [main] INFO Using command line arg for selected...
If one day we do wish to have the capability to swap the builtin Python ast for another parser, it's best to abstract any direct calls to the ast parser...
### Describe the bug When running bandit as a pre-commit hooks on pre-commit.ci or locally I am getting an error that says the Bandit hook can't read the pyproject.toml file....
Rather than showing the plugins as a simple list, this change puts them into a table. It also clearly separates active vs. removed plugins for clarity. Also discovered as part...
Instead of relying on a count of the severity and confidence levels found within an example file, make use of Python's native unit testing to verify the results of a...
**Is your feature request related to a problem? Please describe.** When exceptions in Bandit occur as a result of bugs, the easier we make it to get bugs reported, the...