bandit icon indicating copy to clipboard operation
bandit copied to clipboard
verified publisher icon PyCQA

Broken JSON on standard output

Open muszalski opened this issue 2 years ago • 4 comments

Describe the bug

Hi!

When JSON format is requested the standard output starts with:

Working... ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:08

which breaks JSON.

Reproduction steps

1. Run `bandit -r . -f json` or `bandit -r . -f json -o -`
2. Check first line of the output - there is `Working...`

Expected behavior

Valid JSON on output

Bandit version

1.7.5 (Default)

Python version

3.11 (Default)

Additional context

No response

muszalski avatar Mar 13 '23 17:03 muszalski

@muszalski try: bandit -r . -f json -q > output.json

OClark23 avatar Apr 11 '23 19:04 OClark23

This also caused me trouble yesterday. Why not redirect this message to stderr? The 'settings' information is also output via stderr after all.

FHu-HMS avatar Apr 27 '23 06:04 FHu-HMS

FYI, you won't see the "Working ..." part if you use the -o <FILENAME> argument. For example: bandit -r examples/ -f json -o test.json

You can also pass -q to use quiet mode which skips the use of the progress statement.

ericwb avatar Dec 09 '23 05:12 ericwb

Not sure if there is a preferred way to fix this. Redirecting the progress to stderr doesn't necessarily make sense since I do think this is acceptable output for stdout. And there are workarounds using -o or -q to avoid the issue. But I can leave the issue open for now, maybe there is a more ideal solution.

ericwb avatar Dec 09 '23 05:12 ericwb