bandit icon indicating copy to clipboard operation
bandit copied to clipboard
verified publisher icon PyCQA

Suggest fixes for issues

Open ericwb opened this issue 2 years ago • 2 comments

This change introduces a new feature that will suggest a fix in the form of a line of code as replacement for the line range of the issue.

This is the first step to have the ability to auto-correct problems detected. Later more changes can be merged to modify the file with the suggested fix.

The Issue class has a new fix string attribute that denotes how the lines of affected code can be replaced. This suggested fix will not preserve code comments and possibly other optimizations the AST does not capture.

Closes #439

ericwb avatar Mar 19 '23 02:03 ericwb

If we're going to try to parse/unparse AST we should consider using libcst instead

sigmavirus24 avatar Mar 19 '23 16:03 sigmavirus24

If we're going to try to parse/unparse AST we should consider using libcst instead

Yeah, I did consider libcst initially, but thought the changes would be too drastic. There is a lot of existing code assuming the use of the ast module.

What the standard ast lacks is the capturing of comments as nodes. In the example code in this PR, I have a workaround to ensure comments are preserved.

ericwb avatar Apr 07 '23 04:04 ericwb