bandit False negative when setting password within a dict (B105)

False negative when setting password within a dict (B105)

Open prathamlahoti123 opened this issue 4 months ago • 0 comments

Describe the bug

B105 isn't triggered if there's a password key within a dictionary.

Reproduction steps

1. echo 'info = {"password": "12345"}' > test.py
2. bandit -r test.py

Expected behavior

B105 must be triggered as described in the docs.

Bandit version

1.8.3 (Default)

Python version

3.12

Additional context

B105 isn't triggered even if the rule is explicitly added to a configuration file such as bandit.yaml and bandit is run with the corresponding -c flag.

May 30 '25 11:05 prathamlahoti123

bandit bandit copied to clipboard

False negative when setting password within a dict (B105)

Describe the bug

Reproduction steps

Expected behavior

Bandit version

Python version

Additional context

bandit
bandit copied to clipboard