bandit icon indicating copy to clipboard operation
bandit copied to clipboard

Published 20 hours ago verified publisher icon PyCQA

Error parsing pyproject.tml

Open edgarriba opened this issue 4 years ago • 4 comments

Describe the bug

Hi ! I'm following the documentation** to provide a custom setup for bandit to exclude some tests (B101) in our testing framework but I get the following error:

[config]        ERROR   expected '<document start>', but found '<scalar>'
  in "pyproject.toml", line 2, column 1
[main]  ERROR   pyproject.toml : Error parsing file

Where the ppyproject.toml is the following

[tool.black]
line-length = 120
skip-string-normalization = true
skip-magic-trailing-comma = true


[tool.bandit.assert_used]
exclude = ["*_test.py", "test_*.py"]

**https://bandit.readthedocs.io/en/latest/config.html

Reproduction steps

1. bandit --recursive -c pyproject.toml test

Expected behavior

Not crash

Bandit version

1.7.0 (Default)

Python version

3.8

Additional context

No response

edgarriba avatar Sep 02 '21 10:09 edgarriba

I had the same problem when I was attempting to implement Bandit recently, but it's due to the fact that the latest docs are actually what's currently on master. The docs for the current 1.7.0 release are more in line with stable, i.e. https://bandit.readthedocs.io/en/stable/config.html

Until Bandit gets a new release you'll have to use a .bandit.yml file to configure it.

amrishparmar avatar Sep 02 '21 16:09 amrishparmar

@amrishparmar thanks so much , I’ll keep in mind

edgarriba avatar Sep 03 '21 06:09 edgarriba

@adambenali regarding release, even now at release 1.7.4 the mentioned configuration is not working.

staticdev avatar Aug 15 '22 08:08 staticdev

When using the config:

[tool.bandit.assert_used]
skips = ["*/*_test.py", "*/test_*.py"]

skipping works without any issue on bandit 1.7.5

RoelAdriaans avatar Nov 22 '23 01:11 RoelAdriaans