Eric Brown
Eric Brown
This change introduces a new feature that will suggest a fix in the form of a line of code as replacement for the line range of the issue. This is...
**Is your feature request related to a problem? Please describe.** N/A **Describe the solution you'd like** Bandit currently utilizes the Python base ast module for parsing. But there are other...
Source blueprint: https://blueprints.launchpad.net/bandit/+spec/use-threading-when-running-checks Many static analysis tools offer parallelization of execution to make checking large amounts of code faster. Flake8, for example, added the -j flag so that files would...
**Is your feature request related to a problem? Please describe.** It's nice that Bandit flags lines of code that require attention, but it would be even more valuable to suggest...
**Is your feature request related to a problem? Please describe.** Add ability to filter results by CWE **Describe the solution you'd like** Since some of the CWEs are uses in...
### Describe the bug The end line number of an issue in a multi-line call is off by 1. It's reporting one less than actual end line number. ### Reproduction...
**Is your feature request related to a problem? Please describe.** Currently, constants.py defines some standard excludes hardcoded in a file. While this hasn't generally been an issue thus far, it...
**Is your feature request related to a problem? Please describe.** A nicely written standard around command lines is available.. Bandit should strive to conform to these standards where possible. For...
Multiple plugins in bandit/plugins/injection_shell.py assume that a command will be passed in as a positional argument. When keyword arguments are used, the plugins don't even report that a call occurred....
**Is your feature request related to a problem? Please describe.** It may be useful to translate our strings. Not every user of Bandit necessarily has English as their first language....