Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Bandit 1.6.3 does not respect excluded paths from .bandit file
See original GitHub issueWith a .bandit file with the contents
[bandit]
exclude: ./.tox,./tests
1.6.2 gives
$ bandit -r -ll -ii .
[main] INFO Found project level .bandit file: ./.bandit
[main] INFO Using ini file for excluded paths
[main] INFO Using command line arg for selected targets
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.7.5
114 [0.. 50.. 100.. ]
1.6.3 ignores the exluded paths
$ bandit -r -ll -ii .
[main] INFO Found project level .bandit file: ./.bandit
[main] INFO Using command line arg for excluded paths
[main] INFO Using command line arg for selected targets
[main] INFO Using command line arg for recursive scan
[main] INFO Using command line arg for aggregate output type
[main] INFO Using command line arg for max code lines output for issue
[main] INFO Using command line arg for severity level
[main] INFO Using command line arg for confidence level
[main] INFO Using command line arg for output format
[main] INFO Using command line arg for output file
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.7.5
549 [0.. 50.. 100.. 150.. 200.. 250.. 300.. 350.. 400.. 450.. 500.. ]
Issue Analytics
- State:
- Created 3 years ago
- Reactions:28
- Comments:12 (2 by maintainers)
Top Results From Across the Web
Configuration — Bandit documentation - Read the Docs
bandit , you can specify the file's path explicitly with –ini option, e.g.. bandit --ini tox.ini. Exclusions¶. In the event that a line...
Read more >bandit - Adding command line option to exclude paths
This commit adds a command line option '--exclude' where comma separated paths to exclude can be provided. These will be excluded in addition...
Read more >Bandit Documentation - Read the Docs
bandit, you can specify the file's path explicitly with –ini option, e.g. bandit --ini tox.ini. Exclusions. In the event that a line of...
Read more >Bandit Issue with Pyproject.toml - python - Stack Overflow
exclude did not work for me, so I looked through official docs and found this: enter image description here. We can specify dirs...
Read more >Issues-PyCQA/bandit - PythonTechWorld
Bandit 1.6.3 does not respect excluded paths from .bandit file. 888. With a .bandit file with the contents [bandit] exclude: ./.tox,.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Still broken in 1.7.0 😦
I can also reproduce this regression.