Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
config file as described in README.rst does not work
See original GitHub issueDescribe the bug A clear and concise description of what the bug is.
To Reproduce Steps to reproduce the behavior:
- create
.banditfile with content:
[bandit]
tests: B101,B102,B301
- run
bandit -c .bandit -r module/ - get error:
[main] ERROR .bandit : Error parsing file.
Expected behavior working as described in readme
Bandit version
bandit 1.4.0
Additional context Docs say it should be YAML and not INI. https://bandit.readthedocs.io/en/latest/config.html
Issue Analytics
- State:
- Created 5 years ago
- Comments:5 (1 by maintainers)
Top Results From Across the Web
reStructuredText: README.rst not working on PyPI
I found that the problem was not in the README file but in setup.py itself. Follow the below points while writing Readme and...
Read more >Configuration — Sphinx-Gallery 0.11.1-git documentation
Configuration and customization of Sphinx-Gallery is done primarily with a dictionary specified in your conf.py file. A list of the possible keys are...
Read more >The pyproject.toml config file — Flit 3.8.0 documentation
The new standard way to specify project metadata is in a [project] table, as defined by PEP 621. Flit works for now with...
Read more >Making a PyPI-friendly README
README files can help your users understand your project and can be used to set your project's description on PyPI. This guide helps...
Read more >Uploading README.rst to PyPI - Ayke van Laëthem
TL;DR: if you just want to add a README.rst file to a PyPI package, do something like this: from distutils.core import setup import...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
This bug seems to be caused by inconsistent behavior of Bandit (and incomplete documentation).
If you use .bandit file, you need to start the file with text “[bandit]” and then add the arguments. For example:
But if you want to use separate config file with “–configfile” argument on the command line, you have to remove the text “[bandit]”, replace “exclude” with “exclude_dirs” and add the values inside square brackets like this:
https://bandit.readthedocs.io/en/latest/config.html says
.banditshould be an INI file (which uses=instead of:). The only thing incorrect is that it implies you don’t need to use-c .banditbecause that’s--ini .banditand not needed when using-rwhich is false here. I suggest Bandit prefer.bandit,pyproject.toml, andsetup.cfgby default, overridable with arguments like-c, and to replace--iniwith-cor--config(aka--configfile).