Is `pyproject.toml` based config supported by band...
# generalr
refined-addition-53644
09/09/2022, 4:47 PMIs
pyproject.toml✅ 2
refined-addition-53644
09/09/2022, 4:49 PM• pyproject.toml
Copy code
[tool.bandit]
skips = ["B101"]pants.toml Copy code
[bandit]
config = "pyproject.toml"
args = ["--quiet"]
lockfile = "build-support/bandit.lock"
extra_requirements.add = [
"tomli>=1.1.0",
] Copy code
./pants lint --only=bandit ::
18:46:20.08 [INFO] Initializing scheduler...
18:46:20.30 [INFO] Scheduler initialized.
18:46:24.33 [ERROR] Completed: Lint with Bandit - bandit failed (exit code 2).
[main] ERROR pyproject.toml : toml parser not available, reinstall with toml extra
18:46:24.33 [ERROR] Completed: Lint with Bandit - bandit failed (exit code 2).
[main] ERROR pyproject.toml : toml parser not available, reinstall with toml extra
18:46:24.37 [ERROR] Completed: Lint with Bandit - bandit failed (exit code 2).
[main] ERROR pyproject.toml : toml parser not available, reinstall with toml extrarefined-addition-53644
09/09/2022, 4:52 PMwithout anything explicit bandit just generates all the B101 which I have asked to be skipped
r
rhythmic-battery-45198
09/09/2022, 5:09 PM•
pyproject.toml Copy code
[tool.bandit]
exclude_dirs=[
'tests'
]
skips=[
'B403', # allow importing pickle
]pants.toml Copy code
[bandit]
version = "bandit[toml]>=1.7.0,<1.8"
lockfile = "3rdparty/python/bandit.lock"
config = "src/python/pyproject.toml"🙌 1
r
refined-addition-53644
09/09/2022, 5:14 PMThank you @rhythmic-battery-45198. Do you know how would you add this config to pyproject.toml
Copy code
assert_used:
skips: ['*_test.py', 'test_*.py']refined-addition-53644
09/09/2022, 5:16 PMFound it
Copy code
[tool.bandit.assert_used]
skips = ['*_test.py', '*/test_*.py']r
rhythmic-battery-45198
09/09/2022, 5:16 PMYep - I think I started with that but then disabled bandit on all my test modules.