forked from pantsbuild/pants
-
Notifications
You must be signed in to change notification settings - Fork 0
/
subsystem.py
56 lines (47 loc) · 1.8 KB
/
subsystem.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# Copyright 2020 Pants project contributors (see CONTRIBUTORS.md).
# Licensed under the Apache License, Version 2.0 (see LICENSE).
from typing import Optional, Tuple, cast
from pants.backend.python.subsystems.python_tool_base import PythonToolBase
from pants.option.custom_types import file_option, shell_str
class Bandit(PythonToolBase):
"""A tool for finding security issues in Python code (https://bandit.readthedocs.io)."""
options_scope = "bandit"
default_version = "bandit>=1.6.2,<1.7"
# `setuptools<45` is for Python 2 support. `stevedore` is because the 3.0 release breaks Bandit.
default_extra_requirements = ["setuptools<45", "stevedore<3"]
default_entry_point = "bandit"
default_interpreter_constraints = ["CPython>=2.7,<3", "CPython>=3.5"]
@classmethod
def register_options(cls, register):
super().register_options(register)
register(
"--skip",
type=bool,
default=False,
help=f"Don't use Bandit when running `{register.bootstrap.pants_bin_name} lint`",
)
register(
"--args",
type=list,
member_type=shell_str,
help=(
f"Arguments to pass directly to Bandit, e.g. "
f'`--{cls.options_scope}-args="--skip B101,B308 --confidence"`'
),
)
register(
"--config",
type=file_option,
default=None,
advanced=True,
help="Path to a Bandit YAML config file",
)
@property
def skip(self) -> bool:
return cast(bool, self.options.skip)
@property
def args(self) -> Tuple[str, ...]:
return tuple(self.options.args)
@property
def config(self) -> Optional[str]:
return cast(Optional[str], self.options.config)