Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to check the exclude path works in the .bandit file ? #400

Closed
Pokerface9711 opened this issue Oct 8, 2018 · 6 comments
Closed

How to check the exclude path works in the .bandit file ? #400

Pokerface9711 opened this issue Oct 8, 2018 · 6 comments
Labels
question Further information is requested

Comments

@Pokerface9711
Copy link

Pokerface9711 commented Oct 8, 2018
edited by ericwb
Loading

My .bandit file looks like below.

[bandit]
exclude: \static,\templates
skips: B413,B601,B501,B602,B605

Command line output.

wus-macbook-pro:~ wuwei$ bandit -lll vmonic/git_repo/devops-online/ -r
[main]	INFO	Found project level .bandit file: vmonic/git_repo/devops-online/.bandit
[main]	INFO	Using ini file for excluded paths
[main]	INFO	Using ini file for skipped tests
[main]	INFO	Using command line arg for selected targets
[main]	INFO	profile include tests: None
[main]	INFO	profile exclude tests: None
[main]	INFO	cli include tests: None
[main]	INFO	cli exclude tests: B413,B601,B501,B602,B605
[main]	INFO	running on Python 2.7.13
66 [0.. 50.. ]
Run started:2018-10-08 09:06:15.117350

Test results:
.......

Code scanned:
	Total lines of code: 16347
	Total lines skipped (#nosec): 3

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 83
		Medium: 64
		High: 2
	Total issues (by confidence):
		Undefined: 0
		Low: 23
		Medium: 7
		High: 119
Files skipped (0):

My question is , the total code line scanned is the same as before and after I write the .bandit file and the command line output do not give me clearly information that my config to exclude /templates folder works or not.
@ehooo
Copy link
Contributor

ehooo commented Nov 21, 2018

I think this is because the exclude has starts with \ have you try with / ?

@gothraven
Copy link

gothraven commented Feb 6, 2019
edited
Loading

better use in your bandit config file

exclude_dirs:
  - path/to/file.py
  - path

@ericwb ericwb added the question Further information is requested label May 9, 2019
@ericwb
Copy link
Member

ericwb commented May 9, 2019

Looks like wrong path separator as mentioned.

@ericwb ericwb closed this as completed May 9, 2019
@NLPDev
Copy link

NLPDev commented May 15, 2019

I tried to exclude "tests" folder, but I can't.

[bandit]
exclude: /tests

How to fix this problem?

@wen96
Copy link

wen96 commented May 21, 2019

Hi, I have the same problem only in version 1.6.0.

Running:

bandit . -r -x tests

Ignores tests/ folder in version 1.5.1 but not in 1.6.0

@ehooo
Copy link
Contributor

ehooo commented May 21, 2019

@wen96 the new issue is #488

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@ehooo @wen96 @ericwb @gothraven @Pokerface9711 @NLPDev