New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to commit changes due to bandit (use of subprocess module) #2063
Comments
Bandit is run as part of the pre-commit hooks that you've installed and that we (maintainers) use. We have not run all of the hooks on all of satpy as there are too many issues to do it all in one sitting. Some of the issues require refactoring or rewriting to do a better long term solution as well. I think in the case of the HRIT decompression tool we don't have much choice but to use Popen (anyone have other ideas?). So in that case you could look at setting exclusion comments: https://bandit.readthedocs.io/en/latest/config.html#exclusions
You'll need a similar one for the use of Popen. |
Does anyone in @pytroll/satpy-core have a problem with this? |
I'm good with this. |
Thanks for the quick reply @djhoese ! I have some more performant code for the HRIT decompression part, currently I am using a python wrapper to decompress files in-memory, and therefore I need to make changes to the HRIT reader to accept file-like objects. |
Describe the bug
I am unable to commit changes in file
satpy/readers/hrit_base.py
due to bandit issueing B603, B404 because ofsubprocess
usage.To Reproduce
Change someting in
satpy/readers/hrit_base.py
and try to commit.Expected behavior
I would like to commit changes.
Actual results
Commit not possible.
Here is the log:
Screenshots
If applicable, add screenshots to help explain your problem.
Environment Info:
from satpy.utils import check_satpy; check_satpy()
]Additional context
It looks like bandit is only checking the files which will be commited, and I guess that's fine.
Have you run bandit on the whole repository to check for other issues in files, which rarely get changed?
The text was updated successfully, but these errors were encountered: