From 84492c14a760df5e257d23c93bb91da916c2e87d Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Tue, 9 Jun 2015 09:18:28 -0700 Subject: [PATCH] Fix bandit tox environment to properly run These changes were necessary: - Move bandit dependency from test-requirements-bandit.txt to test-requirements.txt - Only print high and medium severity errors (-ll) - Rename blacklist_functions to proper plugin name of blacklist_calls Change-Id: Ibf2a16e3fc62aadc995c70b5dfe2258f1cf23f85 --- bandit.yaml | 3 +-- test-requirements-bandit.txt | 1 - test-requirements.txt | 2 ++ tox.ini | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) delete mode 100644 test-requirements-bandit.txt diff --git a/bandit.yaml b/bandit.yaml index 529ef8f7..5a436a45 100644 --- a/bandit.yaml +++ b/bandit.yaml @@ -21,7 +21,6 @@ plugin_name_pattern: '*.py' # globs of files which should be analyzed include: - '*.py' - - '*.pyw' # a list of strings, which if found in the path will cause files to be excluded # for example /tests/ - to remove all all files in tests directory @@ -47,7 +46,7 @@ profiles: include: - hardcoded_sql_expressions -blacklist_functions: +blacklist_calls: bad_name_sets: - pickle: qualnames: [pickle.loads, pickle.load, pickle.Unpickler, diff --git a/test-requirements-bandit.txt b/test-requirements-bandit.txt deleted file mode 100644 index 38c39e1b..00000000 --- a/test-requirements-bandit.txt +++ /dev/null @@ -1 +0,0 @@ -bandit==0.10.1 diff --git a/test-requirements.txt b/test-requirements.txt index 5346047e..79db63db 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -22,3 +22,5 @@ coverage>=3.6 # this is required for the docs build jobs oslosphinx>=2.5.0 # Apache-2.0 sphinx>=1.1.2,!=1.2.0,!=1.3b1,<1.3 + +bandit>=0.10.1 diff --git a/tox.ini b/tox.ini index b2f7528e..7db19c14 100644 --- a/tox.ini +++ b/tox.ini @@ -17,8 +17,8 @@ deps = -r{toxinidir}/requirements.txt commands = pylint oslo [testenv:bandit] -deps = -r{toxinidir}/test-requirements-bandit.txt -commands = bandit -c bandit.yaml -r oslo_vmware -n 5 +deps = -r{toxinidir}/test-requirements.txt +commands = bandit -c bandit.yaml -r oslo_vmware -n 5 -ll [testenv:docs] commands = python setup.py build_sphinx