Source code for prospector.tools.bandit
from bandit.cli.main import _get_profile, _init_extensions
from bandit.core.config import BanditConfig
from bandit.core.constants import RANKING
from bandit.core.manager import BanditManager
from prospector.message import Location, Message
from prospector.tools.base import ToolBase
[docs]
class BanditTool(ToolBase):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.manager = None
self.profile = None
self.config_file = None
self.agg_type = "file"
self.severity = 0
self.confidence = 0
[docs]
def configure(self, prospector_config, _):
options = prospector_config.tool_options("bandit")
if "profile" in options:
self.profile = options["profile"]
if "config" in options:
self.config_file = options["config"]
if "severity" in options:
self.severity = options["severity"]
if not 0 <= self.severity <= 2:
raise ValueError(f"severity {self.severity!r} must be between 0 and 2")
if "confidence" in options:
self.confidence = options["confidence"]
if not 0 <= self.confidence <= 2:
raise ValueError(f"confidence {self.confidence!r} must be between 0 and 2")
b_conf = BanditConfig(config_file=self.config_file)
profile = _get_profile(b_conf, self.profile, self.config_file)
extension_mgr = _init_extensions()
extension_mgr.validate_profile(profile)
self.manager = BanditManager(b_conf, None, profile=profile)
[docs]
def run(self, found_files):
self.manager.files_list = sorted(found_files.files)
self.manager.exclude_files = []
if not self.manager.b_ts.tests:
raise ValueError("No test will run for bandit")
self.manager.run_tests()
results = self.manager.get_issue_list(sev_level=RANKING[self.severity], conf_level=RANKING[self.confidence])
messages = []
for result in results:
loc = Location(result.fname, None, "", int(result.lineno), 0)
msg = Message("bandit", result.test_id, loc, result.text)
messages.append(msg)
return messages