def configure(self, prospector_config, _):
options = prospector_config.tool_options("bandit")
if "profile" in options:
self.profile = options["profile"]
if "config" in options:
self.config_file = options["config"]
if "severity" in options:
self.severity = options["severity"]
if not 0 <= self.severity <= 2:
raise ValueError(
"severity {!r} must be between 0 and 2".format(
self.severity))
if "confidence" in options:
self.confidence = options["confidence"]
if not 0 <= self.confidence <= 2:
raise ValueError(
"confidence {!r} must be between 0 and 2".format(
self.confidence))
b_conf = BanditConfig(config_file=self.config_file)
profile = _get_profile(b_conf, self.profile, self.config_file)
extension_mgr = _init_extensions()
extension_mgr.validate_profile(profile)
self.manager = BanditManager(b_conf, None, profile=profile)
def configure(self, prospector_config, _):
options = prospector_config.tool_options('bandit')
if 'profile' in options:
self.profile = options['profile']
if 'config' in options:
self.config_file = options['config']
if 'severity' in options:
self.severity = options['severity']
if not 0 <= self.severity <= 2:
raise ValueError('severity {!r} must be between 0 and 2'.format(self.severity))
if 'confidence' in options:
self.confidence = options['confidence']
if not 0 <= self.confidence <= 2:
raise ValueError('confidence {!r} must be between 0 and 2'.format(self.confidence))
b_conf = BanditConfig(config_file=self.config_file)
profile = _get_profile(b_conf, self.profile, self.config_file)
extension_mgr = _init_extensions()
extension_mgr.validate_profile(profile)
self.manager = BanditManager(b_conf, None, profile=profile)
class BanditTool(ToolBase):
def __init__(self, *args, **kwargs):
super(BanditTool, self).__init__(*args, **kwargs)
self.manager = None
self.profile = None
self.config_file = None
self.agg_type = "file"
self.severity = 0
self.confidence = 0
def configure(self, prospector_config, _):
options = prospector_config.tool_options("bandit")
if "profile" in options:
self.profile = options["profile"]
if "config" in options:
self.config_file = options["config"]
if "severity" in options:
self.severity = options["severity"]
if not 0 <= self.severity <= 2:
raise ValueError(
"severity {!r} must be between 0 and 2".format(
self.severity))
if "confidence" in options:
self.confidence = options["confidence"]
if not 0 <= self.confidence <= 2:
raise ValueError(
"confidence {!r} must be between 0 and 2".format(
self.confidence))
b_conf = BanditConfig(config_file=self.config_file)
profile = _get_profile(b_conf, self.profile, self.config_file)
extension_mgr = _init_extensions()
extension_mgr.validate_profile(profile)
self.manager = BanditManager(b_conf, None, profile=profile)
def run(self, found_files):
self.manager.files_list = sorted(found_files.iter_file_paths())
self.manager.exclude_files = []
if not self.manager.b_ts.tests:
raise ValueError("No test will run for bandit")
self.manager.run_tests()
results = self.manager.get_issue_list(
sev_level=RANKING[self.severity],
conf_level=RANKING[self.confidence])
messages = []
for result in results:
loc = Location(os.path.abspath(result.fname), None, "",
int(result.lineno), 0)
msg = Message("bandit", result.test_id, loc, result.text)
messages.append(msg)
return messages
def runtest(self):
b_conf = BanditConfig()
b_mgr = BanditManager(b_conf,
self.config.getini('bandit_aggregate_by'),
debug=self.config.getini('bandit_debug'),
profile=self.config.getini('bandit_profile'),
verbose=self.config.getini('bandit_verbose'),
ignore_nosec=self.config.getini('bandit_ignore_nosec'))
b_mgr.discover_files(self.config.getini('bandit_targets'),
self.config.getini('bandit_recurse'),
self.config.getini('bandit_exclude'))
if not b_mgr.b_ts.tests:
LOG.error('No tests would be run, please check your targets and add recurse')
return 5
b_mgr.run_tests()
# trigger output of results by Bandit Manager
sev_level = constants.RANKING[int(self.config.getini('bandit_sev_level'))]
conf_level = constants.RANKING[int(self.config.getini('bandit_conf_level'))]
sys.stdout = sys.__stdout__
b_mgr.output_results(self.config.getini('bandit_context_lines'),
sev_level,
conf_level,
sys.stdout,
'screen')
# return an exit code of 1 if there are results, 0 otherwise
LOG.debug(sev_level)
LOG.debug(conf_level)
if b_mgr.results_count(sev_filter=sev_level, conf_filter=conf_level) > 0:
return 1
return 0