Python Bandit Exemples

Exemple #1

Fichier : test_bandit.py Projet : amrohassaan/grimoirelab-graal

    def test_analyze_error(self, check_output_mock):
        """Test whether an exception is thrown in case of errors"""

        check_output_mock.side_effect = subprocess.CalledProcessError(-1, "command", output=b'output')

        bandit = Bandit()
        kwargs = {
            'folder_path': os.path.join(self.repo_path, ANALYZER_TEST_FILE),
            'details': False
        }
        with self.assertRaises(GraalError):
            _ = bandit.analyze(**kwargs)

Exemple #2

Fichier : test_bandit.py Projet : amrohassaan/grimoirelab-graal

    def test_analyze_details(self):
        """Test whether bandit returns the expected fields data"""

        bandit = Bandit()
        kwargs = {
            'folder_path': os.path.join(self.repo_path),
            'details': True
        }
        result = bandit.analyze(**kwargs)

        self.assertIn('loc_analyzed', result)
        self.assertTrue(type(result['loc_analyzed']), int)
        self.assertIn('num_vulns', result)
        self.assertTrue(type(result['num_vulns']), int)
        self.assertIn('by_severity', result)
        self.assertTrue(type(result['by_severity']), dict)
        self.assertIn('undefined', result['by_severity'])
        self.assertTrue(type(result['by_severity']['undefined']), int)
        self.assertIn('low', result['by_severity'])
        self.assertTrue(type(result['by_severity']['low']), int)
        self.assertIn('medium', result['by_severity'])
        self.assertTrue(type(result['by_severity']['medium']), int)
        self.assertIn('high', result['by_severity'])
        self.assertTrue(type(result['by_severity']['high']), int)

        self.assertIn('by_confidence', result)
        self.assertTrue(type(result['by_confidence']), dict)
        self.assertIn('undefined', result['by_confidence'])
        self.assertTrue(type(result['by_confidence']['undefined']), int)
        self.assertIn('low', result['by_confidence'])
        self.assertTrue(type(result['by_confidence']['low']), int)
        self.assertIn('medium', result['by_confidence'])
        self.assertTrue(type(result['by_confidence']['medium']), int)
        self.assertIn('high', result['by_confidence'])
        self.assertTrue(type(result['by_confidence']['high']), int)

        self.assertIn('vulns', result)

        vd = result['vulns'][0]
        self.assertIn('file', vd)
        self.assertTrue(type(vd['file']), str)
        self.assertIn('line', vd)
        self.assertTrue(type(vd['line']), int)
        self.assertIn('severity', vd)
        self.assertTrue(type(vd['severity']), str)
        self.assertIn('confidence', vd)
        self.assertTrue(type(vd['confidence']), str)
        self.assertIn('descr', vd)
        self.assertTrue(type(vd['descr']), str)

Exemple #3

Fichier : covuln.py Projet : animeshk08/grimoirelab-graal

class VulnAnalyzer:
    """Class to identify security vulnerabilities in a Python project"""

    def __init__(self, details=False):
        self.details = details
        self.bandit = Bandit()

    def analyze(self, folder_path):
        """Analyze the content of a folder using Bandit

        :param folder_path: folder path

        :returns a dict containing the results of the analysis, like the one below
        {
          'code_quality': ..,
          'modules': [..]
        }
        """
        kwargs = {
            'folder_path': folder_path,
            'details': self.details
        }
        analysis = self.bandit.analyze(**kwargs)

        return analysis

Exemple #4

Fichier : test_bandit.py Projet : inishchith/grimoirelab-graal

    def test_analyze_no_details(self):
        """Test whether bandit returns the expected fields data"""

        bandit = Bandit()
        kwargs = {
            'folder_path': os.path.join(self.repo_path, ANALYZER_TEST_FILE),
            'details': False
        }
        result = bandit.analyze(**kwargs)

        self.assertIn('loc_analyzed', result)
        self.assertTrue(type(result['loc_analyzed']), int)
        self.assertIn('num_vulns', result)
        self.assertTrue(type(result['num_vulns']), int)
        self.assertIn('by_severity', result)
        self.assertTrue(type(result['by_severity']), dict)
        self.assertIn('undefined', result['by_severity'])
        self.assertTrue(type(result['by_severity']['undefined']), int)
        self.assertIn('low', result['by_severity'])
        self.assertTrue(type(result['by_severity']['low']), int)
        self.assertIn('medium', result['by_severity'])
        self.assertTrue(type(result['by_severity']['medium']), int)
        self.assertIn('high', result['by_severity'])
        self.assertTrue(type(result['by_severity']['high']), int)

        self.assertIn('by_confidence', result)
        self.assertTrue(type(result['by_confidence']), dict)
        self.assertIn('undefined', result['by_confidence'])
        self.assertTrue(type(result['by_confidence']['undefined']), int)
        self.assertIn('low', result['by_confidence'])
        self.assertTrue(type(result['by_confidence']['low']), int)
        self.assertIn('medium', result['by_confidence'])
        self.assertTrue(type(result['by_confidence']['medium']), int)
        self.assertIn('high', result['by_confidence'])
        self.assertTrue(type(result['by_confidence']['high']), int)

        self.assertNotIn('vulns', result)

Exemple #5

 def __init__(self, details=False):
     self.details = details
     self.bandit = Bandit()