How to check the exclude path works in the .bandit file ?

See original GitHub issue

My .bandit file looks like below.

[bandit]
exclude: \static,\templates
skips: B413,B601,B501,B602,B605

Command line output.

wus-macbook-pro:~ wuwei$ bandit -lll vmonic/git_repo/devops-online/ -r
[main]	INFO	Found project level .bandit file: vmonic/git_repo/devops-online/.bandit
[main]	INFO	Using ini file for excluded paths
[main]	INFO	Using ini file for skipped tests
[main]	INFO	Using command line arg for selected targets
[main]	INFO	profile include tests: None
[main]	INFO	profile exclude tests: None
[main]	INFO	cli include tests: None
[main]	INFO	cli exclude tests: B413,B601,B501,B602,B605
[main]	INFO	running on Python 2.7.13
66 [0.. 50.. ]
Run started:2018-10-08 09:06:15.117350

Test results:
.......

Code scanned:
	Total lines of code: 16347
	Total lines skipped (#nosec): 3

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 83
		Medium: 64
		High: 2
	Total issues (by confidence):
		Undefined: 0
		Low: 23
		Medium: 7
		High: 119
Files skipped (0):

My question is , the total code line scanned is the same as before and after I write the .bandit file and the command line output do not give me clearly information that my config to exclude /templates folder works or not.

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:6 (3 by maintainers)

github_iconTop GitHub Comments

2reactions
gothravencommented, Feb 6, 2019

better use in your bandit config file

exclude_dirs:
  - path/to/file.py
  - path
0reactions
ehooocommented, May 21, 2019
Read more comments on GitHub >

github_iconTop Results From Across the Web

bandit - Adding command line option to exclude paths
This commit adds a command line option '--exclude' where comma separated paths to exclude can be provided. These will be excluded in addition...
Read more >
Configuration — Bandit documentation - Read the Docs
comma separated list of excluded paths (directories or files) – YAML and TOML only; skips: comma separated list of tests to skip; tests:...
Read more >
Remove venv folder from bandit scan - python - Stack Overflow
poetry run bandit --exclude "./absolute/path/.venv" -r . Use the absolute path in the config file too: [tool.bandit] targets = "my_package" ...
Read more >
Bandit Documentation - Read the Docs
Bandit is a tool designed to find common security issues in Python code. To do this, Bandit processes each file, builds.
Read more >
bandit 0.17.2 - PyPI
Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found