Currently the plugin listing found at the link below [1] is unsorted
by bandit ID number, yet the IDs are listed, making it confusing
to look at.
This patch sorts the plugin list by renaming each plugin filename
so that sphinx sorts accordingly.
[1] https://docs.openstack.org/bandit/latest/plugins/index.html#complete-test-plugin-listing
Change-Id: Ib16b85d1025dd667f711e8571dd58a59deb74d29
Implements: custom formatter
Custom formatter can be used to output a machine-readable, easily
parsable and customizable format using set of predefined tags
to suite various needs.
Output string is formatted using python string.format() standards
and therefore provides familiar usage.
Usage: bandit --format custom [--msg-template MSG-TEMPLATE] targets
See bandit --help for additional information and list of available tags
modified: bandit/cli/main.py
modified: bandit/core/manager.py
modified: README.rst
modified: setup.cfg
new file: bandit/formatters/custom.py
Change-Id: I900c9689cddb048db58608c443305e05e7a4be14
Signed-off-by: Marek Cermak <macermak@redhat.com>
The developer docs for B502 and B503 have their titles swapped,
and link to themselves instead of to each other. This fixes that.
Change-Id: I17f8ce00d124f6a88a34710e58084973be2f477f
Allows someone to feed a file/text into bandit from a pipe rather
than just the 'targets' argument.
Usage example:
cat examples/imports.py | bandit -
Change-Id: I1566684c0ae5476374960095816cb1720ff465a2
This commit adds a missing section in the Bandit plugin
documentation for developers that describes how gen_config should
be used to declare and set default values for parameters.
Closes-Bug: #1602002
Change-Id: Iac3135394c9f723f04d9756459a0d5595de07021
The argparse module already has the capability to default to stdout
at CLI parameter definition time. This patch utilizes this and avoids
the opening of the output file by each formatter.
Change-Id: Ib1e89492558fe1fc06966711b6014bd5b86b84c8
bandit/core/node_visitor.py is a module rather than a script.
doc/source/conf.py is a configuration file rather than a script.
Change-Id: I08d855da5adab6c722ce63d120dc437c1ca81f6b
Along with a 'try, except, pass' check, we should also check for the
similar existance of 'try, except, continue', which raises the same
type of security implications, given the similar type of functionality.
Using 'continue' in place of 'pass' (inside a loop) currently allows
code to bypass the 'try, except, pass' warning.
Change-Id: I3e7ce037518875c5f5e46e26e1d72ef878f78a2f
The docs for these tests were very out of date. This fixes them
and also removes the old wordlist, as its not used by anything.
Change-Id: I28c047dfd0041824e08e28e1239ccbae8c7141a0
This fixes the misspelling in the Plugin ID Groupings section of
page plugins/index.html. It says 'miss-configuration' when it
should say 'misconfiguration'.
Change-Id: I243da1062ddcb164c4049b725b52f684eeb020c7
Closes-Bug: #1537119
This fixes the extra letter 's' in the title of the main page for
the developers documentation. It shows:
Welcome to Bandits’s developer documentation!
when it should be:
Welcome to Bandit’s developer documentation!
Change-Id: Ib16f0c9ee43f3a3adbf4592bb4e1a8b126c06b24
Closes-Bug: #1536804
The link to the plugin list currently points to tests/index.html
which does not exist so clicking on it returns a page not found.
Change-Id: I45e2a77dca9438ee201f095e3c24f3471efbb6a0
Closes-Bug: #1536347
* The formatter docs should use same sphinx tags as the plugins
* The screen formatter was missing docs
Change-Id: I8031644df5dc8469a00bdf7308f995810660744a
* Add test IDs in the title of the plugin
* Make use of proper sphinx tags
* Add new Plugin ID Groupings section to plugins index
Change-Id: Ic0015da7fc9648564ea11250ba30ef301f3cd6bd
Add some documentation around the available formatters and how
a user might want to plugin their own. Uses the sphinx autodoc
feature.
Change-Id: Ic90fbc3928de9149220209d6bd3b3be35b8a2f9a
Rather than having separate rst documentation files, this patch auto
generates the docs from the docstrings in the modules. Should
make it easier to maintain.
Also renamed directory docs to doc to be consistent with all other
OpenStack projects.
Change-Id: Iaed77f8358ccb6edaf2627fbabdcc855272b4ea2
lhinds