This patch set adds pyCrypto to bandit's blacklist, so bandit will
strongly advise against using pyCrypto. As mentioned in the bug,
this may cause false positives if people use pyCrytodome, but will be
tracked and addressed in follow up patch set.
Depends-On: I0b1a90c3a47ad6d3b18597e5315e9f017854a146
Change-Id: I81f695cd31dee393ab4530dbcdb20dd925bbece2
Closes-Bug: #1655973
Currently, outputting bandit findings as YAML does not put the
``more_info`` URL in the output as it would if the output format
is HTML or JSON. This patch set updates the YAML formatter to
include the ``more_info`` URL to be inline with the HTML and JSON
formatters.
Change-Id: Ice134e3bbf67c59feb7a88b299e60838b6ad80d5
Closes-Bug: #1746827
Currently, outputting bandit findings as JSON does not put the ``more_info``
URL in the output as it would if the output format is HTML. This patch
set updates the JSON formatter to include the ``more_info`` URL to be inline
with the HTML display.
Change-Id: I58a8490b427fe146d517a8aff124f4443562f48b
Closes-Bug: #1695890
Signed-off-by: Tin Lam <tin@irrational.io>
Release notes are version independent, so remove version/release
values. We've found that projects now require the service package
to be installed in order to build release notes, and this is entirely
due to the current convention of pulling in the version information.
Release notes should not need installation in order to build, so this
unnecessary version setting needs to be removed.
This is needed for new release notes publishing, see
I56909152975f731a9d2c21b2825b972195e48ee8 and the discussion starting
at
http://lists.openstack.org/pipermail/openstack-dev/2017-November/124480.html
.
Change-Id: I096e956fa44f0dfa9b8210a221bcbe5afb385634
this patch makes 'targets' args optional and allows to specify them
in the ini file.
This makes it possible to keep most of bandit configuration right in
the ini file.
OpenStack projects can now populate their tox.ini with [bandit] section
and do 'bandit --ini {toxinidir}/tox.ini -r' almost uniformly
accross all projects.
Change-Id: Ia0153e0aaa602171690ca8f66635fbea69b1cfab
Closes-Bug: #1730307
Releasenote translation publishing is being prepared. 'locale_dirs'
needs to be defined in conf.py to generate translated version of the
release notes.
Note that this repository might not get translated release notes - or
no translations at all - but we add the entry here nevertheless to
prepare for it.
Change-Id: I7bb3b22bd8801eb26651b58e434cd6c756c55c80
lhinds