78643c5b21
Previously, the default bandit.yaml config file had an entry for a relative word-list which is only really useful if running bandit from git, as the path is both relative but also the default word-list is not installed by the bandit python package. If the word-list from the config cannot be found, the current behavior is to silently continue with an empty set, meaning that this test does not function at all - giving a false sense of assurance. This change installs the default word_list to: - /usr/local/share/bandit/wordlist/default-passwords The config file now supports "(site_data_dir)" for substitution, which is replaced by distro standard site_data locations (including /usr/local and /usr). The first substitution attempted is still relative to the pwd, to allow the current working tree (and unit tests) to function). Crucially, this change now raises an exception if the declared word-list cannot be found. Closes-Bug: #1451575 Signed-off-by: Dave Walker (Daviey) <email@daviey.com> Change-Id: Ia090ee6b16866d374191c03de55529fbd6a10c99 |
||
---|---|---|
.. | ||
config | ||
core | ||
plugins | ||
__init__.py | ||
bandit.py |