Fixes exit code for filtered results

This commit fixes the return code when using a severity filter. Prior to this commit the exit code would be '1' - indicating results even when there weren't results displayed. This was because the exit code is based on total results whereas the display is based on a filtered subset of the results. Rather than filtering the results earlier on, this commit leaves the full set of results available for formatters that may want it. It also adds filter functionality to the results counter that the main module uses to determine what the exit code should be. Change-Id: I0b29ccab31c0898ebe84121d37cb0478ac3e2da9 Closes-Bug: #1480014 Closes-Bug: #1479216
2015-08-03 13:57:00 -06:00 · 2015-08-03 13:57:00 -06:00 · c6a7f7948b
parent 699048070e
commit c6a7f7948b
2 changed files with 24 additions and 4 deletions
--- a/bandit/bandit.py
+++ b/bandit/bandit.py
@ -190,7 +190,7 @@ def main():
                         args.output_format)

    # return an exit code of 1 if there are results, 0 otherwise
-    if b_mgr.results_count > 0:
+    if b_mgr.results_count(sev_filter=args.level - 1) > 0:
        sys.exit(1)
    else:
        sys.exit(0)
--- a/bandit/core/manager.py
+++ b/bandit/core/manager.py
@ -20,6 +20,7 @@ import os
 import sys

 from bandit.core import config as b_config
+from bandit.core import constants as constants
 from bandit.core import meta_ast as b_meta_ast
 from bandit.core import node_visitor as b_node_visitor
 from bandit.core import result_store as b_result_store
@ -93,13 +94,32 @@ class BanditManager():
    def get_resultstore(self):
        return self.b_rs

-    @property
-    def results_count(self):
+    def results_count(self, sev_filter=None, conf_filter=None):
        '''Return the count of results

+        :param sev_filter: Severity level to filter lower
+        :param conf_filter: Confidence level to filter
        :return: Number of results in the set
        '''
-        return self.b_rs.count
+        count = 0
+
+        rank = constants.RANKING
+
+        for issue_file in self.b_rs.resstore:
+            for issue in self.b_rs.resstore[issue_file]:
+
+                if (sev_filter and
+                        rank.index(issue['issue_severity']) < sev_filter):
+                    # don't count if this doesn't match filter requirement
+                    continue
+
+                if (conf_filter and
+                        rank.index(issue['issue_confidence']) < conf_filter):
+                    continue
+
+                count += 1
+
+        return count

    def output_results(self, lines, level, output_filename, output_format):
        '''Outputs results from the result store