You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Let's say we have this pyproject.toml. I wish bandit could run this command bandit -c pyproject.toml and just look at the src directory in the targets configuration.
[tool.bandit]
targets = ["src"]
Why i need this?
bandit is run using the -r . command like this bandit -c pyproject.toml -r .. The problem with this command is that bandit will only search the current directory and ignore the targets configuration making the configuration useless. In fact bandit looks the entire directory including venv, src, tests, etc.
I had to change the configuration to ignore folders that shouldn't be scanned by bandit
I think making bandit read the targets configuration for the scan directory is more elegant and makes the command shorter like this bandit -c pyproject.toml
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Let's say we have this pyproject.toml. I wish bandit could run this command
bandit -c pyproject.tomland just look at the src directory in thetargetsconfiguration.Why i need this?
bandit is run using the
-r .command like thisbandit -c pyproject.toml -r .. The problem with this command is that bandit will only search the current directory and ignore thetargetsconfiguration making the configuration useless. In fact bandit looks the entire directory including venv, src, tests, etc.I had to change the configuration to ignore folders that shouldn't be scanned by bandit
I think making bandit read the
targetsconfiguration for the scan directory is more elegant and makes the command shorter like thisbandit -c pyproject.tomlBeta Was this translation helpful? Give feedback.
All reactions