python/bandit: Use .bandit configuration file

Bandit automatically [uses any .bandit file] within the directories on which it is invoked. Since ALE invokes bandit on stdin, it does not load a .bandit file automatically. Add support for automatically finding a .bandit file and passing it to bandit via the --ini option along with a variable to disable this behavior if desired. Note: This is useful for the skips and tests configuration options, but not exclude which would require invoking bandit using a file name, which may or may not be a good trade-off. [uses any .bandit file]: https://github.com/PyCQA/bandit/blob/1.5.1/bandit/cli/main.py#L70-L73 Signed-off-by: Kevin Locke <kevin@kevinlocke.name>
2026-01-21 02:22:13 +08:00 · 2019-02-17 14:11:56 -07:00
parent c3d4e0983b
commit 52c2400786
6 changed files with 42 additions and 0 deletions
--- a/doc/ale-python.txt
+++ b/doc/ale-python.txt
@@ -88,6 +88,17 @@ g:ale_python_bandit_options                       *g:ale_python_bandit_options*
  bandit invocation.


+g:ale_python_bandit_use_config                 *g:ale_python_bandit_use_config*
+                                               *b:ale_python_bandit_use_config*
+  Type: |Number|
+  Default: `1`
+
+  If this variable is true and a `.bandit` file exists in the directory of the
+  file being checked or a parent directory, an `--ini` option is added to the
+  `bandit` command for the nearest `.bandit` file.  Set this variable false to
+  disable adding the `--ini` option automatically.
+
+
 g:ale_python_bandit_use_global                 *g:ale_python_bandit_use_global*
                                               *b:ale_python_bandit_use_global*
  Type: |Number|