bandit
A tool for finding security issues in Python code (https://bandit.readthedocs.io).
Backend: ``
Config section: [bandit]
Basic options
args
--bandit-args="[<shell_str>, <shell_str>, ...]"PANTS_BANDIT_ARGS[bandit]
args = [
<shell_str>,
<shell_str>,
...,
]
[]Arguments to pass directly to Bandit, e.g. --bandit-args="--skip B101,B308 --confidence"
skip
--[no-]bandit-skipPANTS_BANDIT_SKIP[bandit]
skip = <bool>
FalseDon't use Bandit when running /home/josh/work/scie-pants/dist/pants lint
Advanced options
config
--bandit-config=<file_option>PANTS_BANDIT_CONFIG[bandit]
config = <file_option>
NonePath to a Bandit YAML config file (https://bandit.readthedocs.io/en/latest/config.html).
console_script
--bandit-console-script=<str>PANTS_BANDIT_CONSOLE_SCRIPT[bandit]
console_script = <str>
banditThe console script for the tool. Using this option is generally preferable to (and mutually exclusive with) specifying an --entry-point since console script names have a higher expectation of staying stable across releases of the tool. Usually, you will not want to change this from the default.
entry_point
--bandit-entry-point=<str>PANTS_BANDIT_ENTRY_POINT[bandit]
entry_point = <str>
NoneThe entry point for the tool. Generally you only want to use this option if the tool does not offer a --console-script (which this option is mutually exclusive with). Usually, you will not want to change this from the default.
extra_requirements
--bandit-extra-requirements="['<str>', '<str>', ...]"PANTS_BANDIT_EXTRA_REQUIREMENTS[bandit]
extra_requirements = [
'<str>',
'<str>',
...,
]
[ "setuptools<45", "stevedore<3" ]
Any additional requirement strings to use with the tool. This is useful if the tool allows you to install plugins or if you need to constrain a dependency to a certain version.
version
--bandit-version=<str>PANTS_BANDIT_VERSION[bandit]
version = <str>
bandit>=1.6.2,<1.7Requirement string for the tool.
Deprecated options
None
Related subsystems
None