Hey! These docs are for version 2.0, which is no longer officially supported. Click here for the latest version, 2.7!

A tool for finding security issues in Python code (https://bandit.readthedocs.io).

Config section: [bandit]

Basic options

--[no-]bandit-skip
PANTS_BANDIT_SKIP
skip
default: False
Don't use Bandit when running `./pants lint`

--bandit-args="[<shell_str>, <shell_str>, ...]"
PANTS_BANDIT_ARGS
args
default: []
Arguments to pass directly to Bandit, e.g. `--bandit-args="--skip B101,B308 --confidence"`

Advanced options

--bandit-version=<str>
PANTS_BANDIT_VERSION
version
default: bandit>=1.6.2,<1.7
Requirement string for the tool.

--bandit-extra-requirements="['<str>', '<str>', ...]"
PANTS_BANDIT_EXTRA_REQUIREMENTS
extra_requirements
default:
[
  "setuptools<45",
  "stevedore<3"
]

Any additional requirement strings to use with the tool. This is useful if the tool allows you to install plugins or if you need to constrain a dependency to a certain version.

--bandit-entry-point=<str>
PANTS_BANDIT_ENTRY_POINT
entry_point
default: bandit
The main module for the tool. Usually, you will not want to change this from the default.

--bandit-config=<file_option>
PANTS_BANDIT_CONFIG
config
default: None
Path to a Bandit YAML config file

Deprecated options

--bandit-interpreter-constraints="['<str>', '<str>', ...]"
PANTS_BANDIT_INTERPRETER_CONSTRAINTS
interpreter_constraints
default: []
Deprecated, will be removed in version: 2.1.0.dev0
This option no longer does anything, as Pants auto-configures the interpreter constraints for bandit based on your code's interpreter constraints.
Python interpreter constraints for this tool.


Did this page help you?