diff --git a/bandit/core/config.py b/bandit/core/config.py index 7c259bcc..236f357c 100644 --- a/bandit/core/config.py +++ b/bandit/core/config.py @@ -3,13 +3,17 @@ # # SPDX-License-Identifier: Apache-2.0 import logging +import sys import yaml -try: - import toml -except ImportError: - toml = None +if sys.version_info >= (3, 11): + import tomllib +else: + try: + import tomli as tomllib + except ImportError: + tomllib = None from bandit.core import constants from bandit.core import extension_loader @@ -34,14 +38,14 @@ def __init__(self, config_file=None): if config_file: try: - f = open(config_file) + f = open(config_file, "rb") except OSError: raise utils.ConfigError( "Could not read config file.", config_file ) if config_file.endswith(".toml"): - if toml is None: + if tomllib is None: raise utils.ConfigError( "toml parser not available, reinstall with toml extra", config_file, @@ -49,8 +53,8 @@ def __init__(self, config_file=None): try: with f: - self._config = toml.load(f)["tool"]["bandit"] - except toml.TomlDecodeError as err: + self._config = tomllib.load(f)["tool"]["bandit"] + except tomllib.TOMLDecodeError as err: LOG.error(err) raise utils.ConfigError("Error parsing file.", config_file) else: diff --git a/setup.cfg b/setup.cfg index 5d570eea..7449f15b 100644 --- a/setup.cfg +++ b/setup.cfg @@ -31,7 +31,7 @@ project_urls = yaml = PyYAML toml = - toml + tomli>=1.1.0; python_version < "3.11" [entry_points] console_scripts = diff --git a/test-requirements.txt b/test-requirements.txt index b2e3c379..6c8c57e7 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -7,6 +7,6 @@ flake8>=4.0.0 # Apache-2.0 stestr>=2.5.0 # Apache-2.0 testscenarios>=0.5.0 # Apache-2.0/BSD testtools>=2.3.0 # MIT -toml # MIT +tomli>=1.1.0;python_version<"3.11" # MIT beautifulsoup4>=4.8.0 # MIT pylint==1.9.4 # GPLv2