Support configfile in .bandit file (#1052)

* Support `(--)config` in `.bandit` file * Use `configfile` instead of `config` --------- Co-authored-by: Eric Brown <ericwb@users.noreply.github.com>
PyCQA · Jun 12, 2024 · 691f465 · 691f465
1 parent f1a397e
commit 691f465
Showing 1 changed file with 13 additions and 6 deletions.
diff --git a/bandit/cli/main.py b/bandit/cli/main.py
@@ -450,16 +450,17 @@ def main():
  args.confidence = 4
  # Other strings will be blocked by argparse
 
- try:
- b_conf = b_config.BanditConfig(config_file=args.config_file)
- except utils.ConfigError as e:
- LOG.error(e)
- sys.exit(2)
-
  # Handle .bandit files in projects to pass cmdline args from file
  ini_options = _get_options_from_ini(args.ini_path, args.targets)
  if ini_options:
  # prefer command line, then ini file
+ args.config_file = _log_option_source(
+ parser.get_default("configfile"),
+ args.config_file,
+ ini_options.get("configfile"),
+ "config file",
+ )
+
  args.excluded_paths = _log_option_source(
  parser.get_default("excluded_paths"),
  args.excluded_paths,
@@ -592,6 +593,12 @@ def main():
  "path of a baseline report",
  )
 
+ try:
+ b_conf = b_config.BanditConfig(config_file=args.config_file)
+ except utils.ConfigError as e:
+ LOG.error(e)
+ sys.exit(2)
+
  if not args.targets:
  parser.print_usage()
  sys.exit(2)