Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default nosec_lines to dictionary instead of list #1

Closed
wants to merge 1 commit into from
Closed

Default nosec_lines to dictionary instead of list #1

wants to merge 1 commit into from

Conversation

f-fl0
Copy link

@f-fl0 f-fl0 commented Mar 5, 2022

This PR provides a simple fix to the following issue I ran into when trying to run bandit on a python script via flake8 from https://github.com/nastra/flake8-bandit/tree/fix-issue-with-latest-bandit

Traceback (most recent call last):
  File "/usr/local/bin/flake8", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.8/site-packages/flake8/main/cli.py", line 22, in main
    app.run(argv)
  File "/usr/local/lib/python3.8/site-packages/flake8/main/application.py", line 375, in run
    self._run(argv)
  File "/usr/local/lib/python3.8/site-packages/flake8/main/application.py", line 364, in _run
    self.run_checks()
  File "/usr/local/lib/python3.8/site-packages/flake8/main/application.py", line 271, in run_checks
    self.file_checker_manager.run()
  File "/usr/local/lib/python3.8/site-packages/flake8/checker.py", line 311, in run
    self.run_serial()
  File "/usr/local/lib/python3.8/site-packages/flake8/checker.py", line 295, in run_serial
    checker.run_checks()
  File "/usr/local/lib/python3.8/site-packages/flake8/checker.py", line 597, in run_checks
    self.run_ast_checks()
  File "/usr/local/lib/python3.8/site-packages/flake8/checker.py", line 500, in run_ast_checks
    for (line_number, offset, text, _) in runner:
  File "/usr/local/lib/python3.8/site-packages/flake8_bandit.py", line 136, in run
    for warn in self._check_source():
  File "/usr/local/lib/python3.8/site-packages/flake8_bandit.py", line 118, in _check_source
    bnv.generic_visit(self.tree)
  File "/usr/local/lib/python3.8/site-packages/bandit/core/node_visitor.py", line 263, in generic_visit
    if self.pre_visit(item):
  File "/usr/local/lib/python3.8/site-packages/bandit/core/node_visitor.py", line 208, in pre_visit
    nosec_tests = self.nosec_lines.get(node.lineno)
AttributeError: 'list' object has no attribute 'get'

How to reproduce

  1. Create sample.py with the following content:
def foo(a: str) -> List[str]:
    return a.split()


def function_with_try_except() -> None:
    try:
        foo("test")
    except Exception:
        pass
  1. Build a docker environment with the specific flake8-bandit
    Content of Dockerfile
FROM python:3.8-slim

RUN python -m pip install --no-cache-dir --upgrade pip \
  && python -m pip install --no-cache-dir https://github.com/nastra/flake8-bandit/archive/dfba03252ab83d5db2180fe5522816b730a5a993.tar.gz

COPY sample.py sample.py

CMD ["flake8", "sample.py"]

Build with docker build -t flake8-bandit-bug .

  1. Run the container to observe the reported error
    docker run --rm flake8-bandit-bug

@f-fl0
Copy link
Author

f-fl0 commented Mar 11, 2022

No longer necessary as tylerwince#26 was merged.

@f-fl0 f-fl0 closed this Mar 11, 2022
@f-fl0 f-fl0 deleted the fix-issue-with-latest-bandit branch March 11, 2022 06:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@f-fl0