use bandit.yml as default config file (resolves PyCQA#318)

rooterkyberian · Feb 28, 2019 · 62e20a6 · 62e20a6
1 parent 58a2fd6
commit 62e20a6
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 14 deletions.
diff --git a/README.rst b/README.rst
@@ -295,26 +295,28 @@ An optional config file may be supplied and may include:
 
 Per Project Command Line Args
 -----------------------------
-Projects may include a `.bandit` file that specifies command line arguments
+Projects may include a `.bandit.yml` file that specifies command line arguments
 that should be supplied for that project. The currently supported arguments
 are:
 
- - targets: comma separated list of target dirs/files to run bandit on
- - exclude: comma separated list of excluded paths
- - skips: comma separated list of tests to skip
- - tests: comma separated list of tests to run
+ - targets: list of target dirs/files to run bandit on
+ - exclude: list of excluded paths
+ - skips: list of tests to skip
+ - tests: list of tests to run
 
-To use this, put a .bandit file in your project's directory. For example:
+To use this, put a .bandit.yml file in your project's directory. For example:
 
 ::
 
-   [bandit]
-   exclude: /test
+   exclude:
+     - /test
 
 ::
 
-   [bandit]
-   tests: B101,B102,B301
+   tests:
+     - B101
+     - B102
+     - B301
 
 
 Exclusions

diff --git a/bandit/cli/main.py b/bandit/cli/main.py
@@ -28,7 +28,6 @@
 from bandit.core import utils
 
 
-BASE_CONFIG = 'bandit.yaml'
 LOG = logging.getLogger()
 
 

diff --git a/bandit/core/config.py b/bandit/core/config.py
@@ -15,6 +15,7 @@
 # under the License.
 
 import logging
+import os.path
 
 import yaml
 
@@ -23,6 +24,7 @@
 from bandit.core import utils
 
 
+BASE_CONFIG = 'bandit.yml'
 LOG = logging.getLogger(__name__)
 
 
@@ -39,6 +41,8 @@ def __init__(self, config_file=None):
         self.config_file = config_file
         self._config = {}
 
+        if config_file is None and os.path.exists(BASE_CONFIG):
+            config_file = BASE_CONFIG
         if config_file:
             try:
                 f = open(config_file, 'r')

diff --git a/tests/unit/cli/test_baseline.py b/tests/unit/cli/test_baseline.py
@@ -83,7 +83,7 @@ def test_bandit_baseline(self):
         git_repo.index.commit('Initial commit')
         os.chdir(repo_directory)
 
-        with open('bandit.yaml', 'wt') as fd:
+        with open('bandit.yml', 'wt') as fd:
             fd.write(config)
 
         # create three branches, first has only benign, second adds malicious,
@@ -102,8 +102,7 @@ def test_bandit_baseline(self):
                                'benign_two.py'],
                      'expected_return': 0}]
 
-        baseline_command = ['bandit-baseline', '-c', 'bandit.yaml', '-r', '.',
-                            '-p', 'test']
+        baseline_command = ['bandit-baseline', '-r', '.', '-p', 'test']
 
         for branch in branches:
             branch['branch'] = git_repo.create_head(branch['name'])
Original file line number	Diff line number	Diff line change
Expand Up		@@ -28,7 +28,6 @@
		from bandit.core import utils


		BASE_CONFIG = 'bandit.yaml'
		LOG = logging.getLogger()


Expand Down