search

PyCQA / bandit

Bandit is a tool designed to find common security issues in Python code.
https://bandit.readthedocs.io
Apache License 2.0
6.51k stars 612 forks source link

Support ignoring blacklists by name #1046

Closed costaparas closed 1 year ago

costaparas commented 1 year ago

This extends nosec parsing to enable blacklists to be ignored by their name, not just by id.

There were 2 issues with the previous implementation:

  1. The regex did not match numbers, which is needed for some names, such as md5. The code would only match "md" in this case.
  2. The function that maps plugin names to ids only considered plugins but not blacklists.

Both of these are now addressed.

Closes #988