search

PyCQA / bandit

Bandit is a tool designed to find common security issues in Python code.
https://bandit.readthedocs.io
Apache License 2.0
6.49k stars 608 forks source link

Bandit throwing error on Python 3.7 #953

Closed muaz-jasman closed 10 months ago

muaz-jasman commented 2 years ago

Describe the bug

Bandit throwing error on Python 3.7.X

When I try to run Bandit (bandit==1.7.4) using Python version 3.7.X , I get an error "Error: Process completed with exit code 1." Running the scanner on Python 3.8 and above works just fine but not 3.7. We know that the latest bandit no longer supported python 3.6 and below.

Error Message:

Traceback (most recent call last):
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/stevedore/_cache.py", line 159, in _get_data_for_path
    with open(filename, 'r') as f:
FileNotFoundError: [Errno 2] No such file or directory: '/home/runner/.cache/python-entrypoints/a1cb74cb84264c966888fa7a9c801bef153d99daa5096a7a254c6e987[46](https://github.com/ExxonMobil/Goats/actions/runs/3186807840/jobs/5197763724#step:4:47)324b3'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/runpy.py", line 183, in _run_module_as_main
    mod_name, mod_spec, code = _get_module_details(mod_name, _Error)
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/runpy.py", line 142, in _get_module_details
    return _get_module_details(pkg_main_name, error)
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/runpy.py", line 109, in _get_module_details
    __import__(pkg_name)
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/bandit/__init__.py", line 7, in <module>
    from bandit.core import config  # noqa
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/bandit/core/__init__.py", line 5, in <module>
    from bandit.core import config  # noqa
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/bandit/core/config.py", line 15, in <module>
    from bandit.core import extension_loader
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/bandit/core/extension_loader.py", line 109, in <module>
    MANAGER = Manager()
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/bandit/core/extension_loader.py", line 21, in __init__
    self.load_formatters(formatters_namespace)
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/bandit/core/extension_loader.py", line 29, in load_formatters
    verify_requirements=False,
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/stevedore/extension.py", line 136, in __init__
    verify_requirements)
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/stevedore/extension.py", line 218, in _load_plugins
    for ep in self.list_entry_points():
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/stevedore/extension.py", line 207, in list_entry_points
    eps = list(_cache.get_group_all(self.namespace))
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/stevedore/_cache.py", line 179, in get_group_all
    data = self._get_data_for_path(path)
  File "/opt/hostedtoolcache/Python/3.7.9/x64/lib/python3.7/site-packages/stevedore/_cache.py", line 1[62](https://github.com/ExxonMobil/Goats/actions/runs/3186807840/jobs/5197763724#step:4:63), in _get_data_for_path
    data = _build_cacheable_data(path)
  File "/opt/hostedtoolcache/Python/3.7.9/x[64](https://github.com/ExxonMobil/Goats/actions/runs/3186807840/jobs/5197763724#step:4:65)/lib/python3.7/site-packages/stevedore/_cache.py", line 110, in _build_cacheable_data
    for name, group_data in real_groups.items():
AttributeError: 'EntryPoints' object has no attribute 'items'
Error: Process completed with exit code 1.

Any idea what's up?

Reproduction steps

1.Run bandit on Python 3.7

Expected behavior

Scanning completed and show all the findings

Bandit version

1.7.4 (Default)

Python version

3.7

Additional context

No response

mportesdev commented 2 years ago

Hi @muaz-jasman, this seems to be the same issue as reported in #951. I already opened a pull request #952 to fix this.

mportesdev commented 2 years ago

Problem fixed in stevedore 3.5.2 @muaz-jasman please close this issue if you don't reproduce it with Python 3.7 + stevedore 3.5.2.

ericwb commented 10 months ago

Noted as fixed in stevedore 3.5.2