Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / PyCQA/bandit issues and pull requests
#987 - False positive for B105 / Possible hardcoded password
Issue -
State: open - Opened by linusjf over 1 year ago
- 3 comments
Labels: bug
#986 - Move the metadata into `pyproject.toml`.
Pull Request -
State: closed - Opened by KOLANICH over 1 year ago
- 1 comment
#985 - Added a bit more `project_urls`
Pull Request -
State: closed - Opened by KOLANICH over 1 year ago
#984 - S608: false positive SQL injection detected
Issue -
State: open - Opened by spaceone over 1 year ago
- 4 comments
Labels: enhancement
#983 - Fix breaking build due to new tox
Pull Request -
State: closed - Opened by ericwb over 1 year ago
#982 - Add the ability to skip files and directories to other tests
Issue -
State: open - Opened by simple-nathan over 1 year ago
Labels: enhancement
#981 - Correct passenv in tox
Pull Request -
State: closed - Opened by gliptak over 1 year ago
- 5 comments
#980 - Correct build status badge in README
Pull Request -
State: closed - Opened by gliptak over 1 year ago
#979 - Update config.rst pre-commit section to new format
Pull Request -
State: closed - Opened by Jaciss over 1 year ago
- 1 comment
#977 - some SQL injections not detected
Issue -
State: open - Opened by lightsgoout almost 2 years ago
- 2 comments
Labels: bug
#976 - Make GitPython dependency optional?
Issue -
State: closed - Opened by bachya almost 2 years ago
- 3 comments
Labels: bug
#975 - Exclusion filter not working correctly with relative paths
Issue -
State: open - Opened by kenahoo almost 2 years ago
Labels: bug
#974 - Got error: IndexError: list index out of range
Issue -
State: closed - Opened by goto110 almost 2 years ago
- 2 comments
Labels: bug
#973 - New `exclude_regex` Filter to Address False Positives on Password Tests
Issue -
State: open - Opened by comc almost 2 years ago
Labels: enhancement
#971 - gitpython version 3.1.29 has a RCE vulnerability (CVE-2022-24439)
Issue -
State: closed - Opened by CrypticGuru almost 2 years ago
- 3 comments
Labels: bug
#970 - Match sql strings from the beginning to avoid FPs
Pull Request -
State: closed - Opened by tushar-deepsource almost 2 years ago
- 2 comments
#969 - Merge pull request #1 from PyCQA/master
Pull Request -
State: closed - Opened by metalcode03 almost 2 years ago
#968 - DOC: Add explanation on how to use pre-commit with config file
Pull Request -
State: closed - Opened by phofl almost 2 years ago
#966 - Unable to exclude directories when running the CLI
Issue -
State: open - Opened by mpas almost 2 years ago
- 2 comments
Labels: bug
#964 - Add official Python 3.11 support
Pull Request -
State: closed - Opened by ericwb almost 2 years ago
- 3 comments
#963 - Clarify "getting started" docs
Pull Request -
State: open - Opened by Flimm almost 2 years ago
#962 - Allow using test_name in custom formatter
Issue -
State: open - Opened by krishan711 almost 2 years ago
Labels: enhancement
#961 - UnicodeError Parsing TOML
Issue -
State: closed - Opened by adam-grant-hendry almost 2 years ago
- 2 comments
Labels: bug
#960 - Bandit with python 3.6 cannot be installed
Issue -
State: closed - Opened by AbdealiLoKo almost 2 years ago
- 1 comment
Labels: bug
#959 - Add explicit pbr requirement
Pull Request -
State: closed - Opened by mikelolasagasti almost 2 years ago
- 6 comments
#956 - Tests do not load on Python 3.7 with `importlib-metadata` 5.0.0 and `stevedore` 3.5.1
Issue -
State: closed - Opened by mcdonnnj almost 2 years ago
- 10 comments
Labels: bug
#953 - Bandit throwing error on Python 3.7
Issue -
State: closed - Opened by muaz-jasman almost 2 years ago
- 3 comments
Labels: bug
#952 - Set constraint for importlib-metadata
Pull Request -
State: closed - Opened by mportesdev almost 2 years ago
- 5 comments
#951 - Bandit broken via `stevedore` dependency with `importlib-metadata>=5`.
Issue -
State: closed - Opened by emcd almost 2 years ago
- 9 comments
Labels: bug
#949 - Create SECURITY.md
Issue -
State: closed - Opened by benharvie about 2 years ago
- 1 comment
#948 - Bandit should deprecate xml.etree use
Issue -
State: closed - Opened by clavedeluna about 2 years ago
Labels: bug
#947 - remove py2 exec example in docs
Pull Request -
State: closed - Opened by clavedeluna about 2 years ago
#946 - Resolve #714
Pull Request -
State: closed - Opened by meuzgebre about 2 years ago
- 2 comments
#944 - Make -c support ini as well.
Pull Request -
State: open - Opened by CTimmerman about 2 years ago
- 3 comments
#942 - Erroneous "no test failure on line" warning from plugin alert nosec?
Issue -
State: open - Opened by fiendish about 2 years ago
- 3 comments
Labels: bug
#941 - * bandit/cli/main.py: Set log level to ERROR if -q option is passed.
Pull Request -
State: open - Opened by bje- about 2 years ago
- 4 comments
#940 - Add `random.Random` to B311 checks
Pull Request -
State: closed - Opened by shiftinv about 2 years ago
- 1 comment
#936 - general_bad_file_permission only works for mode as int
Issue -
State: open - Opened by ericwb about 2 years ago
- 2 comments
Labels: bug
#935 - More precise testing of plugins
Pull Request -
State: open - Opened by ericwb about 2 years ago
#926 - Inconsistency of `random.Random` detection between different platforms
Issue -
State: closed - Opened by shiftinv about 2 years ago
Labels: bug
#917 - Improve detecting SQL injections in f-strings
Pull Request -
State: closed - Opened by kfrydel over 2 years ago
- 4 comments
#916 - bandit does not detect SQL injection (B608) if FormattedValue is between "select" and "from" clauses
Issue -
State: closed - Opened by kfrydel over 2 years ago
- 1 comment
Labels: bug
#915 - Improve handling nosec for multi-line strings
Pull Request -
State: closed - Opened by kfrydel over 2 years ago
- 9 comments
#912 - Skip tests folder on pre-commit
Issue -
State: open - Opened by wellingtonf-souza over 2 years ago
- 6 comments
Labels: bug
#907 - Unable to find qualified name
Issue -
State: closed - Opened by bje- over 2 years ago
- 5 comments
Labels: bug
#904 - Adding option to not print line's number: --no-line-numbers
Pull Request -
State: open - Opened by mayblo over 2 years ago
- 4 comments
#902 - Bandit can't read config file when run in pre-commit
Issue -
State: closed - Opened by RNKuhns over 2 years ago
- 7 comments
Labels: bug
#900 - Combine coverage data before generating report
Pull Request -
State: closed - Opened by mportesdev over 2 years ago
- 2 comments
#888 - Add a configuration option to prohibit `# nosec` without specific error codes
Issue -
State: open - Opened by mkniewallner over 2 years ago
- 1 comment
Labels: enhancement
#882 - Non-utf8 character causes crash when scanning
Issue -
State: closed - Opened by EstevamArantes over 2 years ago
- 3 comments
Labels: bug
#880 - #nosec doesn't work with multi-line strings and Python 3.10
Issue -
State: closed - Opened by marcinbarczynski over 2 years ago
- 1 comment
Labels: bug
#877 - Add flask.Markup XSS plugin
Pull Request -
State: open - Opened by raj3shp over 2 years ago
- 4 comments
#863 - Make use of rich for progress bar
Pull Request -
State: closed - Opened by ericwb over 2 years ago
- 5 comments
#840 - Replace pbr in favor of importlib
Pull Request -
State: closed - Opened by ericwb over 2 years ago
- 1 comment
#839 - Remove pbr runtime dependency in favor of importlib.metadata?
Issue -
State: closed - Opened by cjolowicz over 2 years ago
- 6 comments
Labels: enhancement
#826 - Use .gitignore as basis of default excludes
Issue -
State: open - Opened by ericwb over 2 years ago
- 1 comment
Labels: enhancement
#824 - Suggest fixes for issues
Pull Request -
State: closed - Opened by ericwb over 2 years ago
- 1 comment
#820 - Line range incorrect for a mult-line call (Python 3.7 only)
Issue -
State: closed - Opened by ericwb over 2 years ago
- 2 comments
Labels: bug
#801 - Translation of output messages
Issue -
State: closed - Opened by ericwb over 2 years ago
- 1 comment
Labels: enhancement
#767 - lxml guidance is not useful
Issue -
State: open - Opened by mwichmann over 2 years ago
- 6 comments
Labels: bug
#765 - django_rawsql_used: support keyword arguments used in `RawSQL`
Pull Request -
State: closed - Opened by kevinmarsh almost 3 years ago
- 3 comments
#764 - Django's `RawSQL` raises error if you use kwargs rather than args
Issue -
State: closed - Opened by kevinmarsh almost 3 years ago
Labels: bug
#760 - Convert three assignments to augmented source code
Issue -
State: closed - Opened by elfring almost 3 years ago
Labels: enhancement
#758 - Release with pyproject support
Issue -
State: closed - Opened by kinoute almost 3 years ago
- 4 comments
Labels: enhancement
#757 - New check: B113: TrojanSource - Bidirectional control characters
Pull Request -
State: closed - Opened by Lucas-C almost 3 years ago
- 12 comments
#749 - Add check for potential misuse of unicode
Issue -
State: closed - Opened by CarliJoy almost 3 years ago
- 1 comment
Labels: enhancement
#749 - Add check for potential misuse of unicode
Issue -
State: closed - Opened by CarliJoy almost 3 years ago
- 1 comment
Labels: enhancement
#749 - Add check for potential misuse of unicode
Issue -
State: closed - Opened by CarliJoy almost 3 years ago
- 1 comment
Labels: enhancement
#749 - Add check for potential misuse of unicode
Issue -
State: closed - Opened by CarliJoy almost 3 years ago
- 1 comment
Labels: enhancement
#749 - Add check for potential misuse of unicode
Issue -
State: closed - Opened by CarliJoy almost 3 years ago
- 1 comment
Labels: enhancement
#736 - Add config via setup.cfg
Issue -
State: open - Opened by okainov about 3 years ago
- 4 comments
Labels: enhancement
#735 - Pbr is unexpectedly required during runtime
Issue -
State: closed - Opened by kulikjak about 3 years ago
- 1 comment
Labels: bug
#733 - Error parsing pyproject.tml
Issue -
State: open - Opened by edgarriba about 3 years ago
- 4 comments
Labels: bug
#709 - B405 complains about any xml.etree.ElementTree import, not just parse-related ones
Issue -
State: open - Opened by vanschelven over 3 years ago
- 2 comments
Labels: bug
#709 - B405 complains about any xml.etree.ElementTree import, not just parse-related ones
Issue -
State: open - Opened by vanschelven over 3 years ago
- 2 comments
Labels: bug
#708 - Error message refers to "defusedxml.defuse_stdlib()" but calling that does not silence bandit
Issue -
State: open - Opened by vanschelven over 3 years ago
- 1 comment
Labels: bug
#708 - Error message refers to "defusedxml.defuse_stdlib()" but calling that does not silence bandit
Issue -
State: open - Opened by vanschelven over 3 years ago
- 1 comment
Labels: bug
#697 - Official Dockerhub image
Issue -
State: open - Opened by pzelnip over 3 years ago
- 4 comments
Labels: enhancement
#693 - ini "exclude" config is ignored
Issue -
State: open - Opened by RobGThai over 3 years ago
- 11 comments
Labels: bug
#678 - Conform more to command line standards
Issue -
State: open - Opened by ericwb almost 4 years ago
Labels: enhancement
#677 - Add metrics tests and minor scan updates
Pull Request -
State: closed - Opened by asears almost 4 years ago
#665 - Bandit 1.7.0 still picked up by Python 2
Issue -
State: closed - Opened by yoctozepto almost 4 years ago
- 6 comments
Labels: bug
#658 - #nosec not working for multi-line strings in python 3.8
Issue -
State: open - Opened by Stannislav almost 4 years ago
- 13 comments
Labels: bug
#657 - Bandit 1.6.3 does not respect excluded paths from .bandit file
Issue -
State: open - Opened by budgester almost 4 years ago
- 16 comments
Labels: bug
#656 - Undetected issues B104, B608
Issue -
State: closed - Opened by adideutsch almost 4 years ago
- 5 comments
Labels: bug
#646 - Support for the SARIF (Static Analysis Results Interchange Format)
Issue -
State: closed - Opened by abhaybhargav almost 4 years ago
- 8 comments
Labels: enhancement
#643 - How to exclude .bandit inside folder scan ?
Issue -
State: open - Opened by dugdug36 almost 4 years ago
- 1 comment
Labels: question
#640 - More control over exit code
Issue -
State: open - Opened by kbasgall about 4 years ago
- 4 comments
Labels: enhancement
#635 - Fix #495 - replace `fdata.readline` with `lines` iteration
Pull Request -
State: closed - Opened by jenda1 about 4 years ago
#635 - Fix #495 - replace `fdata.readline` with `lines` iteration
Pull Request -
State: closed - Opened by jenda1 about 4 years ago
#614 - Bandit is not differentiating between pyCrypto and pyCryptodome import
Issue -
State: closed - Opened by shashim22 over 4 years ago
- 4 comments
Labels: bug
#608 - Detect misuse of `psycopg2.sql.SQL` composable
Pull Request -
State: open - Opened by wtkm11 over 4 years ago
- 1 comment
#599 - Not found SQL injection
Issue -
State: closed - Opened by Niccolum over 4 years ago
- 3 comments
#595 - Ini file settings ignored
Issue -
State: open - Opened by GLeurquin over 4 years ago
- 3 comments
Labels: bug
#593 - Incorrect documentation links
Issue -
State: closed - Opened by roniemartinez over 4 years ago
- 4 comments
Labels: bug
#573 - Skipping tests via args in .pre-commit-config.yaml does not work.
Issue -
State: closed - Opened by flyinbutrs over 4 years ago
- 4 comments
#529 - False yaml.load positive with Loader=*SafeLoader subclass
Issue -
State: closed - Opened by scop about 5 years ago
- 4 comments
Labels: bug
#505 - Bandit is too slow to parse some files
Issue -
State: open - Opened by sk- over 5 years ago
- 5 comments
#505 - Bandit is too slow to parse some files
Issue -
State: open - Opened by sk- over 5 years ago
- 5 comments
#505 - Bandit is too slow to parse some files
Issue -
State: open - Opened by sk- over 5 years ago
- 5 comments