Comments (6)
@sobolevn , good point on encoding! I am not yet confident with flake8
development so I'd have hard time working on receiving a new parameter in the constructor.
:)
Regarding the tests in this repo, we won't be able to add any unless we know the pull request could be accepted - let's wait for @tylerwince to respond first?
Also, if we will have tests, would it be possible to add CI operation - the current repo does not seem to have any associated unless I am missing something.
from flake8-bandit.
Cheers @sobolevn and @AlexArcPy -- Thanks for the dialog above.
I would definitely welcome a PR for some tests and can get some CI stuff going with TravisCI once we they exist.
As for the encoding stuff - I have been meaning to change the way this works for a while. Unfortunately, different editors require the plugin to work differently to lint the file. I haven't had the time to go back and refactor lines https://github.com/tylerwince/flake8-bandit/blob/master/flake8_bandit.py#L64-L69 but that is where the issue lies.
If one of you guys has a good idea on how to remove the requirement of the additional file, I'd gladly accept a PR, otherwise I will take a crack at it this weekend.
Thanks for using the plugin! Glad it is useful
from flake8-bandit.
Hi, @tylerwince ! Thanks for writing this plugin. We are using it as a dependency in our linter: https://github.com/wemake-services/wemake-python-styleguide
So, this issue also affects us as well.
I am pretty sure that this error is caused by these lines:
https://github.com/tylerwince/flake8-bandit/blob/master/flake8_bandit.py#L62-L73
What can be done it improve it?
- We can just receive
lines
fromflake8
http://flake8.pycqa.org/en/latest/plugin-development/plugin-parameters.html#indicating-desired-data they should be already in the correct format/encoding - We can write some tests that russian letters now work, this will ensure that this won't happen again
@tylerwince Does this sound reasonable to you?
@AlexArcPy Are you willing to provide a PR? This would be awesome!
from flake8-bandit.
@sobolevn , I've tested that changing line 72
with open(self.filename) as f:
to
with io.open(self.filename, 'r', encoding='utf-8') as f:
makes it working with utf-8
files including having Cyrillic chars (both with magic encoding and without). Tested on both 2.7 and 3.6.
Nikita, did you mean to write a test in the wemake-python-styleguide
repo?
from flake8-bandit.
@AlexArcPy no, I meant writing tests in this repo. Currently it does not have any 🙁
The problem with with io.open(self.filename, 'r', encoding='utf-8') as f:
is that you are hardcoding an encoding. Encoding might differ for different locales and users. So, we should guess it instead.
flake8
does this for you, however. So, there is no need to do anything except just receiving a new parameter in the constructor.
from flake8-bandit.
@AlexArcPy @sobolevn I apologize for the delay on this. I am just getting around to working on this project. I have updated the way we parse the file for the next version (see branch https://github.com/tylerwince/flake8-bandit/tree/v2.0). It appears to have fixed the original issue on this so I suggest we close it and I am going to open up a new issue for testing.
Please reopen if you are still experiencing the same issue.
from flake8-bandit.
Related Issues (20)
- "'ExceptHandler' object has no attribute 'depth'" HOT 7
- Multiple test failures on Python 3.8
- 2.1.2 version tag doesn't exist
- Missing many vulnerabilities that bandit picks up HOT 1
- Support `nosec` comments
- Bandit 1.7.3 addition of new positional argument ``fdata`` causes ``TypeError`` HOT 21
- Bandit 1.7.3 breaks flake8-bandit 2.1.2 HOT 2
- New release on PyPI HOT 2
- Unable to find qualified name for module: file.py HOT 1
- Different results in different Python versions (S303 vs. S324) HOT 1
- flake8-bandit stopping other extension's error codes from being raised HOT 1
- ConfigFileFinder is removed from flake8 HOT 7
- What is the difference between using bandit directly and your library? HOT 1
- Crashes with flake8 5 HOT 2
- [Request] Would it be possible to make a new release to PyPI? HOT 3
- Does/Can/Will this plugin support configuration via `pyproject.toml`? HOT 4
- flake8 5 breaks plugin no attribute ConfigFileFinder HOT 1
- S601 for sanitized command
- S608: false positive HOT 1
- Meaningless error S113
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flake8-bandit.