Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Blacklist code B320 was removed and breaks my deploy #1228

Closed
djmv opened this issue Feb 3, 2025 · 4 comments · Fixed by #1230
Closed

Blacklist code B320 was removed and breaks my deploy #1228

djmv opened this issue Feb 3, 2025 · 4 comments · Fixed by #1230
Labels
enhancement New feature or request
Milestone
Release 1.8.3

Comments

@djmv
Copy link

djmv commented Feb 3, 2025

The official documentation is not updated
When read official doc still is B320 a valid code.

Image
Please update.

Image

Describe the solution
Also when remove a code, please leave a message stating that is an invalid code without through the ERROR. It could be resolved sending a message stating that code will be deprecated and recommend remove it, after an specific date. This prevent that a next deploy breaks everything that before works.

Thanks, I hope to help.
If I can contribute tell me.
@djmv djmv added the enhancement New feature or request label Feb 3, 2025
@lukehinds
Copy link
Member

Taking a look @djmv , apologies for the disruption

@ericwb
Copy link
Member

ericwb commented Feb 4, 2025
edited
Loading

FYI, the documentation is accurate. We don't remove documentation for rules that were removed for historical information. We include a note "The check for this call has been removed." to make this clear. It's also preserved in order to prevent a newly created rule to reuse the bandit ID which would cause other problems.

PR #1212

@ericwb
Copy link
Member

ericwb commented Feb 4, 2025
edited
Loading

Note, this also occurs with other removed tests such as B322.

.tox/py313/bin/bandit -t b322 -r examples/
[main]	INFO	profile include tests: None
[main]	INFO	profile exclude tests: None
[main]	INFO	cli include tests: b322
[main]	INFO	cli exclude tests: None
[main]	ERROR	Unknown test found in profile: b322

That being said, I agree that ideally Bandit should not error and exit in this case.

ericwb added a commit to ericwb/bandit that referenced this issue Feb 4, 2025
@ericwb
Warn not error on an nonexistant test given
318f1dc 
When a user gives a test ID to include or skip, the current
behavior raises an exception and exits the process.

However, when tests end up getting deprecated and eventually
removed, it is a lot more user friendly to simple present
a warning to the user that the test ID given wasn't found
rather than a hard error and exit.

Fixes: PyCQA#1228

Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
@ericwb ericwb mentioned this issue Feb 4, 2025
Merged
@ericwb ericwb closed this as completed in affd4fd Feb 5, 2025
@ericwb ericwb added this to the Release 1.8.3 milestone Feb 5, 2025
@djmv
Copy link
Author

djmv commented Feb 11, 2025

Thank you very much for taking the recommendation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
Release 1.8.3
Development

Successfully merging a pull request may close this issue.

Warn not error on an nonexistant test given ericwb/bandit
3 participants
@ericwb @lukehinds @djmv