Add bandit to supported linters#2775
Conversation
|
|
|
The order of the linters in various data structures was kind of random. Should I alphabetize or standardize this? |
src/client/common/configSettings.ts
Outdated
| banditCategorySeverity: { | ||
| LOW: DiagnosticSeverity.Error, | ||
| MEDIUM: DiagnosticSeverity.Error, | ||
| HIGH: DiagnosticSeverity.Error |
There was a problem hiding this comment.
Seems to be wrong, all map to Error.
Do we need this mapping?
package.json
Outdated
| ], | ||
| "scope": "resource" | ||
| }, | ||
| "python.linting.banditCategorySeverity.HIGH": { |
There was a problem hiding this comment.
Do we need these three severities?
Can't we hardcode for now, this way if users request changes we can add it.
I feel that's better than adding configuration settings that might not ever get used.
src/client/linters/bandit.ts
Outdated
| protected async runLinter(document: TextDocument, cancellation: CancellationToken): Promise<ILintMessage[]> { | ||
| const messages = await this.run(['-f', 'custom', '--msg-template', '{line},0,{severity},{test_id}:{msg}', document.uri.fsPath], document, cancellation); | ||
| messages.forEach(msg => { | ||
| msg.severity = this.parseMessagesSeverity(msg.type, this.pythonSettings.linting.banditCategorySeverity); |
There was a problem hiding this comment.
I think its best to hard code the severity mapping for now, and introduce additional settings later if & when users request for the ability to change the mapping (meaning of the errors).
src/client/common/types.ts
Outdated
| LOW: DiagnosticSeverity.Error; | ||
| MEDIUM: DiagnosticSeverity.Error; | ||
| HIGH: DiagnosticSeverity.Error; | ||
| } |
There was a problem hiding this comment.
this needs to be:
export interface IBanditCategorySeverity {
LOW: DiagnosticSeverity;
MEDIUM: DiagnosticSeverity;
HIGH: DiagnosticSeverity;
}
|
@brettcannon /cc |
|
@DonJayamanne, thanks for the super fast review and feedback! will make those changes. |
|
@DonJayamanne Made all the changes. Added a fix as well for a bug in Bandit's message templating, documented here: PyCQA/bandit#371 and fixed on Bandit master will fix tests tomorrow |
src/test/.vscode/settings.json
Outdated
| "python.formatting.provider": "yapf", | ||
| "python.linting.pylintUseMinimalCheckers": false | ||
| "python.linting.pylintUseMinimalCheckers": false, | ||
| "python.pythonPath": "python" |
There was a problem hiding this comment.
You might want to remove python.pythonPath from the settings.
|
@demus |
|
@DonJayamanne should be all set |
3 participants
For #2726
Any new/changed dependencies inpackage.jsonare pinned (e.g."1.2.3", not"^1.2.3"for the specified version)package-lock.jsonhas been regenerated by runningnpm install(if dependencies have changed)