Skip to content

Commit

Permalink
add test for regression and fix directory exclusion without wildcards (
Browse files Browse the repository at this point in the history 
…#489)

* add test for regression and fix directory exclusion without wildcards
* fix pep8 errors
* add support for directory exclusion without trailing slashes
* extend exclusion test for backwards compat with 1.5.1 and add fix
* fix pep8 errors
* fix styling
* fix styling
* fix styling
  • Loading branch information
@ericwb
Matthew Egan authored and ericwb committed May 26, 2019
1 parent 1661456 commit 047e6bf
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 1 deletion.
6 changes: 5 additions & 1 deletion bandit/core/manager.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -190,6 +190,9 @@ def discover_files(self, targets, recursive=False, excluded_paths=''):
# if there are command line provided exclusions add them to the list
if excluded_paths:
for path in excluded_paths.split(','):
if os.path.isdir(path):

This comment has been minimized.

Sign in to view

Copy link
@bittner

bittner Oct 10, 2019

Contributor

Isn't that piece of code excluding locations that are not in the current working directory of the execution environment?

If the target scanning directory is changed later on those won't be considered. Which may be the reason why ignoring patterns like .git and .tox used to work only before this change. Could that be?
path = os.path.join(path, '*')

excluded_path_globs.append(path)

# build list of files we will analyze
Expand Down Expand Up @@ -363,7 +366,8 @@ def _is_file_included(path, included_globs, excluded_path_strings,
# if this is matches a glob of files we look at, and it isn't in an
# excluded path
if _matches_glob_list(path, included_globs) or not enforce_glob:
if not _matches_glob_list(path, excluded_path_strings):
if (not _matches_glob_list(path, excluded_path_strings) and
not any(x in path for x in excluded_path_strings)):
return_value = True

return return_value
Expand Down
27 changes: 27 additions & 0 deletions tests/unit/core/test_manager.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,6 +210,33 @@ def test_discover_files_exclude(self, isdir):
self.assertEqual([], self.manager.files_list)
self.assertEqual(['thing'], self.manager.excluded_files)

@mock.patch('os.path.isdir')
def test_discover_files_exclude_dir(self, isdir):
isdir.return_value = False

# Test exclude dir using wildcard
self.manager.discover_files(['./x/y.py'], True, './x/*')
self.assertEqual([], self.manager.files_list)
self.assertEqual(['./x/y.py'], self.manager.excluded_files)

# Test exclude dir without wildcard
isdir.side_effect = [True, False]
self.manager.discover_files(['./x/y.py'], True, './x/')
self.assertEqual([], self.manager.files_list)
self.assertEqual(['./x/y.py'], self.manager.excluded_files)

# Test exclude dir without wildcard or trailing slash
isdir.side_effect = [True, False]
self.manager.discover_files(['./x/y.py'], True, './x')
self.assertEqual([], self.manager.files_list)
self.assertEqual(['./x/y.py'], self.manager.excluded_files)

# Test exclude dir without prefix or suffix
isdir.side_effect = [False, False]
self.manager.discover_files(['./x/y/z.py'], True, 'y')
self.assertEqual([], self.manager.files_list)
self.assertEqual(['./x/y/z.py'], self.manager.excluded_files)

@mock.patch('os.path.isdir')
def test_discover_files_exclude_cmdline(self, isdir):
isdir.return_value = False
Expand Down

0 comments on commit 047e6bf

Please sign in to comment.