How to use the bandit.core.docs_utils.get_url function in bandit

To help you get started, we’ve selected a few bandit examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github PyCQA / bandit / tests / unit / formatters / test_screen.py View on Github external
def _template(_issue, _indent_val, _code, _color):
            return_val = ["{}{}>> Issue: [{}:{}] {}".
                          format(_indent_val, _color, _issue.test_id,
                                 _issue.test, _issue.text),
                          "{}   Severity: {}   Confidence: {}".
                          format(_indent_val, _issue.severity.capitalize(),
                                 _issue.confidence.capitalize()),
                          "{}   Location: {}:{}".
                          format(_indent_val, _issue.fname, _issue.lineno),
                          "{}   More Info: {}{}".format(
                              _indent_val, docs_utils.get_url(_issue.test_id),
                              screen.COLOR['DEFAULT'])]
            if _code:
                return_val.append("{}{}".format(_indent_val, _code))
            return '\n'.join(return_val)
github PyCQA / bandit / tests / unit / formatters / test_text.py View on Github external
def _template(_issue, _indent_val, _code):
            return_val = ["{}>> Issue: [{}:{}] {}".
                          format(_indent_val, _issue.test_id, _issue.test,
                                 _issue.text),
                          "{}   Severity: {}   Confidence: {}".
                          format(_indent_val, _issue.severity.capitalize(),
                                 _issue.confidence.capitalize()),
                          "{}   Location: {}:{}".
                          format(_indent_val, _issue.fname, _issue.lineno),
                          "{}   More Info: {}".format(
                              _indent_val, docs_utils.get_url(_issue.test_id))]
            if _code:
                return_val.append("{}{}".format(_indent_val, _code))
            return '\n'.join(return_val)
github PyCQA / bandit / bandit / formatters / screen.py View on Github external
def _output_issue_str(issue, indent, show_lineno=True, show_code=True,
                      lines=-1):
    # returns a list of lines that should be added to the existing lines list
    bits = []
    bits.append("%s%s>> Issue: [%s:%s] %s" % (
        indent, COLOR[issue.severity], issue.test_id, issue.test, issue.text))

    bits.append("%s   Severity: %s   Confidence: %s" % (
        indent, issue.severity.capitalize(), issue.confidence.capitalize()))

    bits.append("%s   Location: %s:%s" % (
        indent, issue.fname,
        issue.lineno if show_lineno else ""))

    bits.append("%s   More Info: %s%s" % (
        indent, docs_utils.get_url(issue.test_id), COLOR['DEFAULT']))

    if show_code:
        bits.extend([indent + l for l in
                     issue.get_code(lines, True).split('\n')])

    return '\n'.join([bit for bit in bits])
github PyCQA / bandit / bandit / formatters / yaml.py View on Github external
:param fileobj: The output file object, which may be sys.stdout
    :param sev_level: Filtering severity level
    :param conf_level: Filtering confidence level
    :param lines: Number of lines to report, -1 for all
    '''

    machine_output = {'results': [], 'errors': []}
    for (fname, reason) in manager.get_skipped():
        machine_output['errors'].append({'filename': fname, 'reason': reason})

    results = manager.get_issue_list(sev_level=sev_level,
                                     conf_level=conf_level)

    collector = [r.as_dict() for r in results]
    for elem in collector:
        elem['more_info'] = docs_utils.get_url(elem['test_id'])

    itemgetter = operator.itemgetter
    if manager.agg_type == 'vuln':
        machine_output['results'] = sorted(collector,
                                           key=itemgetter('test_name'))
    else:
        machine_output['results'] = sorted(collector,
                                           key=itemgetter('filename'))

    machine_output['metrics'] = manager.metrics.data

    for result in machine_output['results']:
        if 'code' in result:
            code = result['code'].replace('\n', '\\n')
            result['code'] = code
github PyCQA / bandit / bandit / formatters / html.py View on Github external
if not baseline or len(issues[issue]) == 1:
            candidates = ''
            safe_code = html_escape(issue.get_code(lines, True).
                                    strip('\n').lstrip(' '))
            code = code_block.format(code=safe_code)
        else:
            candidates_str = ''
            code = ''
            for candidate in issues[issue]:
                candidate_code = html_escape(candidate.get_code(lines, True).
                                             strip('\n').lstrip(' '))
                candidates_str += candidate_issue.format(code=candidate_code)

            candidates = candidate_block.format(candidate_list=candidates_str)

        url = docs_utils.get_url(issue.test_id)
        results_str += issue_block.format(issue_no=index,
                                          issue_class='issue-sev-{}'.
                                          format(issue.severity.lower()),
                                          test_name=issue.test,
                                          test_id=issue.test_id,
                                          test_text=issue.text,
                                          severity=issue.severity,
                                          confidence=issue.confidence,
                                          path=issue.fname, code=code,
                                          candidates=candidates,
                                          url=url)

    # build the metrics string to insert in the report
    metrics_summary = metrics_block.format(
        loc=manager.metrics.data['_totals']['loc'],
        nosec=manager.metrics.data['_totals']['nosec'])
github PyCQA / bandit / bandit / formatters / json.py View on Github external
baseline = not isinstance(results, list)

    if baseline:
        collector = []
        for r in results:
            d = r.as_dict()
            d['more_info'] = docs_utils.get_url(d['test_id'])
            if len(results[r]) > 1:
                d['candidates'] = [c.as_dict() for c in results[r]]
            collector.append(d)

    else:
        collector = [r.as_dict() for r in results]
        for elem in collector:
            elem['more_info'] = docs_utils.get_url(elem['test_id'])

    itemgetter = operator.itemgetter
    if manager.agg_type == 'vuln':
        machine_output['results'] = sorted(collector,
                                           key=itemgetter('test_name'))
    else:
        machine_output['results'] = sorted(collector,
                                           key=itemgetter('filename'))

    machine_output['metrics'] = manager.metrics.data

    # timezone agnostic format
    TS_FORMAT = "%Y-%m-%dT%H:%M:%SZ"

    time_string = datetime.datetime.utcnow().strftime(TS_FORMAT)
    machine_output['generated_at'] = time_string