Skip to content

Commit

Permalink
Prepend ./ for files specified as CLI args
Browse files Browse the repository at this point in the history
The get_module_qualname_from_path() function called by the node
visistor expects that all files are explicitly named with a
"head" and "tail" which are path delimiters to denote where the
file is within a python project.

However, if someone uses the command line and simply asks bandit
to scan dummy.py in the current working directory, it will be
missing the explicit "./" prefix in order for get_module_qualname_from_path
to run and determine the module fully qualified name from the path.

So this fix simply prepends a dot and delimiter to explicitly denote
a file in the current working directory as given from the CLI.

Fixes #907

Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
  • Loading branch information
ericwb committed Jan 16, 2024
1 parent 7129108 commit bd3e6bd
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion bandit/core/manager.py
Original file line number Diff line number Diff line change
Expand Up @@ -249,7 +249,7 @@ def discover_files(self, targets, recursive=False, excluded_paths=""):
excluded_path_globs,
enforce_glob=False,
):
files_list.add(fname)
files_list.add(os.path.join(".", fname))
else:
excluded_files.add(fname)

Expand Down

0 comments on commit bd3e6bd

Please sign in to comment.