Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bandit fails when using importlib with named arguments #694

Closed
mkielar opened this issue Feb 23, 2021 · 1 comment
Closed

Bandit fails when using importlib with named arguments #694

mkielar opened this issue Feb 23, 2021 · 1 comment
Labels
bug Something isn't working

Comments

@mkielar
Copy link

mkielar commented Feb 23, 2021

Describe the bug
A clear and concise description of what the bug is.

To Reproduce
Steps to reproduce the behavior:

  1. Save this code in a test.py file 
    import importlib
importlib.import_module(name=foo, package='bar.baz')
  2. Run: 
    > bandit test.py
[main]  INFO    profile include tests: None
[main]  INFO    profile exclude tests: None
[main]  INFO    cli include tests: None
[main]  INFO    cli exclude tests: None
[main]  INFO    running on Python 3.8.3
[node_visitor]  INFO    Unable to find qualified name for module: test.py
[tester]        ERROR   Bandit internal error running: blacklist on file test.py at line 4: list index out of rangeTraceback (most recent call last):
  File "[MASKED]/venv/lib64/python3.8/site-packages/bandit/core/tester.py", line 52, in run_tests
    result = test(context, test._config)
  File "[MASKED]/venv/lib64/python3.8/site- packages/bandit/core/blacklisting.py", line 50, in blacklist
    name = context.call_args[0]
IndexError: list index out of range
  3. Observe the error

Expected behavior
I'd expect it to scan the file with no errors.

Bandit version

bandit 1.7.0
  python version = 3.8.3 (default, Feb 26 2020, 00:00:00) [GCC 9.3.1 20200408 (Red Hat 9.3.1-2)]

Additional context
This line: https://github.com/PyCQA/bandit/blob/master/bandit/core/blacklisting.py#L50 only expects module name passed directly, and not as named argument.
@mkielar mkielar added the bug Something isn't working label Feb 23, 2021
maciejstromich added a commit to maciejstromich/bandit that referenced this issue Mar 30, 2021
@maciejstromich
PyCQA#694 Bandit fails when using importlib with named arguments
402f761
@maciejstromich maciejstromich mentioned this issue Mar 30, 2021
Merged
lukehinds added a commit that referenced this issue Apr 5, 2021
@maciejstromich @lukehinds
#694 Bandit fails when using importlib with named arguments (#701)
193c355 
* #694 Bandit fails when using importlib with named arguments

* add missing tests

* improvement in the tests

Co-authored-by: Luke Hinds <7058938+lukehinds@users.noreply.github.com>
mikespallino pushed a commit to mikespallino/bandit that referenced this issue Jan 7, 2022
@maciejstromich @lukehinds @mikespallino
PyCQA#694 Bandit fails when using importlib with named arguments (PyC…
4422ee7 
…QA#701)

* PyCQA#694 Bandit fails when using importlib with named arguments

* add missing tests

* improvement in the tests

Co-authored-by: Luke Hinds <7058938+lukehinds@users.noreply.github.com>
@ericwb
Copy link
Member

ericwb commented Feb 12, 2022

Appears to be fixed with #701

@ericwb ericwb closed this as completed Feb 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mkielar @ericwb