Merge pull request #129 from Alt-NoRock/feat_bandit_errorfmt

feat: add bandit as defined-formats
reviewdog · Sep 17, 2023 · 33358de · 33358de
2 parents 0f0d2e5 + 72b569d
commit 33358de
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 0 deletions.
diff --git a/fmts/doc.go b/fmts/doc.go
diff --git a/fmts/python.go b/fmts/python.go
@@ -73,4 +73,15 @@ func init() {
 		URL:         "https://github.com/PyCQA/pydocstyle",
 		Language:    lang,
 	})
+	register(&Fmt{
+		Name: "bandit",
+		Errorformat: []string{
+			`%f:%l: B%n[bandit]: %tIGH: %m`,
+			`%f:%l: B%n[bandit]: %tEDIUM: %m`,
+			`%f:%l: B%n[bandit]: %tOW: %m`,
+		},
+		Description: "A tool designed to find common security issues in Python code.",
+		URL:         "https://github.com/PyCQA/bandit.git",
+		Language:    lang,
+	})
 }
diff --git a/fmts/testdata/bandit.in b/fmts/testdata/bandit.in
@@ -0,0 +1,4 @@
+/workspaces/errorformat/test.py:1: B404[bandit]: LOW: Consider possible security implications associated with the subprocess module.
+/workspaces/errorformat/test.py:5: B105[bandit]: LOW: Possible hardcoded password: 'aaa'
+/workspaces/errorformat/test.py:8: B307[bandit]: MEDIUM: Use of possibly insecure function - consider using safer ast.literal_eval.
+/workspaces/errorformat/test.py:11: B304[bandit]: HIGH: Use of insecure cipher Crypto.Cipher.XOR.new. Replace with a known secure cipher such as AES.
diff --git a/fmts/testdata/bandit.ok b/fmts/testdata/bandit.ok
@@ -0,0 +1,4 @@
+/workspaces/errorformat/test.py|1 L 404| Consider possible security implications associated with the subprocess module.
+/workspaces/errorformat/test.py|5 L 105| Possible hardcoded password: 'aaa'
+/workspaces/errorformat/test.py|8 M 307| Use of possibly insecure function - consider using safer ast.literal_eval.
+/workspaces/errorformat/test.py|11 H 304| Use of insecure cipher Crypto.Cipher.XOR.new. Replace with a known secure cipher such as AES.