Skip to content

Commit

Permalink
Group location line with code output (#822)
Browse files Browse the repository at this point in the history 
Currently for the screen and text formatters there is a More Info
line in between the Location line and the code snippet lines.

This change puts the Location with the code snippet as a more
logical grouping of code location information.

Signed-off-by: Eric Brown <[email protected]>
  • Loading branch information
@ericwb
ericwb authored Mar 6, 2022
1 parent a65c5b6 commit 29bc186
Show file tree
Hide file tree
Showing 4 changed files with 19 additions and 17 deletions.
12 changes: 5 additions & 7 deletions bandit/formatters/screen.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,8 @@
Severity: Medium Confidence: High
CWE: CWE-20 (https://cwe.mitre.org/data/definitions/20.html)
Location: examples/yaml_load.py:5
More Info: https://bandit.readthedocs.io/en/latest/
Location: examples/yaml_load.py:5
4 ystr = yaml.dump({'a' : 1, 'b' : 2, 'c' : 3})
5 y = yaml.load(ystr)
6 yaml.dump(y)
Expand Down Expand Up @@ -128,21 +128,19 @@ def _output_issue_str(

bits.append(f"{indent} CWE: {str(issue.cwe)}")

bits.append(f"{indent} More Info: {docs_utils.get_url(issue.test_id)}")

bits.append(
"%s Location: %s:%s:%s"
"%s Location: %s:%s:%s%s"
% (
indent,
issue.fname,
issue.lineno if show_lineno else "",
issue.col_offset if show_lineno else "",
COLOR["DEFAULT"],
)
)

bits.append(
"%s More Info: %s%s"
% (indent, docs_utils.get_url(issue.test_id), COLOR["DEFAULT"])
)

if show_code:
bits.extend(
[indent + line for line in issue.get_code(lines, True).split("\n")]
Expand Down
7 changes: 4 additions & 3 deletions bandit/formatters/text.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,9 @@
instantiation of arbitrary objects. Consider yaml.safe_load().
Severity: Medium Confidence: High
Location: examples/yaml_load.py:5
CWE: CWE-20 (https://cwe.mitre.org/data/definitions/20.html)
More Info: https://bandit.readthedocs.io/en/latest/
Location: examples/yaml_load.py:5
4 ystr = yaml.dump({'a' : 1, 'b' : 2, 'c' : 3})
5 y = yaml.load(ystr)
6 yaml.dump(y)
Expand Down Expand Up @@ -95,6 +96,8 @@ def _output_issue_str(

bits.append(f"{indent} CWE: {str(issue.cwe)}")

bits.append(f"{indent} More Info: {docs_utils.get_url(issue.test_id)}")

bits.append(
"%s Location: %s:%s:%s"
% (
Expand All @@ -105,8 +108,6 @@ def _output_issue_str(
)
)

bits.append(f"{indent} More Info: {docs_utils.get_url(issue.test_id)}")

if show_code:
bits.extend(
[indent + line for line in issue.get_code(lines, True).split("\n")]
Expand Down
11 changes: 7 additions & 4 deletions tests/unit/formatters/test_screen.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,12 +44,15 @@ def _template(_issue, _indent_val, _code, _color):
_indent_val,
_issue.cwe,
),
"{} Location: {}:{}:{}".format(
_indent_val, _issue.fname, _issue.lineno, _issue.col_offset
),
"{} More Info: {}{}".format(
"{} More Info: {}".format(
_indent_val,
docs_utils.get_url(_issue.test_id),
),
"{} Location: {}:{}:{}{}".format(
_indent_val,
_issue.fname,
_issue.lineno,
_issue.col_offset,
screen.COLOR["DEFAULT"],
),
]
Expand Down
6 changes: 3 additions & 3 deletions tests/unit/formatters/test_text.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,12 +37,12 @@ def _template(_issue, _indent_val, _code):
_issue.confidence.capitalize(),
),
f"{_indent_val} CWE: {_issue.cwe}",
"{} Location: {}:{}:{}".format(
_indent_val, _issue.fname, _issue.lineno, _issue.col_offset
),
"{} More Info: {}".format(
_indent_val, docs_utils.get_url(_issue.test_id)
),
"{} Location: {}:{}:{}".format(
_indent_val, _issue.fname, _issue.lineno, _issue.col_offset
),
]
if _code:
return_val.append(f"{_indent_val}{_code}")
Expand Down

0 comments on commit 29bc186

Please sign in to comment.