Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test and unpin Bandit #429

Closed
sssoleileraaa opened this issue Jun 17, 2019 · 1 comment · Fixed by #439
Closed

Test and unpin Bandit #429

sssoleileraaa opened this issue Jun 17, 2019 · 1 comment · Fixed by #439

Comments

@sssoleileraaa
Copy link
Contributor

sssoleileraaa commented Jun 17, 2019
edited
Loading

Description

Bandit 1.6.1 seems to break our CI, see #428 for context. Once we figure out what's going on we will want to unpin from Bandit 1.5.1.

Note: Bandit 1.6.0 has a bug (see PyCQA/bandit#488) that 1.6.1 fixes but breaks our CI, which is why we pinned to 1.5.1
@sssoleileraaa sssoleileraaa changed the title Test and pin to the latest version of Bandit Test and unpin Bandit Jun 17, 2019
@emkll
Copy link
Contributor

emkll commented Jun 18, 2019

WIP branch here: https://github.com/freedomofpress/securedrop-client/compare/429-unpin-bandit

While testing, i've noticed (in both 1.5.1 and 1.6.1) that many files were being ignored. As part of closing this ticket, we should investigate and fix these issues, as the files being ignored contain a lot of important logic):

Run started:2019-06-18 15:53:03.292804

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 3605
	Total lines skipped (#nosec): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
Files skipped (16):
	./securedrop_client/api_jobs/base.py (syntax error while parsing AST from file)
	./securedrop_client/api_jobs/downloads.py (syntax error while parsing AST from file)
	./securedrop_client/api_jobs/uploads.py (syntax error while parsing AST from file)
	./securedrop_client/app.py (syntax error while parsing AST from file)
	./securedrop_client/config.py (syntax error while parsing AST from file)
	./securedrop_client/crypto.py (syntax error while parsing AST from file)
	./securedrop_client/db.py (syntax error while parsing AST from file)
	./securedrop_client/gui/__init__.py (syntax error while parsing AST from file)
	./securedrop_client/gui/main.py (syntax error while parsing AST from file)
	./securedrop_client/gui/widgets.py (syntax error while parsing AST from file)
	./securedrop_client/logic.py (syntax error while parsing AST from file)
	./securedrop_client/message_sync.py (syntax error while parsing AST from file)
	./securedrop_client/queue.py (syntax error while parsing AST from file)
	./securedrop_client/resources/__init__.py (syntax error while parsing AST from file)
	./securedrop_client/storage.py (syntax error while parsing AST from file)
	./securedrop_client/utils.py (syntax error while parsing AST from file)

@redshiftzero redshiftzero mentioned this issue Jun 26, 2019
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

unpin bandit freedomofpress/securedrop-client
2 participants
@sssoleileraaa @emkll