Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 703536 Details for
Bug 786642
dev-python/bandit-1.7.0 fails tests
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
build.log
build.log (text/plain), 262.52 KB, created by
Agostino Sarubbo
on 2021-04-29 05:56:58 UTC
(
hide
)
Description:
build.log
Filename:
MIME Type:
Creator:
Agostino Sarubbo
Created:
2021-04-29 05:56:58 UTC
Size:
262.52 KB
patch
obsolete
> * Package: dev-python/bandit-1.7.0 > * Repository: gentoo > * Maintainer: prometheanfire@gentoo.org > * USE: abi_x86_64 amd64 elibc_glibc kernel_linux python_targets_python3_7 python_targets_python3_8 python_targets_python3_9 test userland_GNU > * FEATURES: network-sandbox preserve-libs sandbox test userpriv usersandbox > > >@@@@@ PLEASE PAY ATTENTION HERE!!! @@@@@ >This information may help you to understand if this is a duplicate or if this bug exists after you pushed a fix; >This ebuild was merged at the following commit: >https://github.com/gentoo/gentoo/commit/2a99448fde4dd9e790ae7381a466d332bc3812ec (Thu Apr 29 01:56:07 UTC 2021) >@@@@@ END @@@@@ > > > >emerge --info: >Portage 3.0.18 (python 3.9.4-final-0, default/linux/amd64/17.1, gcc-11.1.0, glibc-2.33, 5.4.0-1029-aws x86_64) >================================================================= >System uname: Linux-5.4.0-1029-aws-x86_64-Intel-R-_Xeon-R-_Platinum_8124M_CPU_@_3.00GHz-with-glibc2.33 >KiB Mem: 71926568 total, 55372816 free >KiB Swap: 0 total, 0 free >sh bash 5.1_p4 >ld GNU ld (Gentoo 2.36.1 p3) 2.36.1 >app-shells/bash: 5.1_p4::gentoo >dev-lang/perl: 5.32.1::gentoo >dev-lang/python: 2.7.18_p8::gentoo, 3.7.10_p1::gentoo, 3.8.9::gentoo, 3.9.4::gentoo >dev-lang/rust: 1.51.0-r2::gentoo >dev-util/cmake: 3.20.1::gentoo >dev-util/pkgconfig: 0.29.2::gentoo >sys-apps/baselayout: 2.7-r2::gentoo >sys-apps/openrc: 0.42.1-r1::gentoo >sys-apps/sandbox: 2.23::gentoo >sys-devel/autoconf: 2.13-r1::gentoo, 2.69-r5::gentoo >sys-devel/automake: 1.16.3-r1::gentoo >sys-devel/binutils: 2.36.1-r1::gentoo >sys-devel/gcc: 11.1.0::gentoo >sys-devel/gcc-config: 2.4::gentoo >sys-devel/libtool: 2.4.6-r6::gentoo >sys-devel/make: 4.3::gentoo >sys-kernel/linux-headers: 5.12::gentoo (virtual/os-headers) >sys-libs/glibc: 2.33::gentoo >Repositories: > >gentoo > location: /usr/portage > sync-type: rsync > sync-uri: rsync://rsync.gentoo.org/gentoo-portage > priority: -1000 > sync-rsync-verify-metamanifest: yes > sync-rsync-verify-max-age: 24 > sync-rsync-extra-opts: > sync-rsync-verify-jobs: 1 > >ACCEPT_KEYWORDS="amd64 ~amd64" >ACCEPT_LICENSE="* Apache-2.0" >CBUILD="x86_64-pc-linux-gnu" >CFLAGS="-O2 -pipe -march=x86-64 -frecord-gcc-switches" >CHOST="x86_64-pc-linux-gnu" >CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt" >CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" >CXXFLAGS="-O2 -pipe -march=x86-64 -frecord-gcc-switches" >DISTDIR="/var/tmp/portage/dev-python/bandit-1.7.0/distdir" >EMERGE_DEFAULT_OPTS="--with-bdeps=y -1 -k -b" >ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR" >FCFLAGS="-O2 -pipe -march=x86-64 -frecord-gcc-switches" >FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs binpkg-multi-instance buildpkg config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms sign split-log strict test unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" >FFLAGS="-O2 -pipe -march=x86-64 -frecord-gcc-switches" >GENTOO_MIRRORS="http://distfiles.gentoo.org" >LANG="en_US.utf8" >LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--defsym=__gentoo_check_ldflags__=0" >MAKEOPTS="-j36" >PKGDIR="/root/.packages" >PORTAGE_CONFIGROOT="/" >PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" >PORTAGE_TMPDIR="/var/tmp" >USE="acl amd64 berkdb bzip2 cli crypt dri elogind fortran gdbm iconv ipv6 jumbo-build libglvnd libtirpc multilib native-symlinks ncurses nls nptl openmp pam pcre readline seccomp split-usr ssl tcpd test unicode xattr zlib" ABI_X86="64" ELIBC="glibc" KERNEL="linux" PYTHON_TARGETS="python3_7 python3_8 python3_9" USERLAND="GNU" >Unset: CC, CPPFLAGS, CTARGET, CXX, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, RUSTFLAGS > > > > > >emerge history: >2021-04-29T03:56:20 >>> dev-python/pbr-5.6.0 >2021-04-29T03:56:20 >>> dev-python/six-1.15.0-r1 >2021-04-29T03:56:21 >>> dev-python/typing-extensions-3.7.4.3 >2021-04-29T03:56:22 >>> dev-python/toml-0.10.2 >2021-04-29T03:56:22 >>> dev-libs/libyaml-0.2.5 >2021-04-29T03:56:23 >>> dev-python/smmap-4.0.0 >2021-04-29T03:56:23 >>> dev-python/cython-0.29.23 >2021-04-29T03:56:36 >>> dev-python/zipp-3.4.1 >2021-04-29T03:56:39 >>> dev-python/gitdb-4.0.7 >2021-04-29T03:56:41 >>> dev-python/pyyaml-5.4.1 >2021-04-29T03:56:46 >>> dev-python/importlib_metadata-4.0.0 >2021-04-29T03:56:48 >>> dev-python/GitPython-3.1.15 >2021-04-29T03:56:52 >>> dev-python/stevedore-3.3.0 >2021-04-29T03:56:57 >>> dev-python/bandit-1.7.0 >2021-04-29T03:57:20 >>> dev-util/cppunit-1.15.1-r2 >2021-04-29T03:57:21 >>> dev-libs/libbsd-0.10.0 >2021-04-29T03:57:21 >>> x11-base/xorg-proto-2021.3 >2021-04-29T03:57:22 >>> x11-libs/xtrans-1.4.0 >2021-04-29T03:57:22 >>> dev-libs/check-0.15.2-r1 >2021-04-29T03:57:23 >>> dev-python/pypy3-7.3.4_p1 >2021-04-29T03:57:45 >>> x11-libs/libICE-1.0.10 >2021-04-29T03:57:46 >>> x11-misc/compose-tables-1.7.0 >2021-04-29T03:57:46 >>> x11-libs/libXau-1.0.9-r1 >2021-04-29T03:57:47 >>> x11-libs/libXdmcp-1.1.3 >2021-04-29T03:57:47 >>> dev-python/wrapt-1.12.1 >2021-04-29T03:57:48 >>> dev-python/extras-1.0.0-r1 >2021-04-29T03:57:48 >>> dev-python/linecache2-1.0.0-r1 >2021-04-29T03:57:49 >>> dev-python/wcwidth-0.2.5-r1 >2021-04-29T03:57:49 >>> dev-python/mock-4.0.3 >2021-04-29T03:57:50 >>> dev-python/lazy-object-proxy-1.5.0 >2021-04-29T03:57:50 >>> dev-python/typed-ast-1.4.3 >2021-04-29T03:57:52 >>> dev-python/lxml-4.6.3 >2021-04-29T03:57:51 >>> dev-python/soupsieve-2.2.1 >2021-04-29T03:57:52 >>> dev-python/webencodings-0.5.1-r1 >2021-04-29T03:57:53 >>> dev-python/python-mimeparse-1.6.0-r3 >2021-04-29T03:57:53 >>> dev-python/pyrsistent-0.17.3 >2021-04-29T03:57:54 >>> dev-python/voluptuous-0.12.1 >2021-04-29T03:57:54 >>> dev-python/pyparsing-2.4.7-r1 >2021-04-29T03:57:55 >>> dev-python/colorama-0.4.4 >2021-04-29T03:57:56 >>> x11-base/xcb-proto-1.14.1 >2021-04-29T03:57:56 >>> dev-python/coverage-5.5 >2021-04-29T03:57:57 >>> dev-python/isort-5.8.0 >2021-04-29T03:57:57 >>> dev-python/future-0.18.2-r1 >2021-04-29T03:57:58 >>> dev-python/namespace-zope-1-r1 >2021-04-29T03:57:59 >>> dev-python/pycodestyle-2.6.0 >2021-04-29T03:57:58 >>> dev-python/pyflakes-2.2.0 >2021-04-29T03:58:06 >>> x11-libs/libSM-1.2.3-r1 >2021-04-29T03:58:29 >>> dev-python/traceback2-1.4.0-r1 >2021-04-29T03:58:31 >>> dev-python/prettytable-2.1.0 >2021-04-29T03:58:38 >>> dev-python/astroid-2.5.6 >2021-04-29T03:58:43 >>> dev-python/html5lib-1.1 >2021-04-29T03:58:54 >>> x11-libs/libxcb-1.14 >2021-04-29T03:59:01 >>> dev-python/zope-interface-5.4.0 >2021-04-29T03:59:06 >>> dev-python/flake8-3.8.4 >2021-04-29T03:59:13 >>> dev-python/unittest2-1.1.0-r1 >2021-04-29T03:59:19 >>> dev-python/beautifulsoup-4.9.3 >2021-04-29T03:59:20 >>> x11-libs/libX11-1.7.0 >2021-04-29T03:59:22 >>> dev-python/attrs-20.3.0 >2021-04-29T03:59:25 >>> dev-python/mccabe-0.6.1-r2 >2021-04-29T03:59:30 >>> dev-python/testtools-2.4.0-r1 >2021-04-29T03:59:34 >>> x11-libs/libXext-1.3.4 >2021-04-29T03:59:35 >>> x11-libs/libXt-1.2.1 >2021-04-29T03:59:39 >>> dev-python/hacking-4.1.0 >2021-04-29T03:59:39 >>> dev-python/pylint-2.8.2 >2021-04-29T03:59:43 >>> dev-python/fixtures-3.0.0-r1 >2021-04-29T03:59:48 >>> x11-misc/xsel-1.2.0-r1 >2021-04-29T03:59:55 >>> dev-python/testscenarios-0.5.0-r1 >2021-04-29T03:59:56 >>> dev-python/subunit-1.4.0 >2021-04-29T03:59:57 >>> dev-python/pyperclip-1.8.2 >2021-04-29T04:00:05 >>> dev-python/cmd2-1.5.0 >2021-04-29T04:00:08 >>> dev-python/cliff-3.7.0 >2021-04-29T04:00:11 >>> dev-python/stestr-3.2.0 > > > >>>> Unpacking source... >>>> Unpacking bandit-1.7.0.tar.gz to /var/tmp/portage/dev-python/bandit-1.7.0/work >>>> Source unpacked in /var/tmp/portage/dev-python/bandit-1.7.0/work >>>> Preparing source in /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0 ... > * Will copy sources from /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0 > * python3_7: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7 > * python3_8: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8 > * python3_9: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9 > * python3_7: running distutils-r1_run_phase python_prepare > * Will copy sources from /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build > * python3_7: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build-python3_7 > * python3_8: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build-python3_8 > * python3_9: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build-python3_9 > * python3_8: running distutils-r1_run_phase python_prepare > * Will copy sources from /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build > * python3_7: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build-python3_7 > * python3_8: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build-python3_8 > * python3_9: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build-python3_9 > * python3_9: running distutils-r1_run_phase python_prepare > * Will copy sources from /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build > * python3_7: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build-python3_7 > * python3_8: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build-python3_8 > * python3_9: copying to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build-python3_9 >>>> Source prepared. >>>> Configuring source in /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0 ... >>>> Source configured. >>>> Compiling source in /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0 ... > * python3_7: running distutils-r1_run_phase distutils-r1_python_compile >python3.7 setup.py build -j 36 >running build >running build_py >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/node_visitor.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/constants.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/test_set.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/metrics.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/meta_ast.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/issue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/manager.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/config.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/test_properties.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/docs_utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/context.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/extension_loader.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/blacklisting.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >copying bandit/core/tester.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters >copying bandit/formatters/html.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters >copying bandit/formatters/text.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters >copying bandit/formatters/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters >copying bandit/formatters/xml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters >copying bandit/formatters/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters >copying bandit/formatters/csv.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters >copying bandit/formatters/screen.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters >copying bandit/formatters/json.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters >copying bandit/formatters/custom.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters >copying bandit/formatters/yaml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/blacklists >copying bandit/blacklists/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/blacklists >copying bandit/blacklists/calls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/blacklists >copying bandit/blacklists/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/blacklists >copying bandit/blacklists/imports.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/blacklists >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/cli >copying bandit/cli/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/cli >copying bandit/cli/config_generator.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/cli >copying bandit/cli/baseline.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/cli >copying bandit/cli/main.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/cli >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/jinja2_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/general_bind_all_interfaces.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/mako_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/injection_shell.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/yaml_load.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/injection_paramiko.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/try_except_continue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/django_xss.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/asserts.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/ssh_no_host_key_verification.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/insecure_ssl_tls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/hashlib_new_insecure_functions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/crypto_request_no_cert_validation.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/injection_wildcard.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/exec.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/try_except_pass.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/weak_cryptographic_key.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/general_bad_file_permissions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/general_hardcoded_tmp.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/injection_sql.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/app_debug.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/general_hardcoded_password.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/plugins/django_sql_injection.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins >copying bandit/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit >copying bandit/__main__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit >running egg_info >writing bandit.egg-info/PKG-INFO >writing dependency_links to bandit.egg-info/dependency_links.txt >writing entry points to bandit.egg-info/entry_points.txt >writing requirements to bandit.egg-info/requires.txt >writing top-level names to bandit.egg-info/top_level.txt >[pbr] Reusing existing SOURCES.txt >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > % (opt, underscore_opt)) >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > % (opt, underscore_opt)) >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > % (opt, underscore_opt)) >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > % (opt, underscore_opt)) >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > % (opt, underscore_opt)) >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > % (opt, underscore_opt)) >warning: build_py: byte-compiling is disabled, skipping. > > * python3_8: running distutils-r1_run_phase distutils-r1_python_compile >python3.8 setup.py build -j 36 >running build >running build_py >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/blacklists >copying bandit/blacklists/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/blacklists >copying bandit/blacklists/calls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/blacklists >copying bandit/blacklists/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/blacklists >copying bandit/blacklists/imports.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/blacklists >copying bandit/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit >copying bandit/__main__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters >copying bandit/formatters/html.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters >copying bandit/formatters/text.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters >copying bandit/formatters/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters >copying bandit/formatters/xml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters >copying bandit/formatters/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters >copying bandit/formatters/csv.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters >copying bandit/formatters/screen.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters >copying bandit/formatters/json.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters >copying bandit/formatters/custom.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters >copying bandit/formatters/yaml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/cli >copying bandit/cli/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/cli >copying bandit/cli/config_generator.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/cli >copying bandit/cli/baseline.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/cli >copying bandit/cli/main.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/cli >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/node_visitor.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/constants.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/test_set.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/metrics.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/meta_ast.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/issue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/manager.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/config.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/test_properties.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/docs_utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/context.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/extension_loader.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/blacklisting.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >copying bandit/core/tester.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/jinja2_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/general_bind_all_interfaces.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/mako_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/injection_shell.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/yaml_load.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/injection_paramiko.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/try_except_continue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/django_xss.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/asserts.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/ssh_no_host_key_verification.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/insecure_ssl_tls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/hashlib_new_insecure_functions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/crypto_request_no_cert_validation.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/injection_wildcard.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/exec.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/try_except_pass.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/weak_cryptographic_key.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/general_bad_file_permissions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/general_hardcoded_tmp.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/injection_sql.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/app_debug.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/general_hardcoded_password.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >copying bandit/plugins/django_sql_injection.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins >running egg_info >writing bandit.egg-info/PKG-INFO >writing dependency_links to bandit.egg-info/dependency_links.txt >writing entry points to bandit.egg-info/entry_points.txt >writing requirements to bandit.egg-info/requires.txt >writing top-level names to bandit.egg-info/top_level.txt >[pbr] Reusing existing SOURCES.txt >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > warnings.warn( >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > warnings.warn( >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > warnings.warn( >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > warnings.warn( >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > warnings.warn( >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > warnings.warn( >warning: build_py: byte-compiling is disabled, skipping. > > * python3_9: running distutils-r1_run_phase distutils-r1_python_compile >python3.9 setup.py build -j 36 >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > warnings.warn( >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > warnings.warn( >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > warnings.warn( >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > warnings.warn( >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > warnings.warn( >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > warnings.warn( >running build >running build_py >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/blacklists >copying bandit/blacklists/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/blacklists >copying bandit/blacklists/calls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/blacklists >copying bandit/blacklists/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/blacklists >copying bandit/blacklists/imports.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/blacklists >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/node_visitor.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/constants.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/test_set.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/metrics.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/meta_ast.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/issue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/manager.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/config.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/test_properties.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/docs_utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/context.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/extension_loader.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/blacklisting.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >copying bandit/core/tester.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/jinja2_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/general_bind_all_interfaces.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/mako_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/injection_shell.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/yaml_load.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/injection_paramiko.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/try_except_continue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/django_xss.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/asserts.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/ssh_no_host_key_verification.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/insecure_ssl_tls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/hashlib_new_insecure_functions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/crypto_request_no_cert_validation.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/injection_wildcard.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/exec.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/try_except_pass.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/weak_cryptographic_key.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/general_bad_file_permissions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/general_hardcoded_tmp.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/injection_sql.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/app_debug.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/general_hardcoded_password.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/plugins/django_sql_injection.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins >copying bandit/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit >copying bandit/__main__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/cli >copying bandit/cli/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/cli >copying bandit/cli/config_generator.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/cli >copying bandit/cli/baseline.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/cli >copying bandit/cli/main.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/cli >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters >copying bandit/formatters/html.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters >copying bandit/formatters/text.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters >copying bandit/formatters/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters >copying bandit/formatters/xml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters >copying bandit/formatters/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters >copying bandit/formatters/csv.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters >copying bandit/formatters/screen.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters >copying bandit/formatters/json.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters >copying bandit/formatters/custom.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters >copying bandit/formatters/yaml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters >running egg_info >writing bandit.egg-info/PKG-INFO >writing dependency_links to bandit.egg-info/dependency_links.txt >writing entry points to bandit.egg-info/entry_points.txt >writing requirements to bandit.egg-info/requires.txt >writing top-level names to bandit.egg-info/top_level.txt >[pbr] Reusing existing SOURCES.txt >warning: build_py: byte-compiling is disabled, skipping. > >>>> Source compiled. >>>> Test phase: dev-python/bandit-1.7.0 > * python3_7: running distutils-r1_run_phase python_test >python3.7 setup.py install --root=/var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test --install-lib=lib --install-scripts=scripts >running install >[pbr] Generating AUTHORS >[pbr] AUTHORS complete (0.0s) >running build >running build_py >running egg_info >writing bandit.egg-info/PKG-INFO >writing dependency_links to bandit.egg-info/dependency_links.txt >writing entry points to bandit.egg-info/entry_points.txt >writing requirements to bandit.egg-info/requires.txt >writing top-level names to bandit.egg-info/top_level.txt >[pbr] Reusing existing SOURCES.txt >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > % (opt, underscore_opt)) >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > % (opt, underscore_opt)) >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > % (opt, underscore_opt)) >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > % (opt, underscore_opt)) >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > % (opt, underscore_opt)) >/usr/lib/python3.7/site-packages/setuptools/dist.py:645: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > % (opt, underscore_opt)) >warning: build_py: byte-compiling is disabled, skipping. > >running install_lib >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/blacklists/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/blacklists/calls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/blacklists/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/blacklists/imports.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/node_visitor.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/constants.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/test_set.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/metrics.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/meta_ast.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/issue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/manager.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/config.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/test_properties.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/docs_utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/context.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/extension_loader.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/blacklisting.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/core/tester.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/core >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/jinja2_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/general_bind_all_interfaces.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/mako_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/injection_shell.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/yaml_load.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/injection_paramiko.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/try_except_continue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/django_xss.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/asserts.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/ssh_no_host_key_verification.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/insecure_ssl_tls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/hashlib_new_insecure_functions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/crypto_request_no_cert_validation.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/injection_wildcard.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/exec.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/try_except_pass.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/weak_cryptographic_key.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/general_bad_file_permissions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/general_hardcoded_tmp.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/injection_sql.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/app_debug.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/general_hardcoded_password.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/plugins/django_sql_injection.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/plugins >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/cli/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/cli/config_generator.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/cli/baseline.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/cli/main.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/cli >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters/html.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters/text.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters/xml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters/csv.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters/screen.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters/json.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters/custom.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/formatters/yaml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/lib/bandit/__main__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit >warning: install_lib: byte-compiling is disabled, skipping. > >running install_egg_info >Copying bandit.egg-info to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/lib/bandit-1.7.0-py3.7.egg-info >running install_scripts >Installing bandit script to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/scripts >Installing bandit-baseline script to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/scripts >Installing bandit-config-generator script to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_7/build/test/scripts >{4} tests.functional.test_functional.FunctionalTests.test_imports_from [0.010078s] ... ok >{12} tests.functional.test_functional.FunctionalTests.test_imports [0.010097s] ... ok >{0} tests.functional.test_functional.FunctionalTests.test_okay [0.033367s] ... ok >{0} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_no_ini_path_no_target [0.000410s] ... ok >{0} tests.unit.core.test_context.ContextTests.test_function_def_defaults_qual [0.001675s] ... ok >{0} tests.unit.core.test_context.ContextTests.test_is_module_being_imported [0.000304s] ... ok >{3} tests.functional.test_functional.FunctionalTests.test_imports_aliases [0.036009s] ... ok >{0} tests.unit.core.test_context.ContextTests.test_repr [0.000137s] ... ok >{0} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude_dir [0.002329s] ... ok >{4} tests.functional.test_functional.FunctionalTests.test_os_chmod [0.036717s] ... ok >{0} tests.unit.core.test_util.UtilTests.test_check_ast_node_bad_type [0.005985s] ... ok >{6} tests.functional.test_functional.FunctionalTests.test_no_blacklist_pycryptodome [0.035075s] ... ok >{10} tests.functional.test_functional.FunctionalTests.test_hardcoded_passwords [0.042646s] ... ok >{9} tests.functional.test_functional.FunctionalTests.test_jinja2_templating [0.044320s] ... ok >{10} tests.functional.test_functional.FunctionalTests.test_nonsense [0.002109s] ... ok >{9} tests.functional.test_functional.FunctionalTests.test_multiline_code [0.003969s] ... ok >{6} tests.functional.test_functional.FunctionalTests.test_skip [0.007956s] ... ok >{2} tests.functional.test_functional.FunctionalTests.test_partial_path [0.040796s] ... ok >{9} tests.unit.cli.test_main.BanditCLIMainTests.test_log_option_source_arg_val [0.000258s] ... ok >{12} tests.functional.test_functional.FunctionalTests.test_shelve [0.032242s] ... ok >{6} tests.functional.test_functional.FunctionalTests.test_subdirectory_okay [0.002989s] ... ok >{1} tests.functional.test_functional.FunctionalTests.test_hardcoded_tmp [0.063843s] ... ok >{17} tests.unit.cli.test_main.BanditCLIMainTests.test_init_extensions [0.000426s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.7.10 >{11} tests.functional.test_functional.FunctionalTests.test_eval [0.040800s] ... ok >{11} tests.unit.cli.test_main.BanditCLIMainTests.test_log_option_source_ini_value [0.000205s] ... ok >{11} tests.unit.core.test_context.ContextTests.test_node [0.000122s] ... ok >{11} tests.unit.core.test_issue.IssueTests.test_issue_filter_confidence [0.000127s] ... ok >[text] INFO Text output written to file: output >{11} tests.unit.core.test_meta_ast.BanditMetaAstTests.test_str [0.000133s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >{9} tests.unit.cli.test_main.BanditCLIMainTests.test_main_exit_with_results [0.010585s] ... ok >[text] INFO Text output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp2eshhhbx/_temp_output >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.7.10 >[text] INFO Text output written to file: output >{2} tests.functional.test_functional.FunctionalTests.test_telnet_usage [0.012434s] ... ok >{9} tests.unit.core.test_manager.ManagerTests.test_output_results_invalid_format [0.001822s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{2} tests.unit.cli.test_config_generator.BanditConfigGeneratorLoggerTests.test_init_logger [0.000331s] ... ok >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >{2} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_parse_args_out_file [0.000837s] ... ok >[main] WARNING Baseline must be used with one of the following formats: ['custom', 'html', 'json', 'screen', 'txt'] >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp03z5lhcc' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{1} tests.functional.test_functional.FunctionalTests.test_os_popen [0.012094s] ... ok >Legacy blacklist data found in config, overriding data plugins >{11} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_none [0.001573s] ... ok >{11} tests.unit.core.test_util.UtilTests.test_get_call_name3 [0.006616s] ... ok >{1} tests.unit.core.test_context.ContextTests.test_get_call_arg_at_position [0.000871s] ... ok >{1} tests.unit.core.test_context.ContextTests.test_string_val [0.000116s] ... ok >{9} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_all [0.002070s] ... ok >{17} tests.unit.cli.test_main.BanditCLIMainTests.test_main_exit_with_no_results [0.012128s] ... ok >{1} tests.unit.core.test_manager.ManagerTests.test_create_manager_with_profile [0.000727s] ... ok >{1} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude_cmdline [0.002857s] ... ok >{1} tests.unit.formatters.test_text.TextFormatterTests.test_output_issue [0.000748s] ... ok >{9} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_syms [0.007233s] ... ok >{17} tests.unit.cli.test_main.BanditCLIMainTests.test_main_invalid_output_format [0.006826s] ... ok >{2} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_call_test [0.009625s] ... ok >{23} tests.functional.test_functional.FunctionalTests.test_asserts [0.009348s] ... ok >{2} tests.unit.core.test_context.ContextTests.test_get_lineno_for_call_arg [0.001131s] ... ok >{17} tests.unit.core.test_config.TestInit.test_file_does_not_exist [0.000611s] ... ok >{17} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude_glob [0.001789s] ... ok >{17} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_id [0.003526s] ... ok >{2} tests.unit.core.test_util.UtilTests.test_escaped_representation_valid_not_printable [0.006629s] ... ok >{10} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_get_config_settings [0.040012s] ... ok >{10} tests.unit.core.test_context.ContextTests.test_statement [0.000143s] ... ok >while parsing a flow sequence > in "/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpmtwdfzn6", line 1, column 3 >expected ',' or ']', but got '<stream end>' > in "/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpmtwdfzn6", line 1, column 14 >{17} tests.unit.core.test_util.UtilTests.test_escaped_representation_invalid [0.006154s] ... ok >{21} tests.functional.test_functional.FunctionalTests.test_mktemp [0.020249s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >{12} tests.functional.test_functional.FunctionalTests.test_subprocess_shell [0.037112s] ... ok >[main] INFO running on Python 3.7.10 >{12} tests.unit.core.test_config.TestInit.test_yaml_invalid [0.002024s] ... ok >[text] INFO Text output written to file: output >{12} tests.unit.core.test_context.ContextTests.test_check_call_arg_value [0.000649s] ... ok >{10} tests.unit.core.test_util.UtilTests.test_get_call_name1 [0.006521s] ... ok >{6} tests.functional.test_functional.FunctionalTests.test_weak_cryptographic_key [0.039962s] ... ok >{6} tests.unit.core.test_context.ContextTests.test_call_function_name [0.000146s] ... ok >{6} tests.unit.core.test_manager.ManagerTests.test_create_manager [0.000759s] ... ok >{6} tests.unit.formatters.test_html.HtmlFormatterTests.test_escaping [0.002944s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO Using command line arg for excluded paths >[main] INFO Using ini file for skipped tests >[main] INFO Using ini file for selected tests >[main] INFO Using command line arg for selected targets >[main] INFO Using command line arg for aggregate output type >[main] INFO Using command line arg for max code lines output for issue >[main] INFO Using command line arg for severity level >[main] INFO Using command line arg for confidence level >[main] INFO Using command line arg for output format >[main] INFO Using command line arg for output file >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: some_test >[main] INFO cli exclude tests: skip_test >{10} tests.unit.core.test_util.UtilTests.test_namespace_path_split [0.005875s] ... ok >{19} tests.functional.test_functional.FunctionalTests.test_crypto_md5 [0.043665s] ... ok >{18} tests.functional.test_functional.FunctionalTests.test_baseline_filter [0.040305s] ... ok >{10} tests.unit.formatters.test_text.TextFormatterTests.test_report_baseline [0.002642s] ... ok >{12} tests.unit.core.test_util.UtilTests.test_get_call_name2 [0.005673s] ... ok >[screen] INFO Screen formatter output was not written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpe4h0z2wv, consider '-f txt' >{15} tests.functional.test_functional.FunctionalTests.test_httpoxy [0.049740s] ... ok >{15} tests.functional.test_functional.FunctionalTests.test_unverified_context [0.003642s] ... ok >{12} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_missingmid [0.005617s] ... ok >{13} tests.functional.test_functional.FunctionalTests.test_django_xss_insecure [0.097597s] ... ok >{21} tests.functional.test_functional.FunctionalTests.test_nosec [0.019568s] ... ok >{15} tests.unit.cli.test_main.BanditCLIMainTests.test_main_exit_with_results_and_with_exit_zero_flag [0.010560s] ... ok >{15} tests.unit.core.test_context.ContextTests.test_is_module_imported_like [0.000181s] ... ok >{26} tests.functional.test_functional.FunctionalTests.test_httplib_https [0.021376s] ... ok >{24} tests.functional.test_functional.FunctionalTests.test_host_key_verification [0.034586s] ... ok >{25} tests.functional.test_functional.FunctionalTests.test_code_line_numbers [0.032416s] ... ok >{19} tests.functional.test_functional.FunctionalTests.test_flask_debug_true [0.008702s] ... ok >{20} tests.functional.test_functional.FunctionalTests.test_blacklist_pycrypto [0.035867s] ... ok >{15} tests.unit.core.test_manager.ManagerTests.test_run_tests_keyboardinterrupt [0.002933s] ... ok >{22} tests.functional.test_functional.FunctionalTests.test_ssl_insecure_version [0.049523s] ... ok >[config] WARNING Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp6ms7ujk_' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[config] WARNING Legacy blacklist data found in config, overriding data plugins >Unable to parse config file /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpnnknwaem or missing [bandit] section >File bandit_baseline_result.txt already exists, aborting >{13} tests.functional.test_functional.FunctionalTests.test_os_spawn [0.010722s] ... ok >{21} tests.unit.cli.test_main.BanditCLIMainTests.test_main_handle_ini_options [0.009223s] ... ok >Cannot resolve file path for module sys >{15} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_typical [0.006944s] ... ok >{13} tests.functional.test_functional.FunctionalTests.test_os_startfile [0.004782s] ... ok >{19} tests.functional.test_functional.FunctionalTests.test_imports_using_importlib [0.008020s] ... ok >{24} tests.functional.test_functional.FunctionalTests.test_yaml [0.010012s] ... ok >{15} tests.unit.formatters.test_screen.ScreenFormatterTests.test_no_issues [0.003559s] ... ok >[screen] INFO Screen formatter output was not written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpn7jydqi4, consider '-f txt' >[main] ERROR : >{19} tests.functional.test_functional.FunctionalTests.test_try_except_continue [0.008995s] ... ok >{21} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_call_data [0.011451s] ... ok >[screen] INFO Screen formatter output was not written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpn7jydqi4, consider '-f txt' >{19} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_empty_directory_no_target [0.001599s] ... ok >{28} tests.functional.test_functional.FunctionalTests.test_ignore_skip [0.035312s] ... ok >{21} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_builtin_blacklist_specific [0.001711s] ... ok >{29} tests.functional.test_functional.FunctionalTests.test_exec [0.032546s] ... ok >{14} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_existing_report_file [0.088232s] ... ok >{14} tests.unit.cli.test_main.BanditCLIMainTests.test_log_option_source_no_values [0.000411s] ... ok >{19} tests.unit.core.test_util.UtilTests.test_path_for_function_no_file [0.006310s] ... ok >{21} tests.unit.core.test_util.UtilTests.test_namespace_path_join [0.006231s] ... ok >{13} tests.functional.test_functional.FunctionalTests.test_popen_wrappers [0.019064s] ... ok >[config] WARNING Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpag1p_eji' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[config] WARNING Legacy blacklist data found in config, overriding data plugins >{33} tests.functional.test_functional.FunctionalTests.test_mark_safe [0.018468s] ... ok >{20} tests.functional.test_functional.FunctionalTests.test_urlopen [0.029418s] ... ok >{14} tests.unit.cli.test_main.BanditCLIMainTests.test_main_invalid_config [0.004109s] ... ok >{13} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_builtin_blacklist [0.001552s] ... ok >{19} tests.unit.formatters.test_html.HtmlFormatterTests.test_report_with_skipped [0.004146s] ... ok >{13} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_one [0.001399s] ... ok >{20} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_parse_args_no_defaults [0.002320s] ... ok >[screen] INFO Screen formatter output was not written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpqczcwzc5, consider '-f txt' >{29} tests.functional.test_functional.FunctionalTests.test_metric_gathering [0.008563s] ... ok >{21} tests.unit.formatters.test_screen.ScreenFormatterTests.test_report_nobaseline [0.005612s] ... ok >{13} tests.unit.formatters.test_text.TextFormatterTests.test_no_issues [0.002244s] ... ok >[config] WARNING Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpo45ulrtg' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[config] WARNING Legacy blacklist data found in config, overriding data plugins >{29} tests.functional.test_functional.FunctionalTests.test_paramiko_injection [0.004814s] ... ok >{20} tests.unit.cli.test_main.BanditCLIMainTests.test_main_profile_not_found [0.007238s] ... ok >{14} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_import_test [0.010077s] ... ok >{20} tests.unit.core.test_issue.IssueTests.test_issue_create [0.000145s] ... ok >[ INFO ] No output format specified, using terminal >{20} tests.unit.core.test_manager.ManagerTests.test_is_file_included [0.001188s] ... ok >{32} tests.functional.test_functional.FunctionalTests.test_binding [0.036336s] ... ok >Bandit baseline must be called from a git project root >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: badID >[main] INFO cli exclude tests: None >[main] ERROR Unknown test found in profile: badID >{20} tests.unit.formatters.test_screen.ScreenFormatterTests.test_report_baseline [0.002757s] ... ok >Skipping directory (thing), use -r flag to scan contents >{29} tests.functional.test_functional.FunctionalTests.test_try_except_pass [0.008394s] ... ok >{30} tests.functional.test_functional.FunctionalTests.test_hashlib_new_insecure_functions [0.043915s] ... ok >[utils] WARNING Unable to parse config file /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpi07dfdwk or missing [bandit] section >{14} tests.unit.core.test_config.TestConfigCompat.test_converted_exclude [0.008626s] ... ok >{14} tests.unit.core.test_manager.ManagerTests.test_matches_globlist [0.001421s] ... ok >{35} tests.functional.test_functional.FunctionalTests.test_django_sql_injection_raw [0.038597s] ... ok >{33} tests.functional.test_functional.FunctionalTests.test_wildcard_injection [0.027867s] ... ok >[ ERROR ] Unable to get current or parent commit >{30} tests.functional.test_functional.FunctionalTests.test_os_exec [0.010274s] ... ok >{3} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_git_command_failure [0.141532s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp0rcdybmw' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >Config file '' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{14} tests.unit.core.test_util.UtilTests.test_escaped_representation_mixed [0.006944s] ... ok >Config file '' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{32} tests.functional.test_functional.FunctionalTests.test_requests_ssl_verify_disabled [0.015869s] ... ok >{18} tests.functional.test_functional.FunctionalTests.test_xml [0.069414s] ... ok >{3} tests.unit.core.test_config.TestInit.test_settings [0.001911s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp5w5std6z' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{3} tests.unit.core.test_context.ContextTests.test_filename [0.000157s] ... ok >Legacy blacklist data found in config, overriding data plugins >{18} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_no_repo [0.002197s] ... ok >{33} tests.unit.cli.test_main.BanditCLIMainTests.test_main_unknown_tests [0.005579s] ... ok >{33} tests.unit.core.test_context.ContextTests.test__get_literal_value [0.000191s] ... ok >{33} tests.unit.core.test_context.ContextTests.test_is_module_imported_exact [0.000054s] ... ok >{3} tests.unit.core.test_manager.ManagerTests.test_discover_files_include [0.002183s] ... ok >{30} tests.functional.test_functional.FunctionalTests.test_tempnam [0.006313s] ... ok >{33} tests.unit.core.test_issue.IssueTests.test_matches_issue [0.000099s] ... ok >{3} tests.unit.core.test_manager.ManagerTests.test_discover_files_recurse_skip [0.001796s] ... ok >Run started:2021-04-29 02:00:20.689158 >Files in scope (1): > binding.py (score: {SEVERITY: 1, CONFIDENCE: 1}) >Files excluded (1): > def.py > >Test results: >ISSUE_OUTPUT_TEXT >-------------------------------------------------- >ISSUE_OUTPUT_TEXT >-------------------------------------------------- > >Code scanned: > Total lines of code: 1000 > Total lines skipped (#nosec): 50 > >Run metrics: > Total issues (by severity): > Undefined: 1 > Low: 1 > Medium: 1 > High: 1 > Total issues (by confidence): > Undefined: 1 > Low: 1 > Medium: 1 > High: 1 >Files skipped (1): > abc.py (File is bad) >{33} tests.unit.core.test_util.UtilTests.test_parse_ini_file [0.006205s] ... ok >{18} tests.unit.core.test_config.TestConfigCompat.test_blacklist_error [0.009290s] ... ok >{3} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_missingend [0.006316s] ... ok >{18} tests.unit.core.test_issue.IssueTests.test_get_code [0.000777s] ... ok >{30} tests.unit.core.test_config.TestConfigCompat.test_converted_include [0.009494s] ... ok >Bandit baseline must not be called with the -o option >{18} tests.unit.core.test_manager.ManagerTests.test_populate_baseline_invalid_json [0.001521s] ... ok >{34} tests.functional.test_functional.FunctionalTests.test_ciphers [0.069372s] ... ok >{18} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_with_dot [0.006072s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpipt9yifv' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{30} tests.unit.core.test_config.TestConfigCompat.test_deprecation_message [0.009488s] ... ok >{24} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_with_output_argument [0.076668s] ... ok >{30} tests.unit.core.test_manager.ManagerTests.test_results_count [0.000884s] ... ok >{35} tests.functional.test_functional.FunctionalTests.test_django_xss_secure [0.030871s] ... ok >usage: bandit-config-generator [-h] [--show-defaults] [-o OUTPUT_FILE] > [-t TESTS] [-s SKIPS] > >Bandit Config Generator > > This tool is used to generate an optional profile. The profile may be used > to include or skip tests and override values for plugins. > > When used to store an output profile, this tool will output a template that > includes all plugins and their default settings. Any settings which aren't > being overridden can be safely removed from the profile and default values > will be used. Bandit will prefer settings from the profile over the built > in values. > >optional arguments: > -h, --help show this help message and exit > --show-defaults show the default settings values for each plugin but do not output a profile > -o OUTPUT_FILE, --out OUTPUT_FILE > output file to save profile > -t TESTS, --tests TESTS > list of test names to run > -s SKIPS, --skip SKIPS > list of test names to skip >Run started:2021-04-29 02:00:20.705334 > >Test results: >ISSUE_OUTPUT_TEXT >-------------------------------------------------- >ISSUE_OUTPUT_TEXT > >-- Candidate Issues -- >ISSUE_OUTPUT_TEXT > > >ISSUE_OUTPUT_TEXT > > >-------------------------------------------------- > >Code scanned: > Total lines of code: 0 > Total lines skipped (#nosec): 0 > >Run metrics: > Total issues (by severity): > Undefined: 0 > Low: 0 > Medium: 0 > High: 0 > Total issues (by confidence): > Undefined: 0 > Low: 0 > Medium: 0 > High: 0 >Files skipped (0): >{30} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_missingend [0.006165s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpr_2ik70a' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{24} tests.unit.core.test_config.TestConfigCompat.test_bad_yaml [0.008514s] ... ok >{24} tests.unit.core.test_context.ContextTests.test_call_function_name_qual [0.000104s] ... ok >{24} tests.unit.core.test_issue.IssueTests.test_issue_as_dict [0.000103s] ... ok >{35} tests.functional.test_functional.FunctionalTests.test_sql_statements [0.011883s] ... ok >{35} tests.unit.cli.test_main.BanditCLIMainLoggerTests.test_init_logger [0.000266s] ... ok >[ INFO ] No output format specified, using terminal >{34} tests.functional.test_functional.FunctionalTests.test_django_sql_injection [0.023505s] ... ok >{34} tests.unit.core.test_blacklisting.BlacklistingTests.test_report_issue_defaults [0.000098s] ... ok >{24} tests.unit.formatters.test_html.HtmlFormatterTests.test_report_contents [0.008433s] ... ok >{35} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_typical [0.004989s] ... ok >{35} tests.unit.formatters.test_screen.ScreenFormatterTests.test_output_issue [0.000814s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp18dnf6pe' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{34} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_import_data [0.005642s] ... ok >{34} tests.unit.core.test_config.TestGetOption.test_levels [0.001137s] ... ok >{34} tests.unit.core.test_test_set.BanditTestSetTests.test_has_defaults [0.001029s] ... ok >{34} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_include [0.000896s] ... ok >[ INFO ] Got current commit: [6b85ce462589a749b5876a1ea7b7984a9330b5f7 master] >[ INFO ] Got parent commit: [5b49aa0f28f3bdbb5cfddd6ac83ef8ef3042f538 master~1] >[ INFO ] Getting Bandit baseline results >[ ERROR ] Error running command: ['discover', '-t', './', './tests', '--load-list', '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpdp96n5tt'] >Output: None > >[ INFO ] Comparing Bandit results to baseline >[ ERROR ] Error running command: ['discover', '-t', './', './tests', '--load-list', '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpdp96n5tt'] >Output: None > >{29} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_subprocess_error [0.127213s] ... ok >{29} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_has_builtin_blacklist [0.001427s] ... ok >{29} tests.unit.core.test_util.UtilTests.test_path_for_function [0.003968s] ... ok >None >{4} tests.functional.test_runtime.RuntimeTests.test_example_nonexistent [0.386295s] ... ok >{28} tests.functional.test_runtime.RuntimeTests.test_example_nonsense [0.297879s] ... ok >{22} tests.functional.test_runtime.RuntimeTests.test_no_arguments [0.318783s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: badID >[main] ERROR Unknown test found in profile: badID >{28} tests.unit.cli.test_main.BanditCLIMainTests.test_main_unknown_skip_tests [0.008179s] ... ok >{28} tests.unit.core.test_context.ContextTests.test_context_create [0.000493s] ... ok >{28} tests.unit.core.test_manager.ManagerTests.test_get_files_from_dir [0.001643s] ... ok >{28} tests.unit.core.test_manager.ManagerTests.test_run_tests_ioerror [0.001191s] ... ok >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpiq7v4d8b >{25} tests.functional.test_runtime.RuntimeTests.test_help_in_readme [0.345304s] ... ok >{25} tests.unit.core.test_docs_util.DocsUtilTests.test_plugin_call_bib [0.000144s] ... ok >{28} tests.unit.formatters.test_yaml.YamlFormatterTests.test_report [0.015989s] ... ok >{25} tests.unit.core.test_util.UtilTests.test_check_ast_node_bad_node [0.004373s] ... ok >Git command not found >{25} tests.unit.core.test_util.UtilTests.test_deepgetattr [0.003886s] ... ok >Cannot resolve file where 1 is defined >{4} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_git_command_failure [0.044878s] ... ok >{25} tests.unit.core.test_util.UtilTests.test_path_for_function_no_module [0.004163s] ... ok >Multiple .bandit files found - scan separately or choose one with --ini > /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp36dwzzuk/.bandit, /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp36dwzzuk/second_config_directory/.bandit >[ INFO ] No output format specified, using terminal >[ ERROR ] Bandit baseline must be called from a git project root >{4} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_non_repo [0.001386s] ... ok >{4} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_no_ini_path_multi_bandit_files [0.001066s] ... ok >{25} tests.unit.formatters.test_json.JsonFormatterTests.test_report [0.002080s] ... ok >{4} tests.unit.core.test_manager.ManagerTests.test_find_candidate_matches [0.000674s] ... ok >Current working directory is dirty and must be resolved >{22} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_dirty_repo [0.044670s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpziw8eg_n' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{22} tests.unit.core.test_config.TestConfigCompat.test_converted_exclude_blacklist [0.006333s] ... ok >{22} tests.unit.core.test_docs_util.DocsUtilTests.test_overwrite_bib_info [0.000139s] ... ok >{22} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_none [0.001196s] ... ok >{32} tests.functional.test_runtime.RuntimeTests.test_example_okay [0.317496s] ... ok >{22} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_missingmid [0.004036s] ... ok >{23} tests.functional.test_runtime.RuntimeTests.test_example_imports [0.432179s] ... ok >[ INFO ] No output format specified, using terminal >[ INFO ] Got current commit: [d98fd25c55d576334bbff976c52e693b23436c85 benign1] >[ INFO ] Got parent commit: [d0ccc02c267d0ad625d08169e4f2f321e0570ca8 master] >[ INFO ] Getting Bandit baseline results >{8} tests.functional.test_baseline.BaselineFunctionalTests.test_existing_and_new_candidates [0.680102s] ... ok >{31} tests.functional.test_baseline.BaselineFunctionalTests.test_no_new_candidates [0.585453s] ... ok >{16} tests.functional.test_baseline.BaselineFunctionalTests.test_no_existing_with_new_candidates [0.627688s] ... ok >{5} tests.functional.test_baseline.BaselineFunctionalTests.test_new_candidates_include_nosec_new_nosecs [0.707387s] ... ok >{7} tests.functional.test_baseline.BaselineFunctionalTests.test_new_candidates_include_nosec_only_nosecs [0.707131s] ... ok >{16} tests.functional.test_functional.FunctionalTests.test_cipher_modes [0.019461s] ... ok >{27} tests.functional.test_baseline.BaselineFunctionalTests.test_no_existing_no_new_candidates [0.633852s] ... ok >{16} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_parse_args_show_defaults [0.000741s] ... ok >{27} tests.unit.core.test_blacklisting.BlacklistingTests.test_report_issue [0.000217s] ... ok >{16} tests.unit.core.test_manager.ManagerTests.test_compare_baseline [0.000494s] ... ok >{31} tests.functional.test_functional.FunctionalTests.test_dill [0.022902s] ... ok >{5} tests.functional.test_functional.FunctionalTests.test_os_system [0.018004s] ... ok >{27} tests.unit.core.test_context.ContextTests.test_call_keywords [0.001316s] ... ok >{27} tests.unit.core.test_issue.IssueTests.test_issue_str [0.000088s] ... ok >{16} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_include_id [0.001137s] ... ok >{27} tests.unit.core.test_meta_ast.BanditMetaAstTests.test_add_node [0.000174s] ... ok >{31} tests.functional.test_functional.FunctionalTests.test_imports_function [0.003695s] ... ok >{7} tests.functional.test_functional.FunctionalTests.test_ftp_usage [0.020033s] ... ok >{16} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_sys [0.004089s] ... ok >{32} tests.functional.test_runtime.RuntimeTests.test_piped_input [0.239057s] ... ok >{27} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_syms [0.004139s] ... ok >{31} tests.functional.test_functional.FunctionalTests.test_mako_templating [0.002676s] ... ok >{27} tests.unit.formatters.test_csv.CsvFormatterTests.test_report [0.001065s] ... ok >{16} tests.unit.formatters.test_text.TextFormatterTests.test_report_nobaseline [0.002583s] ... ok >{7} tests.functional.test_functional.FunctionalTests.test_random_module [0.005147s] ... ok >{5} tests.functional.test_functional.FunctionalTests.test_pickle [0.010312s] ... ok >{23} tests.functional.test_runtime.RuntimeTests.test_example_nonsense2 [0.240231s] ... ok >{23} tests.unit.core.test_config.TestGetOption.test_levels_not_exist [0.002624s] ... ok >{23} tests.unit.core.test_config.TestGetSetting.test_not_exist [0.001034s] ... ok >{23} tests.unit.core.test_util.UtilTests.test_escaped_representation_simple [0.005177s] ... ok >{23} tests.unit.formatters.test_xml.XmlFormatterTests.test_report [0.001718s] ... ok >Temporary file _bandit_baseline_run.json_ needs to be removed prior to running >{32} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_existing_temp_file [0.042254s] ... ok >{32} tests.unit.core.test_docs_util.DocsUtilTests.test_import_call_bib [0.000139s] ... ok >[ INFO ] No output format specified, using terminal >{32} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_blacklist_compat [0.001268s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpise82njv/_bandit_baseline_run.json_ >[ INFO ] Got current commit: [ac63c44e6b3be85fa6ac5e46be84f9bc8a6613f1 master] >[ ERROR ] Parent commit not available >[main] DEBUG logging initialized >{7} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_no_parent_commit [0.065912s] ... ok >{7} tests.unit.cli.test_main.BanditCLIMainLoggerTests.test_init_logger_debug_mode [0.000388s] ... ok >{7} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude [0.001502s] ... ok >{7} tests.unit.core.test_util.UtilTests.test_linerange [0.004299s] ... ok >[ INFO ] Comparing Bandit results to baseline >{31} tests.functional.test_runtime.RuntimeTests.test_help_arg [0.233545s] ... ok >{31} tests.unit.core.test_context.ContextTests.test_call_args [0.001047s] ... ok >{5} tests.functional.test_runtime.RuntimeTests.test_nonexistent_config [0.231810s] ... ok >{31} tests.unit.core.test_manager.ManagerTests.test_output_results_valid_format [0.001434s] ... ok >{5} tests.unit.core.test_context.ContextTests.test_call_args_count [0.000427s] ... ok >{5} tests.unit.core.test_manager.ManagerTests.test_discover_files_recurse_files [0.001467s] ... ok >{5} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_invalid_path [0.003837s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.7.10 >Run started:2021-04-29 02:00:21.579268 > >Test results: > No issues identified. > >Code scanned: > Total lines of code: 1 > Total lines skipped (#nosec): 0 > >Run metrics: > Total issues (by severity): > Undefined: 0.0 > Low: 0.0 > Medium: 0.0 > High: 0.0 > Total issues (by confidence): > Undefined: 0.0 > Low: 0.0 > Medium: 0.0 > High: 0.0 >Files skipped (0): > >{8} tests.functional.test_baseline.BaselineFunctionalTests.test_no_new_candidates_include_nosec [0.499943s] ... ok >{8} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_main_show_defaults [0.002354s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] WARNING Could not open baseline report: base.json >{8} tests.unit.cli.test_main.BanditCLIMainTests.test_main_baseline_ioerror [0.004850s] ... ok >[main] ERROR bandit.yaml : Could not read config file. >{8} tests.unit.cli.test_main.BanditCLIMainTests.test_main_config_unopenable [0.001508s] ... ok >{8} tests.unit.core.test_issue.IssueTests.test_issue_filter_severity [0.000096s] ... ok >{8} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_include_none [0.001009s] ... ok ><MagicMock name='get_config_settings()' id='140705582435408'> >[ INFO ] No output format specified, using terminal >[ INFO ] Got current commit: [f754f7c963c6cf7e778c45930a6adacfd9341490 malicious] >[ INFO ] Got parent commit: [d98fd25c55d576334bbff976c52e693b23436c85 benign1] >[ INFO ] Getting Bandit baseline results >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpf2x2ixxg/_bandit_baseline_run.json_ >[ INFO ] Comparing Bandit results to baseline >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.7.10 >b"Run started:2021-04-29 02:00:22.356738\n\nTest results:\n>> Issue: [B605:start_process_with_a_shell] Starting a process with a shell: Seems safe, but may be changed in the future, consider rewriting without shell\n Severity: Low Confidence: High\n Location: ./malicious.py:3\n More Info: https://bandit.readthedocs.io/en/latest/plugins/b605_start_process_with_a_shell.html\n2\t\n3\tos.system('/bin/echo hi')\n\n--------------------------------------------------\n\nCode scanned:\n\tTotal lines of code: 3\n\tTotal lines skipped (#nosec): 0\n\nRun metrics:\n\tTotal issues (by severity):\n\t\tUndefined: 0.0\n\t\tLow: 1.0\n\t\tMedium: 0.0\n\t\tHigh: 0.0\n\tTotal issues (by confidence):\n\t\tUndefined: 0.0\n\t\tLow: 0.0\n\t\tMedium: 0.0\n\t\tHigh: 1.0\nFiles skipped (0):\n" >[ INFO ] No output format specified, using terminal >[ INFO ] Got current commit: [aa99b3af0c7be6471cec83399afe4822c8d1c14c benign2] >[ INFO ] Got parent commit: [f754f7c963c6cf7e778c45930a6adacfd9341490 malicious] >[ INFO ] Getting Bandit baseline results >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpl8jg_sfq/_bandit_baseline_run.json_ >[ INFO ] Comparing Bandit results to baseline >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.7.10 >Run started:2021-04-29 02:00:23.133509 > >Test results: > No issues identified. > >Code scanned: > Total lines of code: 4 > Total lines skipped (#nosec): 0 > >Run metrics: > Total issues (by severity): > Undefined: 0.0 > Low: 1.0 > Medium: 0.0 > High: 0.0 > Total issues (by confidence): > Undefined: 0.0 > Low: 0.0 > Medium: 0.0 > High: 1.0 >Files skipped (0): > >{26} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_bandit_baseline [2.523315s] ... ok >{26} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_init_logger [0.000369s] ... ok >{26} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_no_ini_path_no_bandit_files [0.000667s] ... ok >{26} tests.unit.core.test_manager.ManagerTests.test_populate_baseline_success [0.000710s] ... ok >{26} tests.unit.core.test_util.UtilTests.test_check_ast_node_good [0.003705s] ... ok >{26} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_dir [0.003621s] ... ok > >====== >Totals >====== >Ran: 251 tests in 2.6547 sec. > - Passed: 251 > - Skipped: 0 > - Expected Fail: 0 > - Unexpected Success: 0 > - Failed: 0 >Sum of execute time for each test: 12.8524 sec. > >============== >Worker Balance >============== > - Worker 0 (7 tests) => 0:00:00.047702 > - Worker 1 (7 tests) => 0:00:00.083890 > - Worker 2 (7 tests) => 0:00:00.074428 > - Worker 3 (7 tests) => 0:00:00.193325 > - Worker 4 (7 tests) => 0:00:00.484067 > - Worker 5 (7 tests) => 0:00:00.975542 > - Worker 6 (7 tests) => 0:00:00.092753 > - Worker 7 (7 tests) => 0:00:00.806880 > - Worker 8 (7 tests) => 0:00:01.191890 > - Worker 9 (7 tests) => 0:00:00.073883 > - Worker 10 (7 tests) => 0:00:00.102996 > - Worker 11 (7 tests) => 0:00:00.051877 > - Worker 12 (7 tests) => 0:00:00.096400 > - Worker 13 (7 tests) => 0:00:00.140687 > - Worker 14 (7 tests) => 0:00:00.123570 > - Worker 15 (7 tests) => 0:00:00.080568 > - Worker 16 (7 tests) => 0:00:00.658348 > - Worker 17 (7 tests) => 0:00:00.034123 > - Worker 18 (7 tests) => 0:00:00.132444 > - Worker 19 (7 tests) => 0:00:00.084530 > - Worker 20 (7 tests) => 0:00:00.082414 > - Worker 21 (7 tests) => 0:00:00.077395 > - Worker 22 (7 tests) => 0:00:00.427146 > - Worker 23 (7 tests) => 0:00:00.695413 > - Worker 24 (7 tests) => 0:00:00.140965 > - Worker 25 (7 tests) => 0:00:00.394680 > - Worker 26 (7 tests) => 0:00:02.555882 > - Worker 27 (7 tests) => 0:00:00.642945 > - Worker 28 (7 tests) => 0:00:00.364033 > - Worker 29 (7 tests) => 0:00:00.189800 > - Worker 30 (7 tests) => 0:00:00.089188 > - Worker 31 (7 tests) => 0:00:00.853006 > - Worker 32 (7 tests) => 0:00:00.655350 > - Worker 33 (7 tests) => 0:00:00.060340 > - Worker 34 (7 tests) => 0:00:00.103317 > - Worker 35 (6 tests) => 0:00:00.089431 > * python3_8: running distutils-r1_run_phase python_test >python3.8 setup.py install --root=/var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test --install-lib=lib --install-scripts=scripts >running install >[pbr] Generating AUTHORS >[pbr] AUTHORS complete (0.0s) >running build >running build_py >running egg_info >writing bandit.egg-info/PKG-INFO >writing dependency_links to bandit.egg-info/dependency_links.txt >writing entry points to bandit.egg-info/entry_points.txt >writing requirements to bandit.egg-info/requires.txt >writing top-level names to bandit.egg-info/top_level.txt >[pbr] Reusing existing SOURCES.txt >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > warnings.warn( >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > warnings.warn( >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > warnings.warn( >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > warnings.warn( >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > warnings.warn( >/usr/lib/python3.8/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > warnings.warn( >warning: build_py: byte-compiling is disabled, skipping. > >running install_lib >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/blacklists/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/blacklists/calls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/blacklists/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/blacklists/imports.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/node_visitor.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/constants.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/test_set.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/metrics.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/meta_ast.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/issue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/manager.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/config.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/test_properties.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/docs_utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/context.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/extension_loader.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/blacklisting.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/core/tester.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/core >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/jinja2_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/general_bind_all_interfaces.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/mako_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/injection_shell.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/yaml_load.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/injection_paramiko.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/try_except_continue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/django_xss.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/asserts.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/ssh_no_host_key_verification.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/insecure_ssl_tls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/hashlib_new_insecure_functions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/crypto_request_no_cert_validation.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/injection_wildcard.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/exec.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/try_except_pass.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/weak_cryptographic_key.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/general_bad_file_permissions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/general_hardcoded_tmp.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/injection_sql.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/app_debug.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/general_hardcoded_password.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/plugins/django_sql_injection.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/plugins >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/cli/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/cli/config_generator.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/cli/baseline.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/cli/main.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/cli >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters/html.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters/text.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters/xml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters/csv.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters/screen.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters/json.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters/custom.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/formatters/yaml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/lib/bandit/__main__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit >warning: install_lib: byte-compiling is disabled, skipping. > >running install_egg_info >Copying bandit.egg-info to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/lib/bandit-1.7.0-py3.8.egg-info >running install_scripts >Installing bandit script to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/scripts >Installing bandit-baseline script to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/scripts >Installing bandit-config-generator script to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_8/build/test/scripts >Skipping directory (thing), use -r flag to scan contents >[ INFO ] No output format specified, using terminal >[ ERROR ] Bandit baseline must be called from a git project root >{11} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_non_repo [0.002573s] ... ok >{11} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude_cmdline [0.002888s] ... ok >{11} tests.unit.core.test_manager.ManagerTests.test_discover_files_recurse_skip [0.001397s] ... ok >{11} tests.unit.core.test_manager.ManagerTests.test_output_results_invalid_format [0.001501s] ... ok >{11} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_blacklist_compat [0.001558s] ... ok >{0} tests.functional.test_functional.FunctionalTests.test_blacklist_pycrypto [0.034714s] ... ok >{11} tests.unit.core.test_util.UtilTests.test_get_call_name3 [0.006072s] ... ok >{0} tests.functional.test_functional.FunctionalTests.test_host_key_verification [0.004297s] ... ok >{11} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_missingend [0.006074s] ... ok >{0} tests.functional.test_functional.FunctionalTests.test_imports_using_importlib [0.006726s] ... ok >{13} tests.functional.test_functional.FunctionalTests.test_tempnam [0.030652s] ... ok >{12} tests.functional.test_functional.FunctionalTests.test_nosec [0.032843s] ... ok >{14} tests.functional.test_functional.FunctionalTests.test_multiline_code [0.031624s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >{15} tests.functional.test_functional.FunctionalTests.test_binding [0.033116s] ... ok >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.8.9 >{8} tests.functional.test_functional.FunctionalTests.test_hashlib_new_insecure_functions [0.040360s] ... ok >[text] INFO Text output written to file: output >{4} tests.functional.test_functional.FunctionalTests.test_baseline_filter [0.054478s] ... ok >{13} tests.unit.cli.test_main.BanditCLIMainTests.test_main_exit_with_no_results [0.010503s] ... ok >{13} tests.unit.core.test_docs_util.DocsUtilTests.test_overwrite_bib_info [0.000386s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpk48pyyit' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >Config file '' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Config file '' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{14} tests.unit.core.test_config.TestConfigCompat.test_blacklist_error [0.009617s] ... ok >{7} tests.functional.test_functional.FunctionalTests.test_hardcoded_passwords [0.038591s] ... ok >{8} tests.functional.test_functional.FunctionalTests.test_no_blacklist_pycryptodome [0.006146s] ... ok >{13} tests.unit.core.test_manager.ManagerTests.test_populate_baseline_invalid_json [0.001927s] ... ok >{10} tests.functional.test_functional.FunctionalTests.test_dill [0.040640s] ... ok >{7} tests.functional.test_functional.FunctionalTests.test_mark_safe [0.003191s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpprr5pyxr' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{4} tests.functional.test_functional.FunctionalTests.test_hardcoded_tmp [0.010106s] ... ok >[csv] INFO CSV output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp_zy_j57i >{13} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_missingend [0.006404s] ... ok >[text] INFO Text output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpjjqhi1e6 >{14} tests.unit.core.test_config.TestConfigCompat.test_converted_include [0.008746s] ... ok >{14} tests.unit.core.test_context.ContextTests.test_statement [0.000176s] ... ok >{14} tests.unit.core.test_meta_ast.BanditMetaAstTests.test_add_node [0.000144s] ... ok >{12} tests.functional.test_functional.FunctionalTests.test_os_chmod [0.019925s] ... ok >{13} tests.unit.formatters.test_csv.CsvFormatterTests.test_report [0.001591s] ... ok >{14} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_id [0.001964s] ... ok >[text] INFO Text output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpjjqhi1e6 >{14} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_include_none [0.001741s] ... ok >{4} tests.functional.test_functional.FunctionalTests.test_imports_aliases [0.007096s] ... ok >{4} tests.unit.core.test_context.ContextTests.test_context_create [0.000428s] ... ok >{0} tests.functional.test_functional.FunctionalTests.test_weak_cryptographic_key [0.033108s] ... ok >{13} tests.unit.formatters.test_text.TextFormatterTests.test_report_nobaseline [0.006355s] ... ok >{4} tests.unit.core.test_docs_util.DocsUtilTests.test_plugin_call_bib [0.000100s] ... ok >{4} tests.unit.core.test_manager.ManagerTests.test_is_file_included [0.001057s] ... ok >{4} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_include [0.001586s] ... ok >{20} tests.functional.test_functional.FunctionalTests.test_nonsense [0.007616s] ... ok >{17} tests.functional.test_functional.FunctionalTests.test_jinja2_templating [0.041434s] ... ok >[main] ERROR bandit.yaml : Could not read config file. >{17} tests.unit.cli.test_main.BanditCLIMainTests.test_main_config_unopenable [0.003397s] ... ok >{17} tests.unit.core.test_context.ContextTests.test_call_args [0.001519s] ... ok >{17} tests.unit.core.test_context.ContextTests.test_get_call_arg_at_position [0.000666s] ... ok >{17} tests.unit.core.test_context.ContextTests.test_node [0.000329s] ... ok >{10} tests.functional.test_functional.FunctionalTests.test_django_xss_secure [0.038111s] ... ok >{17} tests.unit.core.test_util.UtilTests.test_check_ast_node_bad_type [0.006647s] ... ok >{18} tests.functional.test_functional.FunctionalTests.test_partial_path [0.035796s] ... ok >{10} tests.functional.test_functional.FunctionalTests.test_imports [0.002549s] ... ok >{24} tests.functional.test_functional.FunctionalTests.test_asserts [0.009552s] ... ok >{17} tests.unit.core.test_util.UtilTests.test_linerange [0.006607s] ... ok >{19} tests.functional.test_functional.FunctionalTests.test_os_exec [0.037310s] ... ok >{10} tests.functional.test_functional.FunctionalTests.test_mktemp [0.004889s] ... ok >{18} tests.functional.test_functional.FunctionalTests.test_shelve [0.007157s] ... ok >File bandit_baseline_result.txt already exists, aborting >{15} tests.functional.test_functional.FunctionalTests.test_django_xss_insecure [0.060403s] ... ok >[ INFO ] No output format specified, using terminal >{23} tests.functional.test_functional.FunctionalTests.test_cipher_modes [0.033240s] ... ok >{16} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_existing_report_file [0.077120s] ... ok >{20} tests.functional.test_functional.FunctionalTests.test_popen_wrappers [0.034938s] ... ok >{28} tests.functional.test_functional.FunctionalTests.test_httplib_https [0.017956s] ... ok >Bandit baseline must be called from a git project root >{23} tests.functional.test_functional.FunctionalTests.test_code_line_numbers [0.005273s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >{15} tests.functional.test_functional.FunctionalTests.test_ftp_usage [0.009383s] ... ok >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.8.9 >{28} tests.functional.test_functional.FunctionalTests.test_imports_from [0.002667s] ... ok >{21} tests.functional.test_functional.FunctionalTests.test_sql_statements [0.047433s] ... ok >{19} tests.functional.test_functional.FunctionalTests.test_requests_ssl_verify_disabled [0.014402s] ... ok >{19} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_no_repo [0.002232s] ... ok >[text] INFO Text output written to file: output >{20} tests.unit.cli.test_main.BanditCLIMainTests.test_main_exit_with_results [0.009840s] ... ok >Unable to parse config file /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmphxj2x3mp or missing [bandit] section >Git command not found >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >{23} tests.functional.test_functional.FunctionalTests.test_yaml [0.008991s] ... ok >[main] WARNING Baseline must be used with one of the following formats: ['custom', 'html', 'json', 'screen', 'txt'] >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpn1mx1hut' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{23} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_no_ini_path_no_target [0.000120s] ... ok >{15} tests.functional.test_functional.FunctionalTests.test_os_spawn [0.008454s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{34} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_empty_directory_no_target [0.001553s] ... ok >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >{23} tests.unit.core.test_issue.IssueTests.test_issue_filter_confidence [0.000111s] ... ok >[main] WARNING Could not open baseline report: base.json >{24} tests.functional.test_functional.FunctionalTests.test_eval [0.030521s] ... ok >{23} tests.unit.core.test_manager.ManagerTests.test_matches_globlist [0.000976s] ... ok >{23} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_has_builtin_blacklist [0.001538s] ... ok >{21} tests.functional.test_functional.FunctionalTests.test_telnet_usage [0.010605s] ... ok >{19} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_call_test [0.010671s] ... ok >{20} tests.unit.cli.test_main.BanditCLIMainTests.test_main_invalid_output_format [0.006334s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp1gs9iwss' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{24} tests.functional.test_functional.FunctionalTests.test_exec [0.002612s] ... ok >{12} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_git_command_failure [0.069842s] ... ok >{20} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude [0.001857s] ... ok >{28} tests.functional.test_functional.FunctionalTests.test_os_startfile [0.015270s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{12} tests.unit.core.test_context.ContextTests.test_call_keywords [0.001664s] ... ok >[main] INFO profile include tests: None >{34} tests.unit.cli.test_main.BanditCLIMainTests.test_main_baseline_ioerror [0.007595s] ... ok >[main] INFO profile exclude tests: None >[main] INFO cli include tests: badID >[main] INFO cli exclude tests: None >[main] ERROR Unknown test found in profile: badID >{20} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude_dir [0.001937s] ... ok >{20} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_one [0.001704s] ... ok >[config] WARNING Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmphg9g9lhl' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[config] WARNING Legacy blacklist data found in config, overriding data plugins >{30} tests.functional.test_functional.FunctionalTests.test_metric_gathering [0.031847s] ... ok >{19} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_import_data [0.008348s] ... ok >{12} tests.unit.core.test_util.UtilTests.test_get_call_name1 [0.006017s] ... ok >{24} tests.functional.test_functional.FunctionalTests.test_imports_function [0.005914s] ... ok >{32} tests.functional.test_functional.FunctionalTests.test_okay [0.029068s] ... ok >{28} tests.unit.cli.test_main.BanditCLIMainTests.test_main_unknown_tests [0.006925s] ... ok >[text] INFO Text output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpv7bfr9dv/_temp_output.txt >{34} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_call_data [0.008310s] ... ok >[config] WARNING Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpch3y1w89' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[config] WARNING Legacy blacklist data found in config, overriding data plugins >{34} tests.unit.core.test_context.ContextTests.test_call_function_name_qual [0.000187s] ... ok >{30} tests.functional.test_functional.FunctionalTests.test_skip [0.006875s] ... ok >{34} tests.unit.core.test_manager.ManagerTests.test_discover_files_include [0.001804s] ... ok >{19} tests.unit.core.test_manager.ManagerTests.test_run_tests_keyboardinterrupt [0.006348s] ... ok >{12} tests.unit.core.test_util.UtilTests.test_namespace_path_split [0.005270s] ... ok >{34} tests.unit.core.test_manager.ManagerTests.test_output_results_valid_format [0.001660s] ... ok >{25} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_get_config_settings [0.036725s] ... ok >{28} tests.unit.core.test_config.TestConfigCompat.test_bad_yaml [0.007947s] ... ok >{25} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_no_ini_path_no_bandit_files [0.001156s] ... ok >{22} tests.functional.test_functional.FunctionalTests.test_ciphers [0.075807s] ... ok >{12} tests.unit.formatters.test_html.HtmlFormatterTests.test_escaping [0.002826s] ... ok >{28} tests.unit.core.test_context.ContextTests.test_is_module_imported_exact [0.000148s] ... ok >{25} tests.unit.core.test_context.ContextTests.test_is_module_being_imported [0.000118s] ... ok >{33} tests.functional.test_functional.FunctionalTests.test_django_sql_injection_raw [0.035481s] ... ok >{25} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_include_id [0.001336s] ... ok >[main] DEBUG logging initialized >{19} tests.unit.core.test_util.UtilTests.test_escaped_representation_mixed [0.006513s] ... ok >{34} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_syms [0.006385s] ... ok >{33} tests.functional.test_functional.FunctionalTests.test_mako_templating [0.004002s] ... ok >{32} tests.functional.test_functional.FunctionalTests.test_pickle [0.014822s] ... ok >{28} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_typical [0.007013s] ... ok >{25} tests.unit.core.test_util.UtilTests.test_check_ast_node_bad_node [0.005763s] ... ok >{32} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_parse_args_no_defaults [0.001989s] ... ok >{32} tests.unit.cli.test_main.BanditCLIMainLoggerTests.test_init_logger_debug_mode [0.000441s] ... ok >[ INFO ] Got current commit: [62f62e9e43943dcb41b337f643b9faf0204c7761 master] >[ INFO ] No output format specified, using terminal >Temporary file _bandit_baseline_run.json_ needs to be removed prior to running >{25} tests.unit.core.test_util.UtilTests.test_escaped_representation_valid_not_printable [0.005836s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpdrzjuiaw' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{22} tests.functional.test_functional.FunctionalTests.test_httpoxy [0.016710s] ... ok >{32} tests.unit.core.test_config.TestConfigCompat.test_deprecation_message [0.007523s] ... ok >{32} tests.unit.core.test_issue.IssueTests.test_issue_as_dict [0.000183s] ... ok >{31} tests.functional.test_functional.FunctionalTests.test_django_sql_injection [0.060406s] ... ok >{10} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_existing_temp_file [0.065529s] ... ok >{10} tests.unit.core.test_blacklisting.BlacklistingTests.test_report_issue_defaults [0.000260s] ... ok >{33} tests.functional.test_functional.FunctionalTests.test_ssl_insecure_version [0.013632s] ... ok >{35} tests.functional.test_functional.FunctionalTests.test_wildcard_injection [0.031358s] ... ok >{25} tests.unit.core.test_util.UtilTests.test_get_call_name2 [0.006039s] ... ok >{10} tests.unit.core.test_config.TestInit.test_file_does_not_exist [0.000786s] ... ok >{33} tests.functional.test_functional.FunctionalTests.test_subdirectory_okay [0.001688s] ... ok >{32} tests.unit.formatters.test_screen.ScreenFormatterTests.test_report_nobaseline [0.003523s] ... ok >{31} tests.functional.test_functional.FunctionalTests.test_paramiko_injection [0.004349s] ... ok >{30} tests.functional.test_functional.FunctionalTests.test_subprocess_shell [0.027484s] ... ok >{33} tests.unit.core.test_manager.ManagerTests.test_discover_files_recurse_files [0.001818s] ... ok >{31} tests.unit.core.test_context.ContextTests.test_get_lineno_for_call_arg [0.001240s] ... ok >{33} tests.unit.core.test_manager.ManagerTests.test_run_tests_ioerror [0.001468s] ... ok >Unable to parse config file /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmppsnt7gbh or missing [bandit] section >{31} tests.unit.core.test_manager.ManagerTests.test_compare_baseline [0.000795s] ... ok >{33} tests.unit.formatters.test_screen.ScreenFormatterTests.test_no_issues [0.002139s] ... ok >[ INFO ] Got parent commit: [af70bd590663daf885da309ba520d5ecba1b1056 master~1] >Cannot resolve file where 1 is defined >{31} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_syms [0.006455s] ... ok >{31} tests.unit.core.test_util.UtilTests.test_parse_ini_file [0.008061s] ... ok >[ INFO ] Got current commit: [af70bd590663daf885da309ba520d5ecba1b1056 master] >{31} tests.unit.core.test_util.UtilTests.test_path_for_function_no_module [0.006101s] ... ok >[ ERROR ] Parent commit not available >{16} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_no_parent_commit [0.091568s] ... ok >{16} tests.unit.cli.test_main.BanditCLIMainTests.test_log_option_source_ini_value [0.000272s] ... ok >{16} tests.unit.core.test_context.ContextTests.test_filename [0.000185s] ... ok >[ INFO ] Getting Bandit baseline results >[ ERROR ] Error running command: ['discover', '-t', './', './tests', '--load-list', '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp05w9qik0'] >Output: None > >[ INFO ] Comparing Bandit results to baseline >[ ERROR ] Error running command: ['discover', '-t', './', './tests', '--load-list', '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp05w9qik0'] >Output: None > >{16} tests.unit.core.test_test_set.BanditTestSetTests.test_has_defaults [0.002049s] ... ok >{8} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_subprocess_error [0.154210s] ... ok >{8} tests.unit.cli.test_main.BanditCLIMainTests.test_init_extensions [0.000280s] ... ok >{8} tests.unit.core.test_context.ContextTests.test__get_literal_value [0.000407s] ... ok >{16} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_none [0.002448s] ... ok >{16} tests.unit.formatters.test_screen.ScreenFormatterTests.test_output_issue [0.000851s] ... ok >{35} tests.functional.test_functional.FunctionalTests.test_xml [0.043106s] ... ok >{35} tests.unit.cli.test_config_generator.BanditConfigGeneratorLoggerTests.test_init_logger [0.000312s] ... ok >{8} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_with_dot [0.005793s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: badID >[main] ERROR Unknown test found in profile: badID >{35} tests.unit.cli.test_main.BanditCLIMainTests.test_main_unknown_skip_tests [0.004895s] ... ok >{8} tests.unit.formatters.test_text.TextFormatterTests.test_report_baseline [0.003141s] ... ok >None >{35} tests.unit.core.test_config.TestGetOption.test_levels_not_exist [0.001581s] ... ok >usage: bandit-config-generator [-h] [--show-defaults] [-o OUTPUT_FILE] > [-t TESTS] [-s SKIPS] > >Bandit Config Generator > > This tool is used to generate an optional profile. The profile may be used > to include or skip tests and override values for plugins. > > When used to store an output profile, this tool will output a template that > includes all plugins and their default settings. Any settings which aren't > being overridden can be safely removed from the profile and default values > will be used. Bandit will prefer settings from the profile over the built > in values. > >optional arguments: > -h, --help show this help message and exit > --show-defaults show the default settings values for each plugin but do not output a profile > -o OUTPUT_FILE, --out OUTPUT_FILE > output file to save profile > -t TESTS, --tests TESTS > list of test names to run > -s SKIPS, --skip SKIPS > list of test names to skip >Run started:2021-04-29 02:00:25.665039 >Files in scope (1): > binding.py (score: {SEVERITY: 1, CONFIDENCE: 1}) >Files excluded (1): > def.py > >Test results: >ISSUE_OUTPUT_TEXT >-------------------------------------------------- >ISSUE_OUTPUT_TEXT >-------------------------------------------------- > >Code scanned: > Total lines of code: 1000 > Total lines skipped (#nosec): 50 > >Run metrics: > Total issues (by severity): > Undefined: 1 > Low: 1 > Medium: 1 > High: 1 > Total issues (by confidence): > Undefined: 1 > Low: 1 > Medium: 1 > High: 1 >Files skipped (1): > abc.py (File is bad) >{35} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_all [0.001528s] ... ok >{5} tests.functional.test_runtime.RuntimeTests.test_help_in_readme [0.346500s] ... ok >{5} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_parse_args_show_defaults [0.000915s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO Using command line arg for excluded paths >[main] INFO Using ini file for skipped tests >[main] INFO Using ini file for selected tests >[main] INFO Using command line arg for selected targets >[main] INFO Using command line arg for aggregate output type >[main] INFO Using command line arg for max code lines output for issue >[main] INFO Using command line arg for severity level >[main] INFO Using command line arg for confidence level >[main] INFO Using command line arg for output format >[main] INFO Using command line arg for output file >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: some_test >[main] INFO cli exclude tests: skip_test >{5} tests.unit.cli.test_main.BanditCLIMainTests.test_main_handle_ini_options [0.008857s] ... ok >{5} tests.unit.core.test_context.ContextTests.test_call_args_count [0.000357s] ... ok >{5} tests.unit.core.test_context.ContextTests.test_call_function_name [0.000104s] ... ok >{5} tests.unit.core.test_issue.IssueTests.test_get_code [0.000667s] ... ok >{5} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_invalid_path [0.006076s] ... ok >{0} tests.functional.test_runtime.RuntimeTests.test_example_imports [0.294080s] ... ok >{0} tests.unit.core.test_blacklisting.BlacklistingTests.test_report_issue [0.000143s] ... ok >{2} tests.functional.test_runtime.RuntimeTests.test_example_nonsense [0.367198s] ... ok >{2} tests.unit.cli.test_main.BanditCLIMainLoggerTests.test_init_logger [0.000565s] ... ok >[main] ERROR : >{0} tests.unit.core.test_util.UtilTests.test_deepgetattr [0.004456s] ... ok >{2} tests.unit.cli.test_main.BanditCLIMainTests.test_main_invalid_config [0.003829s] ... ok >[config] WARNING Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpf0u4eh3i' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[config] WARNING Legacy blacklist data found in config, overriding data plugins >{2} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_import_test [0.009427s] ... ok >{2} tests.unit.core.test_config.TestInit.test_settings [0.001228s] ... ok >{2} tests.unit.core.test_issue.IssueTests.test_issue_filter_severity [0.000185s] ... ok >{2} tests.unit.core.test_util.UtilTests.test_path_for_function [0.006041s] ... ok >{15} tests.functional.test_runtime.RuntimeTests.test_nonexistent_config [0.277667s] ... ok >{15} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_dir [0.004459s] ... ok >Cannot resolve file path for module sys >{15} tests.unit.core.test_util.UtilTests.test_path_for_function_no_file [0.004237s] ... ok >{22} tests.functional.test_runtime.RuntimeTests.test_no_arguments [0.264799s] ... ok >{30} tests.functional.test_runtime.RuntimeTests.test_example_nonexistent [0.262071s] ... ok >{22} tests.unit.core.test_config.TestGetOption.test_levels [0.002144s] ... ok >{22} tests.unit.core.test_config.TestGetSetting.test_not_exist [0.000835s] ... ok >{30} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_parse_args_out_file [0.001219s] ... ok >{30} tests.unit.core.test_issue.IssueTests.test_matches_issue [0.000228s] ... ok >{30} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_none [0.001947s] ... ok >{22} tests.unit.core.test_util.UtilTests.test_namespace_path_join [0.004322s] ... ok >{22} tests.unit.formatters.test_text.TextFormatterTests.test_no_issues [0.001815s] ... ok >{24} tests.functional.test_runtime.RuntimeTests.test_piped_input [0.310373s] ... ok >{24} tests.unit.core.test_context.ContextTests.test_function_def_defaults_qual [0.001224s] ... ok >{24} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_missingmid [0.004277s] ... ok >{7} tests.functional.test_runtime.RuntimeTests.test_example_nonsense2 [0.401029s] ... ok >{21} tests.functional.test_runtime.RuntimeTests.test_example_okay [0.335033s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpmic3mer_' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{21} tests.unit.core.test_config.TestConfigCompat.test_converted_exclude_blacklist [0.005682s] ... ok >{21} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude_glob [0.001477s] ... ok >{21} tests.unit.formatters.test_html.HtmlFormatterTests.test_report_contents [0.007401s] ... ok >{21} tests.unit.formatters.test_text.TextFormatterTests.test_output_issue [0.000527s] ... ok >{18} tests.functional.test_runtime.RuntimeTests.test_help_arg [0.380678s] ... ok >{18} tests.unit.core.test_manager.ManagerTests.test_populate_baseline_success [0.001287s] ... ok >[ INFO ] No output format specified, using terminal >{18} tests.unit.core.test_util.UtilTests.test_escaped_representation_invalid [0.007499s] ... ok >{18} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_typical [0.006121s] ... ok >{18} tests.unit.formatters.test_xml.XmlFormatterTests.test_report [0.001768s] ... ok >[ ERROR ] Unable to get current or parent commit >{7} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_git_command_failure [0.048546s] ... ok >{7} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_main_show_defaults [0.002144s] ... ok >{7} tests.unit.core.test_context.ContextTests.test_string_val [0.000102s] ... ok >{7} tests.unit.core.test_docs_util.DocsUtilTests.test_import_call_bib [0.000089s] ... ok ><MagicMock name='get_config_settings()' id='140039870221136'> >{1} tests.functional.test_baseline.BaselineFunctionalTests.test_existing_and_new_candidates [0.636794s] ... ok >{3} tests.functional.test_baseline.BaselineFunctionalTests.test_no_existing_no_new_candidates [0.634456s] ... ok >{6} tests.functional.test_baseline.BaselineFunctionalTests.test_no_existing_with_new_candidates [0.638126s] ... ok >{1} tests.functional.test_functional.FunctionalTests.test_crypto_md5 [0.022511s] ... ok >{9} tests.functional.test_baseline.BaselineFunctionalTests.test_no_new_candidates_include_nosec [0.645692s] ... ok >{3} tests.functional.test_functional.FunctionalTests.test_flask_debug_true [0.019344s] ... ok >Multiple .bandit files found - scan separately or choose one with --ini > /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp1uwd8aio/.bandit, /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp1uwd8aio/second_config_directory/.bandit >{9} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_no_ini_path_multi_bandit_files [0.001657s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{3} tests.functional.test_functional.FunctionalTests.test_try_except_continue [0.004781s] ... ok >{3} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_init_logger [0.000283s] ... ok >{9} tests.unit.cli.test_main.BanditCLIMainTests.test_main_profile_not_found [0.004540s] ... ok >{3} tests.unit.core.test_context.ContextTests.test_repr [0.000087s] ... ok >[config] ERROR while parsing a flow sequence > in "/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpda5bwzfu", line 1, column 3 >expected ',' or ']', but got '<stream end>' > in "/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpda5bwzfu", line 1, column 14 >{9} tests.unit.core.test_config.TestInit.test_yaml_invalid [0.000844s] ... ok >{3} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_builtin_blacklist_specific [0.001081s] ... ok >{9} tests.unit.core.test_context.ContextTests.test_check_call_arg_value [0.000358s] ... ok >{3} tests.unit.formatters.test_screen.ScreenFormatterTests.test_report_baseline [0.001494s] ... ok >{6} tests.functional.test_functional.FunctionalTests.test_ignore_skip [0.016518s] ... ok >{9} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_missingmid [0.003710s] ... ok >Run started:2021-04-29 02:00:26.154885 > >Test results: >ISSUE_OUTPUT_TEXT >-------------------------------------------------- >ISSUE_OUTPUT_TEXT > >-- Candidate Issues -- >ISSUE_OUTPUT_TEXT > > >ISSUE_OUTPUT_TEXT > > >-------------------------------------------------- > >Code scanned: > Total lines of code: 0 > Total lines skipped (#nosec): 0 > >Run metrics: > Total issues (by severity): > Undefined: 0 > Low: 0 > Medium: 0 > High: 0 > Total issues (by confidence): > Undefined: 0 > Low: 0 > Medium: 0 > High: 0 >Files skipped (0): >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpsmtosvf7 >{6} tests.functional.test_functional.FunctionalTests.test_unverified_context [0.004851s] ... ok >{9} tests.unit.formatters.test_yaml.YamlFormatterTests.test_report [0.008389s] ... ok >{6} tests.functional.test_functional.FunctionalTests.test_urlopen [0.013632s] ... ok >{29} tests.functional.test_baseline.BaselineFunctionalTests.test_new_candidates_include_nosec_only_nosecs [0.577933s] ... ok >Current working directory is dirty and must be resolved >{6} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_dirty_repo [0.034828s] ... ok >{6} tests.unit.cli.test_main.BanditCLIMainTests.test_log_option_source_no_values [0.000111s] ... ok >{6} tests.unit.formatters.test_json.JsonFormatterTests.test_report [0.002057s] ... ok >{29} tests.functional.test_functional.FunctionalTests.test_random_module [0.040435s] ... ok >{29} tests.unit.core.test_issue.IssueTests.test_issue_create [0.000153s] ... ok >{29} tests.unit.core.test_issue.IssueTests.test_issue_str [0.000106s] ... ok >{29} tests.unit.core.test_manager.ManagerTests.test_create_manager_with_profile [0.000820s] ... ok >{29} tests.unit.core.test_meta_ast.BanditMetaAstTests.test_str [0.000168s] ... ok >{26} tests.functional.test_baseline.BaselineFunctionalTests.test_no_new_candidates [0.645556s] ... ok >{29} tests.unit.core.test_util.UtilTests.test_escaped_representation_simple [0.006667s] ... ok >{26} tests.functional.test_functional.FunctionalTests.test_try_except_pass [0.014381s] ... ok >{27} tests.functional.test_baseline.BaselineFunctionalTests.test_new_candidates_include_nosec_new_nosecs [0.682404s] ... ok >Bandit baseline must not be called with the -o option >{26} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_with_output_argument [0.034606s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.8.9 >[text] INFO Text output written to file: output >{27} tests.functional.test_functional.FunctionalTests.test_os_popen [0.020409s] ... ok >{26} tests.unit.cli.test_main.BanditCLIMainTests.test_main_exit_with_results_and_with_exit_zero_flag [0.006871s] ... ok >{27} tests.functional.test_functional.FunctionalTests.test_os_system [0.001855s] ... ok >{27} tests.unit.core.test_context.ContextTests.test_is_module_imported_like [0.000095s] ... ok >{27} tests.unit.core.test_manager.ManagerTests.test_find_candidate_matches [0.000593s] ... ok >[config] WARNING Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpzqjr0zc3' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[config] WARNING Legacy blacklist data found in config, overriding data plugins >{26} tests.unit.core.test_config.TestConfigCompat.test_converted_exclude [0.004523s] ... ok >{26} tests.unit.core.test_manager.ManagerTests.test_results_count [0.000409s] ... ok >{27} tests.unit.core.test_util.UtilTests.test_check_ast_node_good [0.004196s] ... ok >{26} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_sys [0.003610s] ... ok >{27} tests.unit.formatters.test_html.HtmlFormatterTests.test_report_with_skipped [0.002697s] ... ok >[ INFO ] No output format specified, using terminal >[ INFO ] Got current commit: [aa1797758302df4aed9cf777c8b120f7b8690fe1 benign1] >[ INFO ] Got parent commit: [d4fe5d13516c3c7549bcc41b84351afe2a2a4417 master] >[ INFO ] Getting Bandit baseline results >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp71ocba91/_bandit_baseline_run.json_ >[ INFO ] Comparing Bandit results to baseline >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.8.9 >Run started:2021-04-29 02:00:26.942625 > >Test results: > No issues identified. > >Code scanned: > Total lines of code: 1 > Total lines skipped (#nosec): 0 > >Run metrics: > Total issues (by severity): > Undefined: 0.0 > Low: 0.0 > Medium: 0.0 > High: 0.0 > Total issues (by confidence): > Undefined: 0.0 > Low: 0.0 > Medium: 0.0 > High: 0.0 >Files skipped (0): > >[ INFO ] No output format specified, using terminal >[ INFO ] Got current commit: [7560ead3d4cf588eb0da002b3f7197d1f822c674 malicious] >[ INFO ] Got parent commit: [aa1797758302df4aed9cf777c8b120f7b8690fe1 benign1] >[ INFO ] Getting Bandit baseline results >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpalv6c9xe/_bandit_baseline_run.json_ >[ INFO ] Comparing Bandit results to baseline >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.8.9 >b"Run started:2021-04-29 02:00:27.717494\n\nTest results:\n>> Issue: [B605:start_process_with_a_shell] Starting a process with a shell: Seems safe, but may be changed in the future, consider rewriting without shell\n Severity: Low Confidence: High\n Location: ./malicious.py:3\n More Info: https://bandit.readthedocs.io/en/latest/plugins/b605_start_process_with_a_shell.html\n2\t\n3\tos.system('/bin/echo hi')\n\n--------------------------------------------------\n\nCode scanned:\n\tTotal lines of code: 3\n\tTotal lines skipped (#nosec): 0\n\nRun metrics:\n\tTotal issues (by severity):\n\t\tUndefined: 0.0\n\t\tLow: 1.0\n\t\tMedium: 0.0\n\t\tHigh: 0.0\n\tTotal issues (by confidence):\n\t\tUndefined: 0.0\n\t\tLow: 0.0\n\t\tMedium: 0.0\n\t\tHigh: 1.0\nFiles skipped (0):\n" >[ INFO ] No output format specified, using terminal >[ INFO ] Got current commit: [8046fc846a3907b7ac560b8c884c4fb2db225bca benign2] >[ INFO ] Got parent commit: [7560ead3d4cf588eb0da002b3f7197d1f822c674 malicious] >[ INFO ] Getting Bandit baseline results >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpq_xyrohx/_bandit_baseline_run.json_ >[ INFO ] Comparing Bandit results to baseline >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.8.9 >Run started:2021-04-29 02:00:28.489151 > >Test results: > No issues identified. > >Code scanned: > Total lines of code: 4 > Total lines skipped (#nosec): 0 > >Run metrics: > Total issues (by severity): > Undefined: 0.0 > Low: 1.0 > Medium: 0.0 > High: 0.0 > Total issues (by confidence): > Undefined: 0.0 > Low: 0.0 > Medium: 0.0 > High: 1.0 >Files skipped (0): > >{1} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_bandit_baseline [2.393396s] ... ok >{1} tests.unit.cli.test_main.BanditCLIMainTests.test_log_option_source_arg_val [0.000158s] ... ok >{1} tests.unit.core.test_manager.ManagerTests.test_create_manager [0.000670s] ... ok >{1} tests.unit.core.test_manager.ManagerTests.test_get_files_from_dir [0.001020s] ... ok >{1} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_builtin_blacklist [0.001066s] ... ok > >====== >Totals >====== >Ran: 251 tests in 3.0587 sec. > - Passed: 251 > - Skipped: 0 > - Expected Fail: 0 > - Unexpected Success: 0 > - Failed: 0 >Sum of execute time for each test: 12.6488 sec. > >============== >Worker Balance >============== > - Worker 0 (7 tests) => 0:00:00.380425 > - Worker 1 (7 tests) => 0:00:03.057964 > - Worker 2 (7 tests) => 0:00:00.391078 > - Worker 3 (7 tests) => 0:00:00.663525 > - Worker 4 (7 tests) => 0:00:00.077275 > - Worker 5 (7 tests) => 0:00:00.365563 > - Worker 6 (7 tests) => 0:00:00.712458 > - Worker 7 (7 tests) => 0:00:00.496303 > - Worker 8 (7 tests) => 0:00:00.213748 > - Worker 9 (7 tests) => 0:00:00.667083 > - Worker 10 (7 tests) => 0:00:00.156282 > - Worker 11 (7 tests) => 0:00:00.023928 > - Worker 12 (7 tests) => 0:00:00.142367 > - Worker 13 (7 tests) => 0:00:00.060965 > - Worker 14 (7 tests) => 0:00:00.057301 > - Worker 15 (7 tests) => 0:00:00.401105 > - Worker 16 (7 tests) => 0:00:00.177479 > - Worker 17 (7 tests) => 0:00:00.063733 > - Worker 18 (7 tests) => 0:00:00.443759 > - Worker 19 (7 tests) => 0:00:00.089288 > - Worker 20 (7 tests) => 0:00:00.067157 > - Worker 21 (7 tests) => 0:00:00.410613 > - Worker 22 (7 tests) => 0:00:00.368981 > - Worker 23 (7 tests) => 0:00:00.052826 > - Worker 24 (7 tests) => 0:00:00.367294 > - Worker 25 (7 tests) => 0:00:00.058826 > - Worker 26 (7 tests) => 0:00:00.712649 > - Worker 27 (7 tests) => 0:00:00.714341 > - Worker 28 (7 tests) => 0:00:00.060854 > - Worker 29 (7 tests) => 0:00:00.629091 > - Worker 30 (7 tests) => 0:00:00.334645 > - Worker 31 (7 tests) => 0:00:00.090073 > - Worker 32 (7 tests) => 0:00:00.059692 > - Worker 33 (7 tests) => 0:00:00.062753 > - Worker 34 (7 tests) => 0:00:00.029884 > - Worker 35 (6 tests) => 0:00:00.084367 > * python3_9: running distutils-r1_run_phase python_test >python3.9 setup.py install --root=/var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test --install-lib=lib --install-scripts=scripts >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > warnings.warn( >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > warnings.warn( >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > warnings.warn( >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead > warnings.warn( >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'author-email' will not be supported in future versions. Please use the underscore name 'author_email' instead > warnings.warn( >/usr/lib/python3.9/site-packages/setuptools/dist.py:642: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead > warnings.warn( >running install >[pbr] Generating AUTHORS >[pbr] AUTHORS complete (0.0s) >running build >running build_py >running egg_info >writing bandit.egg-info/PKG-INFO >writing dependency_links to bandit.egg-info/dependency_links.txt >writing entry points to bandit.egg-info/entry_points.txt >writing requirements to bandit.egg-info/requires.txt >writing top-level names to bandit.egg-info/top_level.txt >[pbr] Reusing existing SOURCES.txt >warning: build_py: byte-compiling is disabled, skipping. > >running install_lib >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/blacklists/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/blacklists/calls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/blacklists/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/blacklists/imports.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/blacklists >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/node_visitor.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/constants.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/test_set.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/metrics.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/meta_ast.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/issue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/manager.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/config.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/test_properties.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/docs_utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/context.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/extension_loader.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/blacklisting.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/core/tester.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/core >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/jinja2_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/general_bind_all_interfaces.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/mako_templates.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/injection_shell.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/yaml_load.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/injection_paramiko.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/try_except_continue.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/django_xss.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/asserts.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/ssh_no_host_key_verification.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/insecure_ssl_tls.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/hashlib_new_insecure_functions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/crypto_request_no_cert_validation.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/injection_wildcard.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/exec.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/try_except_pass.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/weak_cryptographic_key.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/general_bad_file_permissions.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/general_hardcoded_tmp.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/injection_sql.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/app_debug.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/general_hardcoded_password.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/plugins/django_sql_injection.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/plugins >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/cli/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/cli/config_generator.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/cli/baseline.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/cli >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/cli/main.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/cli >creating /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters/html.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters/text.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters/utils.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters/xml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters/__init__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters/csv.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters/screen.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters/json.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters/custom.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/formatters/yaml.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit/formatters >copying /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/lib/bandit/__main__.py -> /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit >warning: install_lib: byte-compiling is disabled, skipping. > >running install_egg_info >Copying bandit.egg-info to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/lib/bandit-1.7.0-py3.9.egg-info >running install_scripts >Installing bandit script to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/scripts >Installing bandit-baseline script to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/scripts >Installing bandit-config-generator script to /var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/build/test/scripts >{1} tests.functional.test_functional.FunctionalTests.test_nonsense [0.009056s] ... ok >{9} tests.functional.test_functional.FunctionalTests.test_imports_from [0.010243s] ... ok >{0} tests.functional.test_functional.FunctionalTests.test_ftp_usage [0.035074s] ... ok >{0} tests.functional.test_functional.FunctionalTests.test_os_startfile [0.004466s] ... ok >{4} tests.functional.test_functional.FunctionalTests.test_partial_path [0.038197s] ... ok >{2} tests.functional.test_functional.FunctionalTests.test_hardcoded_tmp [0.039321s] ... ok >{0} tests.functional.test_functional.FunctionalTests.test_os_system [0.002889s] ... ok >{0} tests.unit.core.test_issue.IssueTests.test_issue_filter_confidence [0.000344s] ... ok >{2} tests.functional.test_functional.FunctionalTests.test_mark_safe [0.003172s] ... ok >{1} tests.functional.test_functional.FunctionalTests.test_os_popen [0.032578s] ... ok >{0} tests.unit.core.test_test_set.BanditTestSetTests.test_has_defaults [0.002036s] ... ok >{8} tests.functional.test_functional.FunctionalTests.test_code_line_numbers [0.034491s] ... ok >{2} tests.functional.test_functional.FunctionalTests.test_okay [0.002702s] ... ok >{9} tests.functional.test_functional.FunctionalTests.test_metric_gathering [0.030892s] ... ok >{4} tests.functional.test_functional.FunctionalTests.test_wildcard_injection [0.010964s] ... ok >{14} tests.functional.test_functional.FunctionalTests.test_multiline_code [0.032438s] ... ok >{4} tests.unit.cli.test_main.BanditCLIMainLoggerTests.test_init_logger [0.000517s] ... ok >{0} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_with_dot [0.006428s] ... ok >{8} tests.functional.test_functional.FunctionalTests.test_yaml [0.009067s] ... ok >{15} tests.functional.test_functional.FunctionalTests.test_blacklist_pycrypto [0.035838s] ... ok >{7} tests.functional.test_functional.FunctionalTests.test_sql_statements [0.049029s] ... ok >while parsing a flow sequence > in "/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpvhcv25u7", line 1, column 3 >expected ',' or ']', but got '<stream end>' > in "/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpvhcv25u7", line 1, column 14 >{8} tests.unit.core.test_config.TestInit.test_yaml_invalid [0.002358s] ... ok >{9} tests.functional.test_functional.FunctionalTests.test_os_exec [0.009091s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpqhg02ys6' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{8} tests.unit.core.test_context.ContextTests.test_check_call_arg_value [0.000983s] ... ok >{2} tests.functional.test_functional.FunctionalTests.test_requests_ssl_verify_disabled [0.014387s] ... ok >{8} tests.unit.core.test_docs_util.DocsUtilTests.test_overwrite_bib_info [0.000184s] ... ok >{4} tests.unit.core.test_config.TestConfigCompat.test_converted_exclude [0.009475s] ... ok >{4} tests.unit.core.test_config.TestGetOption.test_levels [0.001981s] ... ok >{15} tests.functional.test_functional.FunctionalTests.test_shelve [0.007348s] ... ok >{7} tests.functional.test_functional.FunctionalTests.test_try_except_pass [0.008072s] ... ok >{4} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_include_id [0.001867s] ... ok >{0} tests.unit.formatters.test_html.HtmlFormatterTests.test_report_contents [0.014194s] ... ok >{8} tests.unit.core.test_util.UtilTests.test_escaped_representation_valid_not_printable [0.006800s] ... ok >{4} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_missingend [0.006092s] ... ok >{8} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_missingmid [0.006472s] ... ok >{10} tests.functional.test_functional.FunctionalTests.test_ssl_insecure_version [0.044834s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Unable to parse config file /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpf_u1eizo or missing [bandit] section >{9} tests.functional.test_functional.FunctionalTests.test_pickle [0.016523s] ... ok >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >Multiple .bandit files found - scan separately or choose one with --ini > /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp6s4uiprf/.bandit, /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp6s4uiprf/second_config_directory/.bandit >{3} tests.functional.test_functional.FunctionalTests.test_ciphers [0.077431s] ... ok >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.9.4 >{9} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_parse_args_out_file [0.000902s] ... ok >{10} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_empty_directory_no_target [0.001601s] ... ok >[text] INFO Text output written to file: output >{9} tests.unit.core.test_config.TestInit.test_file_does_not_exist [0.000543s] ... ok >{10} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_no_ini_path_multi_bandit_files [0.001734s] ... ok >{10} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_no_ini_path_no_target [0.000149s] ... ok >[screen] INFO Screen formatter output was not written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmplr4ncmko, consider '-f txt' >[screen] INFO Screen formatter output was not written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmplr4ncmko, consider '-f txt' >{15} tests.unit.cli.test_main.BanditCLIMainTests.test_main_exit_with_results_and_with_exit_zero_flag [0.017006s] ... ok >[xml] INFO XML output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpfodc7lt5 >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{10} tests.unit.core.test_manager.ManagerTests.test_is_file_included [0.001387s] ... ok >{1} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_get_config_settings [0.040435s] ... ok >{15} tests.unit.core.test_docs_util.DocsUtilTests.test_import_call_bib [0.000362s] ... ok >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpqoxe9jfp >{9} tests.unit.core.test_util.UtilTests.test_namespace_path_split [0.006219s] ... ok >{15} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_none [0.001565s] ... ok >{15} tests.unit.formatters.test_screen.ScreenFormatterTests.test_report_nobaseline [0.005306s] ... ok >{10} tests.unit.core.test_util.UtilTests.test_get_call_name2 [0.006620s] ... ok >{1} tests.unit.cli.test_main.BanditCLIMainTests.test_main_profile_not_found [0.009316s] ... ok >{15} tests.unit.formatters.test_xml.XmlFormatterTests.test_report [0.001581s] ... ok >{1} tests.unit.core.test_manager.ManagerTests.test_create_manager [0.000741s] ... ok >{1} tests.unit.formatters.test_json.JsonFormatterTests.test_report [0.002443s] ... ok >{16} tests.functional.test_functional.FunctionalTests.test_binding [0.030731s] ... ok >{10} tests.unit.formatters.test_yaml.YamlFormatterTests.test_report [0.015846s] ... ok >[text] INFO Text output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpyelfhpvd >{3} tests.functional.test_functional.FunctionalTests.test_django_sql_injection [0.032811s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp4y62r7od' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{18} tests.functional.test_functional.FunctionalTests.test_hardcoded_passwords [0.042073s] ... FAILED > >Captured traceback: >~~~~~~~~~~~~~~~~~~~ > Traceback (most recent call last): > > File "/var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/tests/functional/test_functional.py", line 176, in test_hardcoded_passwords > self.check_example('hardcoded-passwords.py', expect) > > File "/var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/tests/functional/test_functional.py", line 76, in check_example > self.assertDictEqual(expect, result) > > File "/usr/lib/python3.9/site-packages/unittest2/case.py", line 1128, in assertDictEqual > self.fail(self._formatMessage(msg, standardMsg)) > > File "/usr/lib/python3.9/site-packages/unittest2/case.py", line 690, in fail > raise self.failureException(msg) > > AssertionError: {'SEV[28 chars]W': 12, 'MEDIUM': 0, 'HIGH': 0}, 'CONFIDENCE':[48 chars]: 0}} != {'SEV[28 chars]W': 11, 'MEDIUM': 0, 'HIGH': 0}, 'CONFIDENCE':[48 chars]: 0}} >- {'CONFIDENCE': {'HIGH': 0, 'LOW': 0, 'MEDIUM': 12, 'UNDEFINED': 0}, >? ^ > >+ {'CONFIDENCE': {'HIGH': 0, 'LOW': 0, 'MEDIUM': 11, 'UNDEFINED': 0}, >? ^ > >- 'SEVERITY': {'HIGH': 0, 'LOW': 12, 'MEDIUM': 0, 'UNDEFINED': 0}} >? ^ > >+ 'SEVERITY': {'HIGH': 0, 'LOW': 11, 'MEDIUM': 0, 'UNDEFINED': 0}} >? ^ > > >Temporary file _bandit_baseline_run.json_ needs to be removed prior to running >{3} tests.functional.test_functional.FunctionalTests.test_unverified_context [0.003315s] ... ok >{3} tests.unit.cli.test_main.BanditCLIMainTests.test_log_option_source_no_values [0.000160s] ... ok >{3} tests.unit.core.test_blacklisting.BlacklistingTests.test_report_issue_defaults [0.000139s] ... ok >{22} tests.functional.test_functional.FunctionalTests.test_imports_function [0.032014s] ... ok >{20} tests.functional.test_functional.FunctionalTests.test_cipher_modes [0.033509s] ... ok >{3} tests.unit.core.test_manager.ManagerTests.test_output_results_invalid_format [0.002062s] ... ok >{31} tests.functional.test_functional.FunctionalTests.test_imports [0.008527s] ... ok >Current working directory is dirty and must be resolved >{18} tests.functional.test_functional.FunctionalTests.test_nosec [0.004266s] ... ok >{18} tests.functional.test_functional.FunctionalTests.test_tempnam [0.005967s] ... ok >{3} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_all [0.001651s] ... ok >{1} tests.unit.formatters.test_text.TextFormatterTests.test_report_baseline [0.027809s] ... ok >{16} tests.functional.test_functional.FunctionalTests.test_urlopen [0.026289s] ... ok >{21} tests.functional.test_functional.FunctionalTests.test_os_chmod [0.041211s] ... ok >Run started:2021-04-29 02:00:30.888164 >Files in scope (1): > binding.py (score: {SEVERITY: 1, CONFIDENCE: 1}) >Files excluded (1): > def.py > >Test results: >ISSUE_OUTPUT_TEXT >-------------------------------------------------- >ISSUE_OUTPUT_TEXT >-------------------------------------------------- > >Code scanned: > Total lines of code: 1000 > Total lines skipped (#nosec): 50 > >Run metrics: > Total issues (by severity): > Undefined: 1 > Low: 1 > Medium: 1 > High: 1 > Total issues (by confidence): > Undefined: 1 > Low: 1 > Medium: 1 > High: 1 >Files skipped (1): > abc.py (File is bad) >{23} tests.functional.test_functional.FunctionalTests.test_popen_wrappers [0.043625s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >{24} tests.functional.test_functional.FunctionalTests.test_baseline_filter [0.036239s] ... ok >{18} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_import_data [0.008964s] ... ok >{26} tests.functional.test_functional.FunctionalTests.test_random_module [0.033695s] ... ok >[main] WARNING Baseline must be used with one of the following formats: ['custom', 'html', 'json', 'screen', 'txt'] >{24} tests.functional.test_functional.FunctionalTests.test_host_key_verification [0.003695s] ... ok >{18} tests.unit.core.test_config.TestInit.test_settings [0.001347s] ... ok >[ INFO ] No output format specified, using terminal >[ ERROR ] Bandit baseline must be called from a git project root >{34} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_non_repo [0.002704s] ... ok >{18} tests.unit.core.test_context.ContextTests.test_function_def_defaults_qual [0.001756s] ... ok >Cannot resolve file where 1 is defined >{34} tests.unit.core.test_context.ContextTests.test_get_call_arg_at_position [0.000820s] ... ok >{34} tests.unit.core.test_context.ContextTests.test_is_module_imported_like [0.000103s] ... ok >{34} tests.unit.core.test_docs_util.DocsUtilTests.test_plugin_call_bib [0.000109s] ... ok >{34} tests.unit.core.test_meta_ast.BanditMetaAstTests.test_str [0.000150s] ... ok >{34} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_builtin_blacklist [0.001581s] ... ok >{14} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_existing_temp_file [0.087333s] ... ok >{24} tests.functional.test_functional.FunctionalTests.test_imports_aliases [0.006428s] ... ok >{26} tests.functional.test_functional.FunctionalTests.test_skip [0.006783s] ... ok >{14} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_main_show_defaults [0.003005s] ... ok >{28} tests.functional.test_functional.FunctionalTests.test_dill [0.035293s] ... ok >[config] WARNING Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpcwtmdnoo' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{26} tests.unit.cli.test_main.BanditCLIMainTests.test_get_options_from_ini_no_ini_path_no_bandit_files [0.001223s] ... ok >[config] WARNING Legacy blacklist data found in config, overriding data plugins >{26} tests.unit.core.test_blacklisting.BlacklistingTests.test_report_issue [0.000166s] ... ok >{34} tests.unit.core.test_util.UtilTests.test_escaped_representation_invalid [0.005964s] ... ok >{18} tests.unit.core.test_util.UtilTests.test_namespace_path_join [0.007593s] ... ok >{26} tests.unit.core.test_context.ContextTests.test_get_lineno_for_call_arg [0.001173s] ... ok >{30} tests.functional.test_functional.FunctionalTests.test_flask_debug_true [0.033363s] ... ok >{24} tests.functional.test_functional.FunctionalTests.test_os_spawn [0.009202s] ... ok >[main] ERROR bandit.yaml : Could not read config file. >{14} tests.unit.cli.test_main.BanditCLIMainTests.test_main_invalid_output_format [0.008924s] ... ok >{26} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_invalid_path [0.005871s] ... ok >{2} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_dirty_repo [0.091354s] ... ok >{33} tests.functional.test_functional.FunctionalTests.test_crypto_md5 [0.037395s] ... ok >{28} tests.functional.test_functional.FunctionalTests.test_django_sql_injection_raw [0.010743s] ... ok >{2} tests.unit.cli.test_config_generator.BanditConfigGeneratorLoggerTests.test_init_logger [0.000714s] ... ok >{28} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_parse_args_no_defaults [0.002194s] ... ok >{28} tests.unit.core.test_context.ContextTests.test__get_literal_value [0.000333s] ... ok >{26} tests.unit.core.test_util.UtilTests.test_path_for_function_no_module [0.005698s] ... ok >{28} tests.unit.core.test_issue.IssueTests.test_issue_as_dict [0.000135s] ... ok >{33} tests.functional.test_functional.FunctionalTests.test_no_blacklist_pycryptodome [0.005492s] ... ok >{30} tests.functional.test_functional.FunctionalTests.test_jinja2_templating [0.012870s] ... ok >{14} tests.unit.core.test_config.TestConfigCompat.test_deprecation_message [0.009069s] ... ok >{2} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_typical [0.006417s] ... ok >{33} tests.functional.test_functional.FunctionalTests.test_paramiko_injection [0.004152s] ... ok >{30} tests.unit.cli.test_main.BanditCLIMainTests.test_main_config_unopenable [0.003406s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: badID >[main] ERROR Unknown test found in profile: badID >[config] WARNING Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmph9sg7cnn' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[config] WARNING Legacy blacklist data found in config, overriding data plugins >{28} tests.unit.core.test_util.UtilTests.test_get_call_name3 [0.006044s] ... ok >{22} tests.functional.test_functional.FunctionalTests.test_xml [0.054525s] ... ok >{28} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_sys [0.005316s] ... ok >{22} tests.unit.core.test_context.ContextTests.test_call_args_count [0.000489s] ... ok >[screen] INFO Screen formatter output was not written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpzxjqewct, consider '-f txt' >{33} tests.unit.cli.test_main.BanditCLIMainTests.test_main_unknown_skip_tests [0.007390s] ... ok >{22} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_builtin_blacklist_specific [0.001833s] ... ok >{30} tests.unit.core.test_config.TestConfigCompat.test_converted_include [0.008793s] ... ok >{33} tests.unit.core.test_manager.ManagerTests.test_find_candidate_matches [0.000858s] ... ok >{30} tests.unit.core.test_context.ContextTests.test_is_module_being_imported [0.000153s] ... ok >{33} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_exclude_id [0.001216s] ... ok >{35} tests.functional.test_functional.FunctionalTests.test_subdirectory_okay [0.028263s] ... ok >{30} tests.unit.core.test_manager.ManagerTests.test_matches_globlist [0.001211s] ... ok >{25} tests.functional.test_functional.FunctionalTests.test_django_xss_secure [0.064337s] ... ok >{30} tests.unit.formatters.test_screen.ScreenFormatterTests.test_report_baseline [0.002407s] ... ok >{22} tests.unit.core.test_util.UtilTests.test_escaped_representation_simple [0.007054s] ... ok >{29} tests.functional.test_functional.FunctionalTests.test_django_xss_insecure [0.079219s] ... ok >{24} tests.functional.test_functional.FunctionalTests.test_subprocess_shell [0.031582s] ... ok >{33} tests.unit.core.test_util.UtilTests.test_check_ast_node_bad_node [0.005809s] ... ok >{29} tests.unit.core.test_context.ContextTests.test_call_keywords [0.001569s] ... ok >{29} tests.unit.core.test_issue.IssueTests.test_issue_filter_severity [0.000149s] ... ok >{29} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude_glob [0.001589s] ... ok >Cannot resolve file path for module sys >{29} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_missingmid [0.006634s] ... ok >Run started:2021-04-29 02:00:30.977894 > >Test results: >ISSUE_OUTPUT_TEXT >-------------------------------------------------- >ISSUE_OUTPUT_TEXT > >-- Candidate Issues -- >ISSUE_OUTPUT_TEXT > > >ISSUE_OUTPUT_TEXT > > >-------------------------------------------------- > >Code scanned: > Total lines of code: 0 > Total lines skipped (#nosec): 0 > >Run metrics: > Total issues (by severity): > Undefined: 0 > Low: 0 > Medium: 0 > High: 0 > Total issues (by confidence): > Undefined: 0 > Low: 0 > Medium: 0 > High: 0 >Files skipped (0): >{14} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_none [0.030101s] ... ok >Git command not found >{25} tests.functional.test_functional.FunctionalTests.test_httpoxy [0.016296s] ... ok >{29} tests.unit.core.test_util.UtilTests.test_path_for_function_no_file [0.005964s] ... ok >{14} tests.unit.core.test_util.UtilTests.test_escaped_representation_mixed [0.006719s] ... ok >{29} tests.unit.formatters.test_text.TextFormatterTests.test_output_issue [0.000803s] ... ok >{16} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_git_command_failure [0.074916s] ... ok >{35} tests.functional.test_functional.FunctionalTests.test_weak_cryptographic_key [0.030554s] ... ok >{25} tests.functional.test_functional.FunctionalTests.test_try_except_continue [0.009425s] ... ok ><MagicMock name='get_config_settings()' id='140562481882784'> >usage: bandit-config-generator [-h] [--show-defaults] [-o OUTPUT_FILE] > [-t TESTS] [-s SKIPS] > >Bandit Config Generator > > This tool is used to generate an optional profile. The profile may be used > to include or skip tests and override values for plugins. > > When used to store an output profile, this tool will output a template that > includes all plugins and their default settings. Any settings which aren't > being overridden can be safely removed from the profile and default values > will be used. Bandit will prefer settings from the profile over the built > in values. > >optional arguments: > -h, --help show this help message and exit > --show-defaults show the default settings values for each plugin but do not output a profile > -o OUTPUT_FILE, --out OUTPUT_FILE > output file to save profile > -t TESTS, --tests TESTS > list of test names to run > -s SKIPS, --skip SKIPS > list of test names to skip >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpml4wp_at' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >Config file '' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Config file '' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >{16} tests.unit.core.test_config.TestConfigCompat.test_blacklist_error [0.009130s] ... ok >{22} tests.unit.formatters.test_html.HtmlFormatterTests.test_report_with_skipped [0.030994s] ... ok >{22} tests.unit.formatters.test_screen.ScreenFormatterTests.test_output_issue [0.000784s] ... ok >Skipping directory (thing), use -r flag to scan contents >{16} tests.unit.core.test_manager.ManagerTests.test_discover_files_recurse_skip [0.001731s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] WARNING Could not open baseline report: base.json >{24} tests.unit.cli.test_main.BanditCLIMainTests.test_main_baseline_ioerror [0.036082s] ... ok >{24} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_syms [0.004417s] ... ok >{16} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_one [0.030594s] ... ok >{16} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_missingend [0.006226s] ... ok >{23} tests.functional.test_runtime.RuntimeTests.test_nonexistent_config [0.272996s] ... ok >[main] ERROR : >{23} tests.unit.cli.test_main.BanditCLIMainTests.test_main_invalid_config [0.004371s] ... ok >{7} tests.functional.test_runtime.RuntimeTests.test_no_arguments [0.342708s] ... ok >{7} tests.unit.core.test_manager.ManagerTests.test_results_count [0.001063s] ... ok >{7} tests.unit.core.test_meta_ast.BanditMetaAstTests.test_add_node [0.000159s] ... ok >{5} tests.functional.test_runtime.RuntimeTests.test_piped_input [0.405330s] ... ok >{5} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_init_logger [0.000358s] ... ok >[config] WARNING Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpbcdlq4zt' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[config] WARNING Legacy blacklist data found in config, overriding data plugins >{23} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_call_data [0.009018s] ... ok >{7} tests.unit.core.test_util.UtilTests.test_check_ast_node_good [0.006047s] ... ok >{23} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_include_none [0.001593s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp34r10c29' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{5} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_call_test [0.005416s] ... ok >{7} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_rel_typical [0.005284s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpt1dswg7a' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{5} tests.unit.core.test_config.TestConfigCompat.test_converted_blacklist_import_test [0.004221s] ... ok >{5} tests.unit.core.test_context.ContextTests.test_is_module_imported_exact [0.000088s] ... ok >{23} tests.unit.core.test_util.UtilTests.test_deepgetattr [0.006153s] ... ok >[screen] INFO Screen formatter output was not written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp1v_5ndtc, consider '-f txt' >{23} tests.unit.formatters.test_screen.ScreenFormatterTests.test_no_issues [0.002943s] ... ok >{5} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_dir [0.003978s] ... ok >{5} tests.unit.formatters.test_text.TextFormatterTests.test_report_nobaseline [0.002765s] ... ok >{21} tests.functional.test_runtime.RuntimeTests.test_help_arg [0.317598s] ... ok >{21} tests.unit.core.test_context.ContextTests.test_call_args [0.001012s] ... ok >{21} tests.unit.core.test_issue.IssueTests.test_get_code [0.000428s] ... ok >{21} tests.unit.core.test_manager.ManagerTests.test_create_manager_with_profile [0.000692s] ... ok >{21} tests.unit.core.test_manager.ManagerTests.test_populate_baseline_invalid_json [0.001109s] ... ok >{21} tests.unit.formatters.test_html.HtmlFormatterTests.test_escaping [0.001863s] ... ok >{20} tests.functional.test_runtime.RuntimeTests.test_example_okay [0.356333s] ... ok >{31} tests.functional.test_runtime.RuntimeTests.test_example_imports [0.355777s] ... ok >{25} tests.functional.test_runtime.RuntimeTests.test_example_nonsense [0.269689s] ... ok >{25} tests.unit.cli.test_main.BanditCLIMainTests.test_log_option_source_arg_val [0.000253s] ... ok >{31} tests.unit.core.test_context.ContextTests.test_statement [0.000258s] ... ok >{31} tests.unit.core.test_issue.IssueTests.test_issue_str [0.000145s] ... ok >{31} tests.unit.core.test_manager.ManagerTests.test_discover_files_recurse_files [0.002222s] ... ok >{25} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude_dir [0.002620s] ... ok >{31} tests.unit.core.test_manager.ManagerTests.test_get_files_from_dir [0.001238s] ... ok >{25} tests.unit.core.test_manager.ManagerTests.test_discover_files_include [0.001669s] ... ok >{31} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_filter_blacklist_include [0.001646s] ... ok >[ INFO ] No output format specified, using terminal >[ ERROR ] Unable to get current or parent commit >{20} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_git_command_failure [0.048056s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.9.4 >[text] INFO Text output written to file: output >{20} tests.unit.cli.test_main.BanditCLIMainTests.test_main_exit_with_no_results [0.008087s] ... ok >{20} tests.unit.core.test_context.ContextTests.test_string_val [0.000128s] ... ok >{20} tests.unit.core.test_util.UtilTests.test_check_ast_node_bad_type [0.003859s] ... ok >[ INFO ] No output format specified, using terminal >{20} tests.unit.core.test_util.UtilTests.test_get_call_name1 [0.003781s] ... ok >[ INFO ] Got current commit: [5e706e5f5bc530af3b181a906481cbd17ebe37fb benign1] >{35} tests.functional.test_runtime.RuntimeTests.test_example_nonsense2 [0.362438s] ... ok >[ INFO ] Got parent commit: [fb3cba6afa7ac34242a7006fcec4d70396805e9f master] >[ INFO ] Getting Bandit baseline results >[ INFO ] No output format specified, using terminal >[ INFO ] Got current commit: [8088e9599fef4ab62082aec679d9ba74ab3e6b2b master] >[ ERROR ] Parent commit not available >{35} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_no_parent_commit [0.047833s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp5ghf9nae' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{35} tests.unit.core.test_config.TestConfigCompat.test_bad_yaml [0.005206s] ... ok >Config file '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpbhf97dyd' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >Legacy blacklist data found in config, overriding data plugins >{35} tests.unit.core.test_config.TestConfigCompat.test_converted_exclude_blacklist [0.004141s] ... ok >{17} tests.functional.test_baseline.BaselineFunctionalTests.test_no_new_candidates [0.590568s] ... ok >{17} tests.functional.test_functional.FunctionalTests.test_exec [0.016964s] ... ok >{12} tests.functional.test_baseline.BaselineFunctionalTests.test_new_candidates_include_nosec_new_nosecs [0.661944s] ... ok >{19} tests.functional.test_baseline.BaselineFunctionalTests.test_no_existing_with_new_candidates [0.609617s] ... ok >{12} tests.functional.test_functional.FunctionalTests.test_mako_templating [0.018112s] ... ok >{12} tests.functional.test_functional.FunctionalTests.test_mktemp [0.002582s] ... ok >{6} tests.functional.test_baseline.BaselineFunctionalTests.test_existing_and_new_candidates [0.684895s] ... ok >{11} tests.functional.test_baseline.BaselineFunctionalTests.test_no_new_candidates_include_nosec [0.688188s] ... ok >File bandit_baseline_result.txt already exists, aborting >{11} tests.functional.test_functional.FunctionalTests.test_asserts [0.005589s] ... ok >{11} tests.unit.cli.test_config_generator.BanditConfigGeneratorTests.test_parse_args_show_defaults [0.000681s] ... ok >{11} tests.unit.cli.test_main.BanditCLIMainTests.test_init_extensions [0.000088s] ... ok >{19} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_existing_report_file [0.033397s] ... ok >{19} tests.unit.cli.test_main.BanditCLIMainTests.test_log_option_source_ini_value [0.000120s] ... ok >{19} tests.unit.core.test_context.ContextTests.test_call_function_name_qual [0.000088s] ... ok >{19} tests.unit.core.test_context.ContextTests.test_filename [0.000073s] ... ok >{11} tests.unit.core.test_config.TestGetOption.test_levels_not_exist [0.001346s] ... ok >{19} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude [0.001321s] ... ok >{11} tests.unit.core.test_manager.ManagerTests.test_run_tests_keyboardinterrupt [0.001766s] ... ok >{19} tests.unit.core.test_util.UtilTests.test_linerange [0.004285s] ... ok >{11} tests.unit.core.test_util.UtilTests.test_get_module_qualname_from_path_abs_syms [0.003802s] ... ok >{6} tests.functional.test_functional.FunctionalTests.test_eval [0.019962s] ... ok >{32} tests.functional.test_baseline.BaselineFunctionalTests.test_new_candidates_include_nosec_only_nosecs [0.624212s] ... ok >{6} tests.functional.test_functional.FunctionalTests.test_imports_using_importlib [0.003531s] ... ok >{32} tests.functional.test_functional.FunctionalTests.test_hashlib_new_insecure_functions [0.021642s] ... ok >{32} tests.functional.test_functional.FunctionalTests.test_httplib_https [0.002656s] ... ok >{32} tests.functional.test_functional.FunctionalTests.test_ignore_skip [0.004163s] ... ok >Bandit baseline must not be called with the -o option >{6} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_with_output_argument [0.033025s] ... ok >{6} tests.unit.core.test_context.ContextTests.test_context_create [0.000363s] ... ok >{6} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_blacklist_compat [0.001106s] ... ok >{6} tests.unit.formatters.test_csv.CsvFormatterTests.test_report [0.001037s] ... ok >{27} tests.functional.test_baseline.BaselineFunctionalTests.test_no_existing_no_new_candidates [0.691899s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpafy9o_p0/_bandit_baseline_run.json_ >[ INFO ] No output format specified, using terminal >{27} tests.functional.test_functional.FunctionalTests.test_telnet_usage [0.021094s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO Using command line arg for excluded paths >[main] INFO Using ini file for skipped tests >[main] INFO Using ini file for selected tests >[main] INFO Using command line arg for selected targets >[main] INFO Using command line arg for aggregate output type >[main] INFO Using command line arg for max code lines output for issue >[main] INFO Using command line arg for severity level >[main] INFO Using command line arg for confidence level >[main] INFO Using command line arg for output format >[main] INFO Using command line arg for output file >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: some_test >[main] INFO cli exclude tests: skip_test >{27} tests.unit.cli.test_main.BanditCLIMainTests.test_main_handle_ini_options [0.005331s] ... ok >{27} tests.unit.core.test_config.TestGetSetting.test_not_exist [0.000709s] ... ok >{27} tests.unit.core.test_context.ContextTests.test_call_function_name [0.000069s] ... ok >{27} tests.unit.core.test_context.ContextTests.test_node [0.000055s] ... ok >{27} tests.unit.core.test_issue.IssueTests.test_matches_issue [0.000096s] ... ok >[ INFO ] Got current commit: [d3d86a01986c7a42c7e243f3f355b2fe282aa2a2 master] >[ INFO ] Comparing Bandit results to baseline >[ INFO ] Got parent commit: [8088e9599fef4ab62082aec679d9ba74ab3e6b2b master~1] >[ INFO ] Getting Bandit baseline results >[ ERROR ] Error running command: ['discover', '-t', './', './tests', '--load-list', '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpyscnknv8'] >Output: None > >[ INFO ] Comparing Bandit results to baseline >[ ERROR ] Error running command: ['discover', '-t', './', './tests', '--load-list', '/var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpyscnknv8'] >Output: None > >{32} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_main_subprocess_error [0.086928s] ... ok >Unable to parse config file /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpl0rs7pf5 or missing [bandit] section >{32} tests.unit.core.test_util.UtilTests.test_parse_ini_file [0.004976s] ... ok >{32} tests.unit.core.test_util.UtilTests.test_path_for_function [0.003675s] ... ok >None >{17} tests.functional.test_runtime.RuntimeTests.test_example_nonexistent [0.235978s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: badID >[main] INFO cli exclude tests: None >[main] ERROR Unknown test found in profile: badID >{17} tests.unit.cli.test_main.BanditCLIMainTests.test_main_unknown_tests [0.004700s] ... ok >{17} tests.unit.core.test_context.ContextTests.test_repr [0.000108s] ... ok >{17} tests.unit.core.test_issue.IssueTests.test_issue_create [0.000072s] ... ok >{17} tests.unit.core.test_manager.ManagerTests.test_discover_files_exclude_cmdline [0.001873s] ... ok >{12} tests.functional.test_runtime.RuntimeTests.test_help_in_readme [0.242197s] ... FAILED > >Captured traceback: >~~~~~~~~~~~~~~~~~~~ > Traceback (most recent call last): > > File "/var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/tests/functional/test_runtime.py", line 76, in test_help_in_readme > self.assertIn(output, readme) > > File "/usr/lib/python3.9/site-packages/testtools/testcase.py", line 421, in assertIn > self.assertThat(haystack, Contains(needle), message) > > File "/usr/lib/python3.9/site-packages/testtools/testcase.py", line 502, in assertThat > raise mismatch_error > > testtools.matchers._impl.MismatchError: 'usage:bandit[-h][-r][-a{file,vuln}][-nCONTEXT_LINES][-cCONFIG_FILE][-pPROFILE][-tTESTS][-sSKIPS][-l][-i][-f{csv,custom,html,json,screen,txt,xml,yaml}][--msg-templateMSG_TEMPLATE][-o[OUTPUT_FILE]][-v][-d][-q][--ignore-nosec][-xEXCLUDED_PATHS][-bBASELINE][--iniINI_PATH][--exit-zero][--version][targets...]Bandit-aPythonsourcecodesecurityanalyzerpositionalarguments:targetssourcefile(s)ordirectory(s)tobetestedoptionalarguments:-h,--helpshowthishelpmessageandexit-r,--recursivefindandprocessfilesinsubdirectories-a{file,vuln},--aggregate{file,vuln}aggregateoutputbyvulnerability(default)orbyfilename-nCONTEXT_LINES,--numberCONTEXT_LINESmaximumnumberofcodelinestooutputforeachissue-cCONFIG_FILE,--configfileCONFIG_FILEoptionalconfigfiletouseforselectingpluginsandoverridingdefaults-pPROFILE,--profilePROFILEprofiletouse(defaultstoexecutingalltests)-tTESTS,--testsTESTScomma-separatedlistoftestIDstorun-sSKIPS,--skipSKIPScomma-separatedlistoftestIDstoskip-l,--levelreportonlyissuesofagivenseveritylevelorhigher(-lforLOW,-llforMEDIUM,-lllforHIGH)-i,--confidencereportonlyissuesofagivenconfidencelevelorhigher(-iforLOW,-iiforMEDIUM,-iiiforHIGH)-f{csv,custom,html,json,screen,txt,xml,yaml},--format{csv,custom,html,json,screen,txt,xml,yaml}specifyoutputformat--msg-templateMSG_TEMPLATEspecifyoutputmessagetemplate(onlyusablewith--formatcustom),seeCUSTOMFORMATsectionforlistofavailablevalues-o[OUTPUT_FILE],--output[OUTPUT_FILE]writereporttofilename-v,--verboseoutputextrainformationlikeexcludedandincludedfiles-d,--debugturnondebugmode-q,--quiet,--silentonlyshowoutputinthecaseofanerror--ignore-nosecdonotskiplineswith#noseccomments-xEXCLUDED_PATHS,--excludeEXCLUDED_PATHScomma-separatedlistofpaths(globpatternssupported)toexcludefromscan(notethattheseareinadditiontotheexcludedpathsprovidedintheconfigfile)(default:.svn,CVS,.bzr,.hg,.git,__pycache__,.tox,.eggs,*.egg)-bBASELINE,--baselineBASELINEpathofabaselinereporttocompareagainst(onlyJSON-formattedfilesareaccepted)--iniINI_PATHpathtoa.banditfilethatsuppliescommandlinearguments--exit-zeroexitwith0,evenwithresultsfound--versionshowprogram\'sversionnumberandexitCUSTOMFORMATTING-----------------Availabletags:{abspath},{relpath},{line},{test_id},{severity},{msg},{confidence},{range}Exampleusage:Defaulttemplate:bandit-rexamples/--formatcustom--msg-template\\"{abspath}:{line}:{test_id}[bandit]:{severity}:{msg}"Providessameoutputas:bandit-rexamples/--formatcustomTagscanalsobeformattedinpythonstring.format()style:bandit-rexamples/--formatcustom--msg-template\\"{relpath:20.20s}:{line:03}:{test_id:^8}:DEFECT:{msg:>20}"Seepythondocumentationformoreinformationaboutformattingstyle:https://docs.python.org/3/library/string.htmlThefollowingtestswerediscoveredandloaded:-----------------------------------------------B101assert_usedB102exec_usedB103set_bad_file_permissionsB104hardcoded_bind_all_interfacesB105hardcoded_password_stringB106hardcoded_password_funcargB107hardcoded_password_defaultB108hardcoded_tmp_directoryB110try_except_passB112try_except_continueB201flask_debug_trueB301pickleB302marshalB303md5B304ciphersB305cipher_modesB306mktemp_qB307evalB308mark_safeB309httpsconnectionB310urllib_urlopenB311randomB312telnetlibB313xml_bad_cElementTreeB314xml_bad_ElementTreeB315xml_bad_expatreaderB316xml_bad_expatbuilderB317xml_bad_saxB318xml_bad_minidomB319xml_bad_pulldomB320xml_bad_etreeB321ftplibB323unverified_contextB324hashlib_new_insecure_functionsB325tempnamB401import_telnetlibB402import_ftplibB403import_pickleB404import_subprocessB405import_xml_etreeB406import_xml_saxB407import_xml_expatB408import_xml_minidomB409import_xml_pulldomB410import_lxmlB411import_xmlrpclibB412import_httpoxyB413import_pycryptoB501request_with_no_cert_validationB502ssl_with_bad_versionB503ssl_with_bad_defaultsB504ssl_with_no_versionB505weak_cryptographic_keyB506yaml_loadB507ssh_no_host_key_verificationB601paramiko_callsB602subprocess_popen_with_shell_equals_trueB603subprocess_without_shell_equals_trueB604any_other_function_with_shell_equals_trueB605start_process_with_a_shellB606start_process_with_no_shellB607start_process_with_partial_pathB608hardcoded_sql_expressionsB609linux_commands_wildcard_injectionB610django_extra_usedB611django_rawsql_usedB701jinja2_autoescape_falseB702use_of_mako_templatesB703django_mark_safe' not in '..image::https://github.com/PyCQA/bandit/blob/master/logo/logotype-sm.png:alt:Bandit======..image::https://github.com/PyCQA/bandit/workflows/Build%20and%20Test%20Bandit/badge.svg:target:https://github.com/PyCQA/bandit/actions?query=workflow%3A%22Build+and+Test+Bandit%22:alt:BuildStatus..image::https://readthedocs.org/projects/bandit/badge/?version=latest:target:https://readthedocs.org/projects/bandit/:alt:DocsStatus..image::https://img.shields.io/pypi/v/bandit.svg:target:https://pypi.org/project/bandit/:alt:LatestVersion..image::https://img.shields.io/pypi/pyversions/bandit.svg:target:https://pypi.org/project/bandit/:alt:PythonVersions..image::https://img.shields.io/pypi/format/bandit.svg:target:https://pypi.org/project/bandit/:alt:Format..image::https://img.shields.io/badge/license-Apache%202-blue.svg:target:https://github.com/PyCQA/bandit/blob/master/LICENSE:alt:LicenseAsecuritylinterfromPyCQA*Freesoftware:Apachelicense*Documentation:https://bandit.readthedocs.io/en/latest/*Source:https://github.com/PyCQA/bandit*Bugs:https://github.com/PyCQA/bandit/issues*Contributing:https://github.com/PyCQA/bandit/blob/master/CONTRIBUTING.mdOverview--------BanditisatooldesignedtofindcommonsecurityissuesinPythoncode.TodothisBanditprocesseseachfile,buildsanASTfromit,andrunsappropriatepluginsagainsttheASTnodes.OnceBandithasfinishedscanningallthefilesitgeneratesareport.BanditwasoriginallydevelopedwithintheOpenStackSecurityProjectandlaterrehomedtoPyCQA.Installation------------BanditisdistributedonPyPI.Thebestwaytoinstallitiswithpip:Createavirtualenvironment(optional)::virtualenvbandit-env#Orifyou\'reworkingwithaPython3projectpython3-mvenvbandit-env#Andactivateit:sourcebandit-env/bin/activateInstallBandit::pipinstallbandit#Orifyou\'reworkingwithaPython3projectpip3installbanditRunBandit::bandit-rpath/to/your/codeBanditcanalsobeinstalledfromsource.Todoso,downloadthesourcetarballfromPyPI,theninstallit::pythonsetup.pyinstallUsage-----Exampleusageacrossacodetree::bandit-r~/your_repos/projectExampleusageacrossthe``examples/``directory,showingthreelinesofcontextandonlyreportingonthehigh-severityissues::banditexamples/*.py-n3-lllBanditcanberunwithprofiles.TorunBanditagainsttheexamplesdirectoryusingonlythepluginslistedinthe``ShellInjection``profile::banditexamples/*.py-pShellInjectionBanditalsosupportspassinglinesofcodetoscanusingstandardinput.TorunBanditwithstandardinput::catexamples/imports.py|bandit-Usage::$bandit-husage:bandit[-h][-r][-a{file,vuln}][-nCONTEXT_LINES][-cCONFIG_FILE][-pPROFILE][-tTESTS][-sSKIPS][-l][-i][-f{csv,custom,html,json,screen,txt,xml,yaml}][--msg-templateMSG_TEMPLATE][-o[OUTPUT_FILE]][-v][-d][-q][--ignore-nosec][-xEXCLUDED_PATHS][-bBASELINE][--iniINI_PATH][--exit-zero][--version][targets[targets...]]Bandit-aPythonsourcecodesecurityanalyzerpositionalarguments:targetssourcefile(s)ordirectory(s)tobetestedoptionalarguments:-h,--helpshowthishelpmessageandexit-r,--recursivefindandprocessfilesinsubdirectories-a{file,vuln},--aggregate{file,vuln}aggregateoutputbyvulnerability(default)orbyfilename-nCONTEXT_LINES,--numberCONTEXT_LINESmaximumnumberofcodelinestooutputforeachissue-cCONFIG_FILE,--configfileCONFIG_FILEoptionalconfigfiletouseforselectingpluginsandoverridingdefaults-pPROFILE,--profilePROFILEprofiletouse(defaultstoexecutingalltests)-tTESTS,--testsTESTScomma-separatedlistoftestIDstorun-sSKIPS,--skipSKIPScomma-separatedlistoftestIDstoskip-l,--levelreportonlyissuesofagivenseveritylevelorhigher(-lforLOW,-llforMEDIUM,-lllforHIGH)-i,--confidencereportonlyissuesofagivenconfidencelevelorhigher(-iforLOW,-iiforMEDIUM,-iiiforHIGH)-f{csv,custom,html,json,screen,txt,xml,yaml},--format{csv,custom,html,json,screen,txt,xml,yaml}specifyoutputformat--msg-templateMSG_TEMPLATEspecifyoutputmessagetemplate(onlyusablewith--formatcustom),seeCUSTOMFORMATsectionforlistofavailablevalues-o[OUTPUT_FILE],--output[OUTPUT_FILE]writereporttofilename-v,--verboseoutputextrainformationlikeexcludedandincludedfiles-d,--debugturnondebugmode-q,--quiet,--silentonlyshowoutputinthecaseofanerror--ignore-nosecdonotskiplineswith#noseccomments-xEXCLUDED_PATHS,--excludeEXCLUDED_PATHScomma-separatedlistofpaths(globpatternssupported)toexcludefromscan(notethattheseareinadditiontotheexcludedpathsprovidedintheconfigfile)(default:.svn,CVS,.bzr,.hg,.git,__pycache__,.tox,.eggs,*.egg)-bBASELINE,--baselineBASELINEpathofabaselinereporttocompareagainst(onlyJSON-formattedfilesareaccepted)--iniINI_PATHpathtoa.banditfilethatsuppliescommandlinearguments--exit-zeroexitwith0,evenwithresultsfound--versionshowprogram\'sversionnumberandexitCUSTOMFORMATTING-----------------Availabletags:{abspath},{relpath},{line},{test_id},{severity},{msg},{confidence},{range}Exampleusage:Defaulttemplate:bandit-rexamples/--formatcustom--msg-template\\"{abspath}:{line}:{test_id}[bandit]:{severity}:{msg}"Providessameoutputas:bandit-rexamples/--formatcustomTagscanalsobeformattedinpythonstring.format()style:bandit-rexamples/--formatcustom--msg-template\\"{relpath:20.20s}:{line:03}:{test_id:^8}:DEFECT:{msg:>20}"Seepythondocumentationformoreinformationaboutformattingstyle:https://docs.python.org/3/library/string.htmlThefollowingtestswerediscoveredandloaded:-----------------------------------------------B101assert_usedB102exec_usedB103set_bad_file_permissionsB104hardcoded_bind_all_interfacesB105hardcoded_password_stringB106hardcoded_password_funcargB107hardcoded_password_defaultB108hardcoded_tmp_directoryB110try_except_passB112try_except_continueB201flask_debug_trueB301pickleB302marshalB303md5B304ciphersB305cipher_modesB306mktemp_qB307evalB308mark_safeB309httpsconnectionB310urllib_urlopenB311randomB312telnetlibB313xml_bad_cElementTreeB314xml_bad_ElementTreeB315xml_bad_expatreaderB316xml_bad_expatbuilderB317xml_bad_saxB318xml_bad_minidomB319xml_bad_pulldomB320xml_bad_etreeB321ftplibB323unverified_contextB324hashlib_new_insecure_functionsB325tempnamB401import_telnetlibB402import_ftplibB403import_pickleB404import_subprocessB405import_xml_etreeB406import_xml_saxB407import_xml_expatB408import_xml_minidomB409import_xml_pulldomB410import_lxmlB411import_xmlrpclibB412import_httpoxyB413import_pycryptoB501request_with_no_cert_validationB502ssl_with_bad_versionB503ssl_with_bad_defaultsB504ssl_with_no_versionB505weak_cryptographic_keyB506yaml_loadB507ssh_no_host_key_verificationB601paramiko_callsB602subprocess_popen_with_shell_equals_trueB603subprocess_without_shell_equals_trueB604any_other_function_with_shell_equals_trueB605start_process_with_a_shellB606start_process_with_no_shellB607start_process_with_partial_pathB608hardcoded_sql_expressionsB609linux_commands_wildcard_injectionB610django_extra_usedB611django_rawsql_usedB701jinja2_autoescape_falseB702use_of_mako_templatesB703django_mark_safeBaseline--------Banditallowsspecifyingthepathofabaselinereporttocompareagainstusingthebaselineargument(i.e.``-bBASELINE``or``--baselineBASELINE``).::bandit-bBASELINEThisisusefulforignoringknownvulnerabilitiesthatyoubelievearenon-issues(e.g.acleartextpasswordinaunittest).TogenerateabaselinereportsimplyrunBanditwiththeoutputformatsetto``json``(onlyJSON-formattedfilesareacceptedasabaseline)andoutputfilepathspecified:::bandit-fjson-oPATH_TO_OUTPUT_FILEVersioncontrolintegration---------------------------Use`pre-commit<https://pre-commit.com/>`_.Onceyou`haveitinstalled<https://pre-commit.com/#install>`_,addthistothe`.pre-commit-config.yaml`inyourrepository(besuretoupdate`rev`topointtoarealgittag/revision!)::repos:-repo:https://github.com/PyCQA/banditrev:\'\'#Updateme!hooks:-id:banditThenrun`pre-commitinstall`andyou\'rereadytogo.Configuration-------------Anoptionalconfigfilemaybesuppliedandmayinclude:-listsoftestswhichshouldorshouldn\'tberun-exclude_dirs-sectionsofthepath,thatifmatched,willbeexcludedfromscanning(globpatternssupported)-overriddenpluginsettings-mayprovidedifferentsettingsforsomepluginsPerProjectCommandLineArgs-----------------------------Projectsmayincludea`.bandit`filethatspecifiescommandlineargumentsthatshouldbesuppliedforthatproject.Thecurrentlysupportedargumentsare:-targets:commaseparatedlistoftargetdirs/filestorunbanditon-exclude:commaseparatedlistofexcludedpaths-skips:commaseparatedlistofteststoskip-tests:commaseparatedlistofteststorunTousethis,puta.banditfileinyourproject\'sdirectory.Forexample:::[bandit]exclude:/test::[bandit]tests:B101,B102,B301Exclusions----------IntheeventthatalineofcodetriggersaBanditissue,butthatthelinehasbeenreviewedandtheissueisafalsepositiveoracceptableforsomeotherreason,thelinecanbemarkedwitha``#nosec``andanyresultsassociatedwithitwillnotbereported.Forexample,althoughthislinemaycauseBandittoreportapotentialsecurityissue,itwillnotbereported::self.process=subprocess.Popen(\'/bin/echo\',shell=True)#nosecVulnerabilityTests-------------------Vulnerabilitytestsor"plugins"aredefinedinfilesinthepluginsdirectory.TestsarewritteninPythonandareautodiscoveredfromthepluginsdirectory.EachtestcanexamineoneormoretypeofPythonstatements.TestsaremarkedwiththetypesofPythonstatementstheyexamine(forexample:functioncall,string,import,etc).Testsareexecutedbythe``BanditNodeVisitor``objectasitvisitseachnodeintheAST.Testresultsaremanagedinthe``Manager``andaggregatedforoutputatthecompletionofatestrunthroughthemethod`output_result`from``Manager``instance.WritingTests-------------Towriteatest:-Identifyavulnerabilitytobuildatestfor,andcreateanewfileinexamples/thatcontainsoneormorecasesofthatvulnerability.-Considerthevulnerabilityyou\'retestingfor,markthefunctionwithoneormoreoftheappropriatedecorators:-@checks(\'Call\')-@checks(\'Import\',\'ImportFrom\')-@checks(\'Str\')-CreateanewPythonsourcefiletocontainyourtest,youcanreferenceexistingtestsforexamples.-Thefunctionthatyoucreateshouldtakeaparameter"context"whichisaninstanceofthecontextclassyoucanqueryforinformationaboutthecurrentelementbeingexamined.YoucanalsogettherawASTnodeformoreadvancedusecases.Pleaseseethecontext.pyfileformore.-ExtendyourBanditconfigurationfileasneededtosupportyournewtest.-ExecuteBanditagainstthetestfileyoudefinedinexamples/andensurethatitdetectsthevulnerability.Considervariationsonhowthisvulnerabilitymightpresentitselfandextendtheexamplefileandthetestfunctionaccordingly.ExtendingBandit----------------Banditallowsuserstowriteandregisterextensionsforchecksandformatters.Banditwillloadpluginsfromtwoentry-points:-`bandit.formatters`-`bandit.plugins`Formattersneedtoaccept5things:-`manager`:aninstanceof`banditmanager`-`fileobj`:theoutputfileobject,whichmaybesys.stdout-`sev_level`:Filteringseveritylevel-`conf_level`:Filteringconfidencelevel-`lines=-1`:numberoflinestoreportPluginstendtotakeadvantageofthe`bandit.checks`decoratorwhichallowstheauthortoregisteracheckforaparticulartypeofASTnode.Forexample::@bandit.checks(\'Call\')defprohibit_unsafe_deserialization(context):if\'unsafe_load\'incontext.call_function_name_qual:returnbandit.Issue(severity=bandit.HIGH,confidence=bandit.HIGH,text="Unsafedeserializationdetected.")Toregisteryourplugin,youhavetwooptions:1.Ifyou\'reusingsetuptoolsdirectly,addsomethinglikethefollowingtoyour``setup``call::#Ifyouhaveanimaginarybsonformatterinthebandit_bsonmodule#andafunctioncalled`formatter`.entry_points={\'bandit.formatters\':[\'bson=bandit_bson:formatter\']}#Oracheckforusingmakotemplatesinbandit_makothatentry_points={\'bandit.plugins\':[\'mako=bandit_mako\']}2.Ifyou\'reusingpbr,addsomethinglikethefollowingtoyour`setup.cfg`file::[entry_points]bandit.formatters=bson=bandit_bson:formatterbandit.plugins=mako=bandit_makoContributing------------FollowourContributingfile:https://github.com/PyCQA/bandit/blob/master/CONTRIBUTING.mdReportingBugs--------------Bugsshouldbereportedongithub.TofileabugagainstBandit,visit:https://github.com/PyCQA/bandit/issuesShowYourStyle---------------..image::https://img.shields.io/badge/security-bandit-yellow.svg:target:https://github.com/PyCQA/bandit:alt:SecurityStatusUseourbadgeinyourproject\'sREADME!usingMarkdown::[](https://github.com/PyCQA/bandit)usingRST::..image::https://img.shields.io/badge/security-bandit-yellow.svg:target:https://github.com/PyCQA/bandit:alt:SecurityStatusUnderWhichVersionofPythonShouldIInstallBandit?------------------------------------------------------Theanswertothisquestiondependsontheproject(s)youwillberunningBanditagainst.IfyourprojectisonlycompatiblewithPython2.7,youshouldinstallBandittorununderPython2.7.IfyourprojectisonlycompatiblewithPython3.5,thenuse3.5respectively.Ifyourprojectsupportsboth,you*could*runBanditwithbothversionsbutyoudon\'thaveto.Banditusesthe`ast`modulefromPython\'sstandardlibraryinordertoanalyzeyourPythoncode.The`ast`moduleisonlyabletoparsePythoncodethatisvalidintheversionoftheinterpreterfromwhichitisimported.Inotherwords,ifyoutrytousePython2.7\'s`ast`moduletoparsecodewrittenfor3.5thatuses,forexample,`yieldfrom`withasyncio,thenyou\'llhavesyntaxerrorsthatwillpreventBanditfromworkingproperly.Alternatively,ifyouarerelyingon2.7\'soctalnotationof`0777`thenyou\'llhaveasyntaxerrorifyourunBanditon3.x.References==========Banditdocs:https://bandit.readthedocs.io/en/latest/PythonASTmoduledocumentation:https://docs.python.org/3/library/ast.htmlGreenTreeSnakes-themissingPythonASTdocs:https://greentreesnakes.readthedocs.org/en/latest/DocumentationofthevarioustypesofASTnodesthatBanditcurrentlycoversorcouldbeextendedtocover:https://greentreesnakes.readthedocs.org/en/latest/nodes.html' > >{12} tests.unit.core.test_manager.ManagerTests.test_compare_baseline [0.000692s] ... ok >{12} tests.unit.core.test_manager.ManagerTests.test_populate_baseline_success [0.000469s] ... ok >{12} tests.unit.formatters.test_text.TextFormatterTests.test_no_issues [0.001517s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.9.4 >Run started:2021-04-29 02:00:31.841018 > >Test results: > No issues identified. > >Code scanned: > Total lines of code: 1 > Total lines skipped (#nosec): 0 > >Run metrics: > Total issues (by severity): > Undefined: 0.0 > Low: 0.0 > Medium: 0.0 > High: 0.0 > Total issues (by confidence): > Undefined: 0.0 > Low: 0.0 > Medium: 0.0 > High: 0.0 >Files skipped (0): > >[ INFO ] No output format specified, using terminal >[ INFO ] Got current commit: [89bc41e02c2a9ad51434543fba97e3cf4b972a08 malicious] >[ INFO ] Got parent commit: [5e706e5f5bc530af3b181a906481cbd17ebe37fb benign1] >[ INFO ] Getting Bandit baseline results >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp8k_y51p7/_bandit_baseline_run.json_ >[ INFO ] Comparing Bandit results to baseline >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.9.4 >b"Run started:2021-04-29 02:00:32.626485\n\nTest results:\n>> Issue: [B605:start_process_with_a_shell] Starting a process with a shell: Seems safe, but may be changed in the future, consider rewriting without shell\n Severity: Low Confidence: High\n Location: ./malicious.py:3\n More Info: https://bandit.readthedocs.io/en/latest/plugins/b605_start_process_with_a_shell.html\n2\t\n3\tos.system('/bin/echo hi')\n\n--------------------------------------------------\n\nCode scanned:\n\tTotal lines of code: 3\n\tTotal lines skipped (#nosec): 0\n\nRun metrics:\n\tTotal issues (by severity):\n\t\tUndefined: 0.0\n\t\tLow: 1.0\n\t\tMedium: 0.0\n\t\tHigh: 0.0\n\tTotal issues (by confidence):\n\t\tUndefined: 0.0\n\t\tLow: 0.0\n\t\tMedium: 0.0\n\t\tHigh: 1.0\nFiles skipped (0):\n" >[ INFO ] No output format specified, using terminal >[ INFO ] Got current commit: [befb17822addb564d669d7d32b78767bcafd2bef benign2] >[ INFO ] Got parent commit: [89bc41e02c2a9ad51434543fba97e3cf4b972a08 malicious] >[ INFO ] Getting Bandit baseline results >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[json] INFO JSON output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmp_94g5ipv/_bandit_baseline_run.json_ >[ INFO ] Comparing Bandit results to baseline >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: B605 >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.9.4 >Run started:2021-04-29 02:00:33.395417 > >Test results: > No issues identified. > >Code scanned: > Total lines of code: 4 > Total lines skipped (#nosec): 0 > >Run metrics: > Total issues (by severity): > Undefined: 0.0 > Low: 1.0 > Medium: 0.0 > High: 0.0 > Total issues (by confidence): > Undefined: 0.0 > Low: 0.0 > Medium: 0.0 > High: 1.0 >Files skipped (0): > >{13} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_bandit_baseline [2.620602s] ... ok >Bandit baseline must be called from a git project root >[main] DEBUG logging initialized >{13} tests.unit.cli.test_baseline.BanditBaselineToolTests.test_initialize_no_repo [0.001514s] ... ok >{13} tests.unit.cli.test_main.BanditCLIMainLoggerTests.test_init_logger_debug_mode [0.000316s] ... ok >[config] WARNING Config file 'bandit.yaml' contains deprecated legacy config data. Please consider upgrading to the new config format. The tool 'bandit-config-generator' can help you with this. Support for legacy configs will be removed in a future bandit version. >[main] INFO profile include tests: None >[main] INFO profile exclude tests: None >[main] INFO cli include tests: None >[main] INFO cli exclude tests: None >[main] INFO using config: bandit.yaml >[main] INFO running on Python 3.9.4 >[text] INFO Text output written to file: output >{13} tests.unit.cli.test_main.BanditCLIMainTests.test_main_exit_with_results [0.006031s] ... ok >[text] INFO Text output written to file: /var/tmp/portage/dev-python/bandit-1.7.0/temp/tmpvvfp3n9w/_temp_output.txt >{13} tests.unit.core.test_manager.ManagerTests.test_output_results_valid_format [0.000850s] ... ok >{13} tests.unit.core.test_manager.ManagerTests.test_run_tests_ioerror [0.000604s] ... ok >{13} tests.unit.core.test_test_set.BanditTestSetTests.test_profile_has_builtin_blacklist [0.000849s] ... ok > >============================== >Failed 2 tests - output below: >============================== > >tests.functional.test_functional.FunctionalTests.test_hardcoded_passwords >------------------------------------------------------------------------- > >Captured traceback: >~~~~~~~~~~~~~~~~~~~ > Traceback (most recent call last): > > File "/var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/tests/functional/test_functional.py", line 176, in test_hardcoded_passwords > self.check_example('hardcoded-passwords.py', expect) > > File "/var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/tests/functional/test_functional.py", line 76, in check_example > self.assertDictEqual(expect, result) > > File "/usr/lib/python3.9/site-packages/unittest2/case.py", line 1128, in assertDictEqual > self.fail(self._formatMessage(msg, standardMsg)) > > File "/usr/lib/python3.9/site-packages/unittest2/case.py", line 690, in fail > raise self.failureException(msg) > > AssertionError: {'SEV[28 chars]W': 12, 'MEDIUM': 0, 'HIGH': 0}, 'CONFIDENCE':[48 chars]: 0}} != {'SEV[28 chars]W': 11, 'MEDIUM': 0, 'HIGH': 0}, 'CONFIDENCE':[48 chars]: 0}} >- {'CONFIDENCE': {'HIGH': 0, 'LOW': 0, 'MEDIUM': 12, 'UNDEFINED': 0}, >? ^ > >+ {'CONFIDENCE': {'HIGH': 0, 'LOW': 0, 'MEDIUM': 11, 'UNDEFINED': 0}, >? ^ > >- 'SEVERITY': {'HIGH': 0, 'LOW': 12, 'MEDIUM': 0, 'UNDEFINED': 0}} >? ^ > >+ 'SEVERITY': {'HIGH': 0, 'LOW': 11, 'MEDIUM': 0, 'UNDEFINED': 0}} >? ^ > > > >tests.functional.test_runtime.RuntimeTests.test_help_in_readme >-------------------------------------------------------------- > >Captured traceback: >~~~~~~~~~~~~~~~~~~~ > Traceback (most recent call last): > > File "/var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9/tests/functional/test_runtime.py", line 76, in test_help_in_readme > self.assertIn(output, readme) > > File "/usr/lib/python3.9/site-packages/testtools/testcase.py", line 421, in assertIn > self.assertThat(haystack, Contains(needle), message) > > File "/usr/lib/python3.9/site-packages/testtools/testcase.py", line 502, in assertThat > raise mismatch_error > > testtools.matchers._impl.MismatchError: 'usage:bandit[-h][-r][-a{file,vuln}][-nCONTEXT_LINES][-cCONFIG_FILE][-pPROFILE][-tTESTS][-sSKIPS][-l][-i][-f{csv,custom,html,json,screen,txt,xml,yaml}][--msg-templateMSG_TEMPLATE][-o[OUTPUT_FILE]][-v][-d][-q][--ignore-nosec][-xEXCLUDED_PATHS][-bBASELINE][--iniINI_PATH][--exit-zero][--version][targets...]Bandit-aPythonsourcecodesecurityanalyzerpositionalarguments:targetssourcefile(s)ordirectory(s)tobetestedoptionalarguments:-h,--helpshowthishelpmessageandexit-r,--recursivefindandprocessfilesinsubdirectories-a{file,vuln},--aggregate{file,vuln}aggregateoutputbyvulnerability(default)orbyfilename-nCONTEXT_LINES,--numberCONTEXT_LINESmaximumnumberofcodelinestooutputforeachissue-cCONFIG_FILE,--configfileCONFIG_FILEoptionalconfigfiletouseforselectingpluginsandoverridingdefaults-pPROFILE,--profilePROFILEprofiletouse(defaultstoexecutingalltests)-tTESTS,--testsTESTScomma-separatedlistoftestIDstorun-sSKIPS,--skipSKIPScomma-separatedlistoftestIDstoskip-l,--levelreportonlyissuesofagivenseveritylevelorhigher(-lforLOW,-llforMEDIUM,-lllforHIGH)-i,--confidencereportonlyissuesofagivenconfidencelevelorhigher(-iforLOW,-iiforMEDIUM,-iiiforHIGH)-f{csv,custom,html,json,screen,txt,xml,yaml},--format{csv,custom,html,json,screen,txt,xml,yaml}specifyoutputformat--msg-templateMSG_TEMPLATEspecifyoutputmessagetemplate(onlyusablewith--formatcustom),seeCUSTOMFORMATsectionforlistofavailablevalues-o[OUTPUT_FILE],--output[OUTPUT_FILE]writereporttofilename-v,--verboseoutputextrainformationlikeexcludedandincludedfiles-d,--debugturnondebugmode-q,--quiet,--silentonlyshowoutputinthecaseofanerror--ignore-nosecdonotskiplineswith#noseccomments-xEXCLUDED_PATHS,--excludeEXCLUDED_PATHScomma-separatedlistofpaths(globpatternssupported)toexcludefromscan(notethattheseareinadditiontotheexcludedpathsprovidedintheconfigfile)(default:.svn,CVS,.bzr,.hg,.git,__pycache__,.tox,.eggs,*.egg)-bBASELINE,--baselineBASELINEpathofabaselinereporttocompareagainst(onlyJSON-formattedfilesareaccepted)--iniINI_PATHpathtoa.banditfilethatsuppliescommandlinearguments--exit-zeroexitwith0,evenwithresultsfound--versionshowprogram\'sversionnumberandexitCUSTOMFORMATTING-----------------Availabletags:{abspath},{relpath},{line},{test_id},{severity},{msg},{confidence},{range}Exampleusage:Defaulttemplate:bandit-rexamples/--formatcustom--msg-template\\"{abspath}:{line}:{test_id}[bandit]:{severity}:{msg}"Providessameoutputas:bandit-rexamples/--formatcustomTagscanalsobeformattedinpythonstring.format()style:bandit-rexamples/--formatcustom--msg-template\\"{relpath:20.20s}:{line:03}:{test_id:^8}:DEFECT:{msg:>20}"Seepythondocumentationformoreinformationaboutformattingstyle:https://docs.python.org/3/library/string.htmlThefollowingtestswerediscoveredandloaded:-----------------------------------------------B101assert_usedB102exec_usedB103set_bad_file_permissionsB104hardcoded_bind_all_interfacesB105hardcoded_password_stringB106hardcoded_password_funcargB107hardcoded_password_defaultB108hardcoded_tmp_directoryB110try_except_passB112try_except_continueB201flask_debug_trueB301pickleB302marshalB303md5B304ciphersB305cipher_modesB306mktemp_qB307evalB308mark_safeB309httpsconnectionB310urllib_urlopenB311randomB312telnetlibB313xml_bad_cElementTreeB314xml_bad_ElementTreeB315xml_bad_expatreaderB316xml_bad_expatbuilderB317xml_bad_saxB318xml_bad_minidomB319xml_bad_pulldomB320xml_bad_etreeB321ftplibB323unverified_contextB324hashlib_new_insecure_functionsB325tempnamB401import_telnetlibB402import_ftplibB403import_pickleB404import_subprocessB405import_xml_etreeB406import_xml_saxB407import_xml_expatB408import_xml_minidomB409import_xml_pulldomB410import_lxmlB411import_xmlrpclibB412import_httpoxyB413import_pycryptoB501request_with_no_cert_validationB502ssl_with_bad_versionB503ssl_with_bad_defaultsB504ssl_with_no_versionB505weak_cryptographic_keyB506yaml_loadB507ssh_no_host_key_verificationB601paramiko_callsB602subprocess_popen_with_shell_equals_trueB603subprocess_without_shell_equals_trueB604any_other_function_with_shell_equals_trueB605start_process_with_a_shellB606start_process_with_no_shellB607start_process_with_partial_pathB608hardcoded_sql_expressionsB609linux_commands_wildcard_injectionB610django_extra_usedB611django_rawsql_usedB701jinja2_autoescape_falseB702use_of_mako_templatesB703django_mark_safe' not in '..image::https://github.com/PyCQA/bandit/blob/master/logo/logotype-sm.png:alt:Bandit======..image::https://github.com/PyCQA/bandit/workflows/Build%20and%20Test%20Bandit/badge.svg:target:https://github.com/PyCQA/bandit/actions?query=workflow%3A%22Build+and+Test+Bandit%22:alt:BuildStatus..image::https://readthedocs.org/projects/bandit/badge/?version=latest:target:https://readthedocs.org/projects/bandit/:alt:DocsStatus..image::https://img.shields.io/pypi/v/bandit.svg:target:https://pypi.org/project/bandit/:alt:LatestVersion..image::https://img.shields.io/pypi/pyversions/bandit.svg:target:https://pypi.org/project/bandit/:alt:PythonVersions..image::https://img.shields.io/pypi/format/bandit.svg:target:https://pypi.org/project/bandit/:alt:Format..image::https://img.shields.io/badge/license-Apache%202-blue.svg:target:https://github.com/PyCQA/bandit/blob/master/LICENSE:alt:LicenseAsecuritylinterfromPyCQA*Freesoftware:Apachelicense*Documentation:https://bandit.readthedocs.io/en/latest/*Source:https://github.com/PyCQA/bandit*Bugs:https://github.com/PyCQA/bandit/issues*Contributing:https://github.com/PyCQA/bandit/blob/master/CONTRIBUTING.mdOverview--------BanditisatooldesignedtofindcommonsecurityissuesinPythoncode.TodothisBanditprocesseseachfile,buildsanASTfromit,andrunsappropriatepluginsagainsttheASTnodes.OnceBandithasfinishedscanningallthefilesitgeneratesareport.BanditwasoriginallydevelopedwithintheOpenStackSecurityProjectandlaterrehomedtoPyCQA.Installation------------BanditisdistributedonPyPI.Thebestwaytoinstallitiswithpip:Createavirtualenvironment(optional)::virtualenvbandit-env#Orifyou\'reworkingwithaPython3projectpython3-mvenvbandit-env#Andactivateit:sourcebandit-env/bin/activateInstallBandit::pipinstallbandit#Orifyou\'reworkingwithaPython3projectpip3installbanditRunBandit::bandit-rpath/to/your/codeBanditcanalsobeinstalledfromsource.Todoso,downloadthesourcetarballfromPyPI,theninstallit::pythonsetup.pyinstallUsage-----Exampleusageacrossacodetree::bandit-r~/your_repos/projectExampleusageacrossthe``examples/``directory,showingthreelinesofcontextandonlyreportingonthehigh-severityissues::banditexamples/*.py-n3-lllBanditcanberunwithprofiles.TorunBanditagainsttheexamplesdirectoryusingonlythepluginslistedinthe``ShellInjection``profile::banditexamples/*.py-pShellInjectionBanditalsosupportspassinglinesofcodetoscanusingstandardinput.TorunBanditwithstandardinput::catexamples/imports.py|bandit-Usage::$bandit-husage:bandit[-h][-r][-a{file,vuln}][-nCONTEXT_LINES][-cCONFIG_FILE][-pPROFILE][-tTESTS][-sSKIPS][-l][-i][-f{csv,custom,html,json,screen,txt,xml,yaml}][--msg-templateMSG_TEMPLATE][-o[OUTPUT_FILE]][-v][-d][-q][--ignore-nosec][-xEXCLUDED_PATHS][-bBASELINE][--iniINI_PATH][--exit-zero][--version][targets[targets...]]Bandit-aPythonsourcecodesecurityanalyzerpositionalarguments:targetssourcefile(s)ordirectory(s)tobetestedoptionalarguments:-h,--helpshowthishelpmessageandexit-r,--recursivefindandprocessfilesinsubdirectories-a{file,vuln},--aggregate{file,vuln}aggregateoutputbyvulnerability(default)orbyfilename-nCONTEXT_LINES,--numberCONTEXT_LINESmaximumnumberofcodelinestooutputforeachissue-cCONFIG_FILE,--configfileCONFIG_FILEoptionalconfigfiletouseforselectingpluginsandoverridingdefaults-pPROFILE,--profilePROFILEprofiletouse(defaultstoexecutingalltests)-tTESTS,--testsTESTScomma-separatedlistoftestIDstorun-sSKIPS,--skipSKIPScomma-separatedlistoftestIDstoskip-l,--levelreportonlyissuesofagivenseveritylevelorhigher(-lforLOW,-llforMEDIUM,-lllforHIGH)-i,--confidencereportonlyissuesofagivenconfidencelevelorhigher(-iforLOW,-iiforMEDIUM,-iiiforHIGH)-f{csv,custom,html,json,screen,txt,xml,yaml},--format{csv,custom,html,json,screen,txt,xml,yaml}specifyoutputformat--msg-templateMSG_TEMPLATEspecifyoutputmessagetemplate(onlyusablewith--formatcustom),seeCUSTOMFORMATsectionforlistofavailablevalues-o[OUTPUT_FILE],--output[OUTPUT_FILE]writereporttofilename-v,--verboseoutputextrainformationlikeexcludedandincludedfiles-d,--debugturnondebugmode-q,--quiet,--silentonlyshowoutputinthecaseofanerror--ignore-nosecdonotskiplineswith#noseccomments-xEXCLUDED_PATHS,--excludeEXCLUDED_PATHScomma-separatedlistofpaths(globpatternssupported)toexcludefromscan(notethattheseareinadditiontotheexcludedpathsprovidedintheconfigfile)(default:.svn,CVS,.bzr,.hg,.git,__pycache__,.tox,.eggs,*.egg)-bBASELINE,--baselineBASELINEpathofabaselinereporttocompareagainst(onlyJSON-formattedfilesareaccepted)--iniINI_PATHpathtoa.banditfilethatsuppliescommandlinearguments--exit-zeroexitwith0,evenwithresultsfound--versionshowprogram\'sversionnumberandexitCUSTOMFORMATTING-----------------Availabletags:{abspath},{relpath},{line},{test_id},{severity},{msg},{confidence},{range}Exampleusage:Defaulttemplate:bandit-rexamples/--formatcustom--msg-template\\"{abspath}:{line}:{test_id}[bandit]:{severity}:{msg}"Providessameoutputas:bandit-rexamples/--formatcustomTagscanalsobeformattedinpythonstring.format()style:bandit-rexamples/--formatcustom--msg-template\\"{relpath:20.20s}:{line:03}:{test_id:^8}:DEFECT:{msg:>20}"Seepythondocumentationformoreinformationaboutformattingstyle:https://docs.python.org/3/library/string.htmlThefollowingtestswerediscoveredandloaded:-----------------------------------------------B101assert_usedB102exec_usedB103set_bad_file_permissionsB104hardcoded_bind_all_interfacesB105hardcoded_password_stringB106hardcoded_password_funcargB107hardcoded_password_defaultB108hardcoded_tmp_directoryB110try_except_passB112try_except_continueB201flask_debug_trueB301pickleB302marshalB303md5B304ciphersB305cipher_modesB306mktemp_qB307evalB308mark_safeB309httpsconnectionB310urllib_urlopenB311randomB312telnetlibB313xml_bad_cElementTreeB314xml_bad_ElementTreeB315xml_bad_expatreaderB316xml_bad_expatbuilderB317xml_bad_saxB318xml_bad_minidomB319xml_bad_pulldomB320xml_bad_etreeB321ftplibB323unverified_contextB324hashlib_new_insecure_functionsB325tempnamB401import_telnetlibB402import_ftplibB403import_pickleB404import_subprocessB405import_xml_etreeB406import_xml_saxB407import_xml_expatB408import_xml_minidomB409import_xml_pulldomB410import_lxmlB411import_xmlrpclibB412import_httpoxyB413import_pycryptoB501request_with_no_cert_validationB502ssl_with_bad_versionB503ssl_with_bad_defaultsB504ssl_with_no_versionB505weak_cryptographic_keyB506yaml_loadB507ssh_no_host_key_verificationB601paramiko_callsB602subprocess_popen_with_shell_equals_trueB603subprocess_without_shell_equals_trueB604any_other_function_with_shell_equals_trueB605start_process_with_a_shellB606start_process_with_no_shellB607start_process_with_partial_pathB608hardcoded_sql_expressionsB609linux_commands_wildcard_injectionB610django_extra_usedB611django_rawsql_usedB701jinja2_autoescape_falseB702use_of_mako_templatesB703django_mark_safeBaseline--------Banditallowsspecifyingthepathofabaselinereporttocompareagainstusingthebaselineargument(i.e.``-bBASELINE``or``--baselineBASELINE``).::bandit-bBASELINEThisisusefulforignoringknownvulnerabilitiesthatyoubelievearenon-issues(e.g.acleartextpasswordinaunittest).TogenerateabaselinereportsimplyrunBanditwiththeoutputformatsetto``json``(onlyJSON-formattedfilesareacceptedasabaseline)andoutputfilepathspecified:::bandit-fjson-oPATH_TO_OUTPUT_FILEVersioncontrolintegration---------------------------Use`pre-commit<https://pre-commit.com/>`_.Onceyou`haveitinstalled<https://pre-commit.com/#install>`_,addthistothe`.pre-commit-config.yaml`inyourrepository(besuretoupdate`rev`topointtoarealgittag/revision!)::repos:-repo:https://github.com/PyCQA/banditrev:\'\'#Updateme!hooks:-id:banditThenrun`pre-commitinstall`andyou\'rereadytogo.Configuration-------------Anoptionalconfigfilemaybesuppliedandmayinclude:-listsoftestswhichshouldorshouldn\'tberun-exclude_dirs-sectionsofthepath,thatifmatched,willbeexcludedfromscanning(globpatternssupported)-overriddenpluginsettings-mayprovidedifferentsettingsforsomepluginsPerProjectCommandLineArgs-----------------------------Projectsmayincludea`.bandit`filethatspecifiescommandlineargumentsthatshouldbesuppliedforthatproject.Thecurrentlysupportedargumentsare:-targets:commaseparatedlistoftargetdirs/filestorunbanditon-exclude:commaseparatedlistofexcludedpaths-skips:commaseparatedlistofteststoskip-tests:commaseparatedlistofteststorunTousethis,puta.banditfileinyourproject\'sdirectory.Forexample:::[bandit]exclude:/test::[bandit]tests:B101,B102,B301Exclusions----------IntheeventthatalineofcodetriggersaBanditissue,butthatthelinehasbeenreviewedandtheissueisafalsepositiveoracceptableforsomeotherreason,thelinecanbemarkedwitha``#nosec``andanyresultsassociatedwithitwillnotbereported.Forexample,althoughthislinemaycauseBandittoreportapotentialsecurityissue,itwillnotbereported::self.process=subprocess.Popen(\'/bin/echo\',shell=True)#nosecVulnerabilityTests-------------------Vulnerabilitytestsor"plugins"aredefinedinfilesinthepluginsdirectory.TestsarewritteninPythonandareautodiscoveredfromthepluginsdirectory.EachtestcanexamineoneormoretypeofPythonstatements.TestsaremarkedwiththetypesofPythonstatementstheyexamine(forexample:functioncall,string,import,etc).Testsareexecutedbythe``BanditNodeVisitor``objectasitvisitseachnodeintheAST.Testresultsaremanagedinthe``Manager``andaggregatedforoutputatthecompletionofatestrunthroughthemethod`output_result`from``Manager``instance.WritingTests-------------Towriteatest:-Identifyavulnerabilitytobuildatestfor,andcreateanewfileinexamples/thatcontainsoneormorecasesofthatvulnerability.-Considerthevulnerabilityyou\'retestingfor,markthefunctionwithoneormoreoftheappropriatedecorators:-@checks(\'Call\')-@checks(\'Import\',\'ImportFrom\')-@checks(\'Str\')-CreateanewPythonsourcefiletocontainyourtest,youcanreferenceexistingtestsforexamples.-Thefunctionthatyoucreateshouldtakeaparameter"context"whichisaninstanceofthecontextclassyoucanqueryforinformationaboutthecurrentelementbeingexamined.YoucanalsogettherawASTnodeformoreadvancedusecases.Pleaseseethecontext.pyfileformore.-ExtendyourBanditconfigurationfileasneededtosupportyournewtest.-ExecuteBanditagainstthetestfileyoudefinedinexamples/andensurethatitdetectsthevulnerability.Considervariationsonhowthisvulnerabilitymightpresentitselfandextendtheexamplefileandthetestfunctionaccordingly.ExtendingBandit----------------Banditallowsuserstowriteandregisterextensionsforchecksandformatters.Banditwillloadpluginsfromtwoentry-points:-`bandit.formatters`-`bandit.plugins`Formattersneedtoaccept5things:-`manager`:aninstanceof`banditmanager`-`fileobj`:theoutputfileobject,whichmaybesys.stdout-`sev_level`:Filteringseveritylevel-`conf_level`:Filteringconfidencelevel-`lines=-1`:numberoflinestoreportPluginstendtotakeadvantageofthe`bandit.checks`decoratorwhichallowstheauthortoregisteracheckforaparticulartypeofASTnode.Forexample::@bandit.checks(\'Call\')defprohibit_unsafe_deserialization(context):if\'unsafe_load\'incontext.call_function_name_qual:returnbandit.Issue(severity=bandit.HIGH,confidence=bandit.HIGH,text="Unsafedeserializationdetected.")Toregisteryourplugin,youhavetwooptions:1.Ifyou\'reusingsetuptoolsdirectly,addsomethinglikethefollowingtoyour``setup``call::#Ifyouhaveanimaginarybsonformatterinthebandit_bsonmodule#andafunctioncalled`formatter`.entry_points={\'bandit.formatters\':[\'bson=bandit_bson:formatter\']}#Oracheckforusingmakotemplatesinbandit_makothatentry_points={\'bandit.plugins\':[\'mako=bandit_mako\']}2.Ifyou\'reusingpbr,addsomethinglikethefollowingtoyour`setup.cfg`file::[entry_points]bandit.formatters=bson=bandit_bson:formatterbandit.plugins=mako=bandit_makoContributing------------FollowourContributingfile:https://github.com/PyCQA/bandit/blob/master/CONTRIBUTING.mdReportingBugs--------------Bugsshouldbereportedongithub.TofileabugagainstBandit,visit:https://github.com/PyCQA/bandit/issuesShowYourStyle---------------..image::https://img.shields.io/badge/security-bandit-yellow.svg:target:https://github.com/PyCQA/bandit:alt:SecurityStatusUseourbadgeinyourproject\'sREADME!usingMarkdown::[](https://github.com/PyCQA/bandit)usingRST::..image::https://img.shields.io/badge/security-bandit-yellow.svg:target:https://github.com/PyCQA/bandit:alt:SecurityStatusUnderWhichVersionofPythonShouldIInstallBandit?------------------------------------------------------Theanswertothisquestiondependsontheproject(s)youwillberunningBanditagainst.IfyourprojectisonlycompatiblewithPython2.7,youshouldinstallBandittorununderPython2.7.IfyourprojectisonlycompatiblewithPython3.5,thenuse3.5respectively.Ifyourprojectsupportsboth,you*could*runBanditwithbothversionsbutyoudon\'thaveto.Banditusesthe`ast`modulefromPython\'sstandardlibraryinordertoanalyzeyourPythoncode.The`ast`moduleisonlyabletoparsePythoncodethatisvalidintheversionoftheinterpreterfromwhichitisimported.Inotherwords,ifyoutrytousePython2.7\'s`ast`moduletoparsecodewrittenfor3.5thatuses,forexample,`yieldfrom`withasyncio,thenyou\'llhavesyntaxerrorsthatwillpreventBanditfromworkingproperly.Alternatively,ifyouarerelyingon2.7\'soctalnotationof`0777`thenyou\'llhaveasyntaxerrorifyourunBanditon3.x.References==========Banditdocs:https://bandit.readthedocs.io/en/latest/PythonASTmoduledocumentation:https://docs.python.org/3/library/ast.htmlGreenTreeSnakes-themissingPythonASTdocs:https://greentreesnakes.readthedocs.org/en/latest/DocumentationofthevarioustypesofASTnodesthatBanditcurrentlycoversorcouldbeextendedtocover:https://greentreesnakes.readthedocs.org/en/latest/nodes.html' > > > >====== >Totals >====== >Ran: 251 tests in 2.6561 sec. > - Passed: 249 > - Skipped: 0 > - Expected Fail: 0 > - Unexpected Success: 0 > - Failed: 2 >Sum of execute time for each test: 13.0153 sec. > >============== >Worker Balance >============== > - Worker 0 (7 tests) => 0:00:00.069072 > - Worker 1 (7 tests) => 0:00:00.125314 > - Worker 2 (7 tests) => 0:00:00.162211 > - Worker 3 (7 tests) => 0:00:00.119939 > - Worker 4 (7 tests) => 0:00:00.072550 > - Worker 5 (7 tests) => 0:00:00.424078 > - Worker 6 (7 tests) => 0:00:00.746209 > - Worker 7 (7 tests) => 0:00:00.415334 > - Worker 8 (7 tests) => 0:00:00.064221 > - Worker 9 (7 tests) => 0:00:00.077338 > - Worker 10 (7 tests) => 0:00:00.075259 > - Worker 11 (7 tests) => 0:00:00.703240 > - Worker 12 (7 tests) => 0:00:00.930048 > - Worker 13 (7 tests) => 0:00:02.632197 > - Worker 14 (7 tests) => 0:00:00.181243 > - Worker 15 (7 tests) => 0:00:00.072221 > - Worker 16 (7 tests) => 0:00:00.182857 > - Worker 17 (7 tests) => 0:00:00.852252 > - Worker 18 (7 tests) => 0:00:00.075933 > - Worker 19 (7 tests) => 0:00:00.650895 > - Worker 20 (7 tests) => 0:00:00.456380 > - Worker 21 (7 tests) => 0:00:00.365912 > - Worker 22 (7 tests) => 0:00:00.130396 > - Worker 23 (7 tests) => 0:00:00.343802 > - Worker 24 (7 tests) => 0:00:00.130207 > - Worker 25 (7 tests) => 0:00:00.367225 > - Worker 26 (7 tests) => 0:00:00.057146 > - Worker 27 (7 tests) => 0:00:00.720869 > - Worker 28 (7 tests) => 0:00:00.062644 > - Worker 29 (7 tests) => 0:00:00.098546 > - Worker 30 (7 tests) => 0:00:00.065176 > - Worker 31 (7 tests) => 0:00:00.372403 > - Worker 32 (7 tests) => 0:00:00.750831 > - Worker 33 (7 tests) => 0:00:00.064611 > - Worker 34 (7 tests) => 0:00:00.013231 > - Worker 35 (6 tests) => 0:00:00.480380 > * ERROR: dev-python/bandit-1.7.0::gentoo failed (test phase): > * (no error message) > * > * Call stack: > * ebuild.sh, line 125: Called src_test > * environment, line 2873: Called distutils-r1_src_test > * environment, line 1237: Called _distutils-r1_run_foreach_impl 'python_test' > * environment, line 487: Called python_foreach_impl 'distutils-r1_run_phase' 'python_test' > * environment, line 2542: Called multibuild_foreach_variant '_python_multibuild_wrapper' 'distutils-r1_run_phase' 'python_test' > * environment, line 2029: Called _multibuild_run '_python_multibuild_wrapper' 'distutils-r1_run_phase' 'python_test' > * environment, line 2027: Called _python_multibuild_wrapper 'distutils-r1_run_phase' 'python_test' > * environment, line 794: Called distutils-r1_run_phase 'python_test' > * environment, line 1176: Called python_test > * environment, line 2833: Called die > * The specific snippet of code: > * stestr run || die > * > * If you need support, post the output of `emerge --info '=dev-python/bandit-1.7.0::gentoo'`, > * the complete build log and the output of `emerge -pqv '=dev-python/bandit-1.7.0::gentoo'`. > * The complete build log is located at '/var/log/emerge-log/build/dev-python/bandit-1.7.0:20210429-020014.log'. > * For convenience, a symlink to the build log is located at '/var/tmp/portage/dev-python/bandit-1.7.0/temp/build.log'. > * The ebuild environment file is located at '/var/tmp/portage/dev-python/bandit-1.7.0/temp/environment'. > * Working directory: '/var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0-python3_9' > * S: '/var/tmp/portage/dev-python/bandit-1.7.0/work/bandit-1.7.0' >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=703536">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 786642
: 703536
