On 11/03/2015 10:50 AM, Victor Stinner wrote:
Hi,
I don't like very long command lines, it's hard to document them or
comment them. I prefer configuration files. But bandit.yaml, the
"template", is already a configuration file!?
Yes, the config file provided by bandit is some kind of "enable all
checkers" configuration. Basically, it seems to me that people just
re-use that with minor tweaks.
As Brant wrote, we should enhance Bandit to use a simpler configuration
file. Or maybe we should have our own configuration file which on ly
contains "differences" between the YAML template and the expected YAML
output configuration file. Basically, the "differences" is what you
wrote on the command line.
I think we do not want bandit to start supporting N different
configuration formats. I like that "bandit" reads "bandit.yaml", in its
current state. It is *simple*.
Now, writing a working "bandit.yaml" could be less of a burden. To
achieve this, bandit could provide a tool that allows developers to say
"well, I want everything but this particular checker" or "well, I need
this tweak to the configuration of that checker".
The right "architecture" would be:
- bandit-conf-generator (possibly included in the bandit git repo) reads
a 'bandit-conf' config file and generates 'bandit.yaml';
- 'bandit' reads 'bandit.yaml' and does its job.
The configuration file for bandit-conf-generator could look something like:
[general]
project_name = oslo.messaging
path_to_src = oslo_messaging
disabled_tests = try_except_pass,assert_used
And then some code to configure the checkers that require additional
configuration. It might be harder to think of something easy to write,
though :)
Anyway, it would be better to add this new bandit-conf-generator tool
(or making config simpler) directly in Bandit. What do you think Cyril?
Yes. I should write a blueprint :)
Cyril.
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
