Add bandit to supported linters (microsoft#2775)

For microsoft#2726 Add support for Bandit

Author: demus

CHANGELOG.md

@@ -37,6 +37,7 @@ make this extension useful:
  [venv](https://docs.python.org/3/library/venv.html#module-venv),
  [virtualenv](https://pypi.org/project/virtualenv/)
 - Linting:
+ [bandit](https://pypi.org/project/bandit/),
  [flake8](https://pypi.org/project/flake8/),
  [mypy](https://pypi.org/project/mypy/),
  [prospector](https://pypi.org/project/prospector/),
@@ -82,7 +83,10 @@ part of!
 1. Language server now provides rename functionality.
  ([#2650](https://github.com/Microsoft/vscode-python/issues/2650))
 1. Search for default known paths for conda environments on windows.
- ([#2794](https://github.com/Microsoft/vscode-python/issues/2794))
+ ([#2794](https://github.com/Microsoft/vscode-python/issues/2794)
+1. Add [bandit](https://pypi.org/project/bandit/) to supported linters.
+ (thanks [Steven Demurjian](https://github.com/demus))
+ ([#2775](https://github.com/Microsoft/vscode-python/issues/2775))
 
 ### Fixes
 

news/1 Enhancements/2775.md

@@ -0,0 +1,2 @@
+Add [bandit](https://pypi.org/project/bandit/) to supported linters.
+(thanks [Steven Demurjian Jr.](https://github.com/demus/))

package.json

@@ -994,6 +994,27 @@
  "description": "Controls the maximum number of problems produced by the server.",
  "scope": "resource"
  },
+ "python.linting.banditArgs": {
+ "type": "array",
+ "description": "Arguments passed in. Each argument is a separate item in the array.",
+ "default": [],
+ "items": {
+ "type": "string"
+ },
+ "scope": "resource"
+ },
+ "python.linting.banditEnabled": {
+ "type": "boolean",
+ "default": false,
+ "description": "Whether to lint Python files using bandit.",
+ "scope": "resource"
+ },
+ "python.linting.banditPath": {
+ "type": "string",
+ "default": "bandit",
+ "description": "Path to bandit, you can use a custom version of bandit by modifying this setting to include the full path.",
+ "scope": "resource"
+ },
  "python.linting.mypyArgs": {
  "type": "array",
  "description": "Arguments passed in. Each argument is a separate item in the array.",

requirements.txt

@@ -2,6 +2,7 @@
 # but flake8 has a tighter pinning.
 flake8
 autopep8
+bandit
 black ; python_version>='3.6'
 yapf
 pylint

src/client/common/configSettings.ts

@@ -175,6 +175,7 @@ export class PythonSettings extends EventEmitter implements IPythonSettings {
  flake8Args: [], flake8Enabled: false, flake8Path: 'flake',
  lintOnSave: false, maxNumberOfProblems: 100,
  mypyArgs: [], mypyEnabled: false, mypyPath: 'mypy',
+ banditArgs: [], banditEnabled: false, banditPath: 'bandit',
  pep8Args: [], pep8Enabled: false, pep8Path: 'pep8',
  pylamaArgs: [], pylamaEnabled: false, pylamaPath: 'pylama',
  prospectorArgs: [], prospectorEnabled: false, prospectorPath: 'prospector',
@@ -212,6 +213,7 @@ export class PythonSettings extends EventEmitter implements IPythonSettings {
  this.linting.prospectorPath = getAbsolutePath(systemVariables.resolveAny(this.linting.prospectorPath), workspaceRoot);
  this.linting.pydocstylePath = getAbsolutePath(systemVariables.resolveAny(this.linting.pydocstylePath), workspaceRoot);
  this.linting.mypyPath = getAbsolutePath(systemVariables.resolveAny(this.linting.mypyPath), workspaceRoot);
+ this.linting.banditPath = getAbsolutePath(systemVariables.resolveAny(this.linting.banditPath), workspaceRoot);
 
  // tslint:disable-next-line:no-backbone-get-set-outside-model no-non-null-assertion
  const formattingSettings = systemVariables.resolveAny(pythonSettings.get<IFormattingSettings>('formatting'))!;

src/client/common/installer/productInstaller.ts

@@ -285,6 +285,7 @@ function translateProductToModule(product: Product, purpose: ModuleNamePurpose):
  case Product.flake8: return 'flake8';
  case Product.unittest: return 'unittest';
  case Product.rope: return 'rope';
+ case Product.bandit: return 'bandit';
  default: {
  throw new Error(`Product ${product} cannot be installed as a Python Module.`);
  }

src/client/common/installer/productNames.ts

@@ -6,6 +6,7 @@ import { Product } from '../types';
 // tslint:disable-next-line:variable-name
 export const ProductNames = new Map<Product, string>();
 ProductNames.set(Product.autopep8, 'autopep8');
+ProductNames.set(Product.bandit, 'bandit');
 ProductNames.set(Product.black, 'black');
 ProductNames.set(Product.flake8, 'flake8');
 ProductNames.set(Product.mypy, 'mypy');

src/client/common/installer/productService.ts

@@ -12,6 +12,7 @@ export class ProductService implements IProductService {
  private ProductTypes = new Map<Product, ProductType>();
 
  constructor() {
+ this.ProductTypes.set(Product.bandit, ProductType.Linter);
  this.ProductTypes.set(Product.flake8, ProductType.Linter);
  this.ProductTypes.set(Product.mypy, ProductType.Linter);
  this.ProductTypes.set(Product.pep8, ProductType.Linter);

src/client/common/types.ts

@@ -78,7 +78,8 @@ export enum Product {
  ctags = 13,
  rope = 14,
  isort = 15,
- black = 16
+ black = 16,
+ bandit = 17
 }
 
 export enum ModuleNamePurpose {
@@ -212,6 +213,9 @@ export interface ILintingSettings {
  mypyEnabled: boolean;
  mypyArgs: string[];
  mypyPath: string;
+ banditEnabled: boolean;
+ banditArgs: string[];
+ banditPath: string;
  readonly pylintUseMinimalCheckers: boolean;
 }
 export interface IFormattingSettings {

src/client/linters/bandit.ts

@@ -0,0 +1,31 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+import { CancellationToken, OutputChannel, TextDocument } from 'vscode';
+import '../common/extensions';
+import { Product } from '../common/types';
+import { IServiceContainer } from '../ioc/types';
+import { BaseLinter } from './baseLinter';
+import { ILintMessage, LintMessageSeverity } from './types';
+
+export class Bandit extends BaseLinter {
+ constructor(outputChannel: OutputChannel, serviceContainer: IServiceContainer) {
+ super(Product.bandit, outputChannel, serviceContainer);
+ }
+
+ protected async runLinter(document: TextDocument, cancellation: CancellationToken): Promise<ILintMessage[]> {
+ // View all errors in bandit <= 1.5.1 (https://github.com/PyCQA/bandit/issues/371)
+ const messages = await this.run([
+ '-f', 'custom', '--msg-template', '{line},0,{severity},{test_id}:{msg}', '-n', '-1', document.uri.fsPath
+ ], document, cancellation);
+
+ messages.forEach(msg => {
+ msg.severity = {
+ LOW: LintMessageSeverity.Information,
+ MEDIUM: LintMessageSeverity.Warning,
+ HIGH: LintMessageSeverity.Error
+ }[msg.type];
+ });
+ return messages;
+ }
+}