openstack
/
bandit
Code Issues Proposed changes

Rename README.md to README.rst 

PyPi expects README.rst.

Change-Id: I6c20a260499640e04b6d96506e1c223111955e12
This commit is contained in:
Eric Brown 2015-02-17 12:24:09 -08:00
parent 09f0fa9ce7
commit 592174db8b
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
README.md → README.rst
View File

@ -18,7 +18,7 @@ lists security issues identified within the target source code.
Installation Installation
------------ ------------
Bandit is distributed as an installable package. To clone and install in a Bandit is distributed as an installable package. To clone and install in a
Python virtual environment: Python virtual environment::
$ git clone https://git.openstack.org/stackforge/bandit.git $ git clone https://git.openstack.org/stackforge/bandit.git
$ cd bandit $ cd bandit
@ -26,7 +26,7 @@ Python virtual environment:
$ source venv/bin/activate $ source venv/bin/activate
$ python setup.py install $ python setup.py install
To test the new installation: To test the new installation::
$ pip install tox $ pip install tox
$ tox -epy27 $ tox -epy27
@ -34,21 +34,21 @@ To test the new installation:
Usage Usage
----- -----
Example usage across a code tree, showing one line of context for each issue: Example usage across a code tree, showing one line of context for each issue::
$ find ~/openstack-repo/keystone -name '*.py' | xargs bandit -n 1 $ find ~/openstack-repo/keystone -name '*.py' | xargs bandit -n 1
Example usage across the examples/ directory, showing three lines of context Example usage across the examples/ directory, showing three lines of context
and only reporting on the high-severity issues: and only reporting on the high-severity issues::
$ bandit examples/*.py -n 3 -lll $ bandit examples/*.py -n 3 -lll
Example usage across the examples/ directory, showing one line of context and Example usage across the examples/ directory, showing one line of context and
running only tests in the ShellInjection profile: running only tests in the ShellInjection profile::
$ bandit examples/*.py -n 1 -p ShellInjection $ bandit examples/*.py -n 1 -p ShellInjection
Usage: Usage::
$ bandit -h $ bandit -h
usage: bandit [-h] [-a AGG_TYPE] [-n CONTEXT_LINES] [-c CONFIG_FILE] usage: bandit [-h] [-a AGG_TYPE] [-n CONTEXT_LINES] [-c CONFIG_FILE]
@ -96,7 +96,7 @@ other reason, the line can be marked with a '# nosec' and any results
associated with it will not be reported. associated with it will not be reported.
For example, although this line may cause Bandit to report a potential For example, although this line may cause Bandit to report a potential
security issue, it will not be reported: security issue, it will not be reported::
self.process = subprocess.Popen('/bin/echo', shell=True) # nosec self.process = subprocess.Popen('/bin/echo', shell=True) # nosec
@ -111,7 +111,7 @@ with the types of Python statements they examine (for example: function call,
string, import, etc). string, import, etc).
Tests are executed by the BanditNodeVisitor object as it visits each node in Tests are executed by the BanditNodeVisitor object as it visits each node in
the AST. the AST.
Test results are maintained in the BanditResultStore and aggregated for output Test results are maintained in the BanditResultStore and aggregated for output
at the completion of a test run. at the completion of a test run.

2
setup.cfg
View File

@ -2,7 +2,7 @@
name = bandit name = bandit
summary = Security oriented static analyser for python code. summary = Security oriented static analyser for python code.
description-file = description-file =
README.md README.rst
author = OpenStack Security Group author = OpenStack Security Group
author-email = openstack-security@lists.openstack.org author-email = openstack-security@lists.openstack.org
home-page = https://wiki.openstack.org/wiki/Security/Projects/Bandit home-page = https://wiki.openstack.org/wiki/Security/Projects/Bandit