InvocationError with no reason
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Bandit |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
I created a profile with the following:
gate:
include:
# - any_other_
# - assert_used
# - blacklist_calls
# - blacklist_
# - blacklist_imports
# - exec_used
# - execute_
# - hardcoded_
# - hardcoded_password
# - hardcoded_
# - hardcoded_
# - jinja2_
# - linux_commands_
- paramiko_calls
- password_
- request_
- set_bad_
# - subprocess_
# - subprocess_
- start_process_
- start_process_
- start_process_
- ssl_with_
- ssl_with_
- ssl_with_no_version
- try_except_pass
- use_of_
When bandit is run in tox with: bandit -c bandit.yaml -r nova -n 5 -p gate -ll
I get this error:
Files skipped (0):
Test results:
ERROR: InvocationError: '/home/
_______
ERROR: bandit: commands failed
Why did it not report the file and check that was performed?
If I take away the -ll, I get:
Run started:
2015-07-29 05:37:14.447666
Files skipped (0):
Test results:
>> Issue: Starting a process without a shell.
Severity: Low Confidence: Medium
Location: nova/cmd/
1395 try:
1396 os.execvp('sudo', ['sudo', '-u', '#%s' % st.st_uid] + sys.argv)
1397 except Exception:
1398 print(_('sudo failed, continuing as if nothing happened'))
ERROR: InvocationError: '/home/
_______
ERROR: bandit: commands failed
That is ... very odd. The InvocationError makes me think something in Bandit itself is failing and raising that, rather than being an error due to a problem in a checked file.