bandit-baseline doesn't work on a detached head state

Bug #1557697 reported by Grant Murphy
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Bandit
Critical
Tim Kelsey

Bug Description

I'm currently trying to get bandit in the octavia gate (https://bugs.launchpad.net/octavia/+bug/1552002) using bandit-baseline.
It seems (at least for the octavia project) that code is checked out with a detached head state. This causes failures in bandit-baseline to error out.

I've capture an example of this here: http://paste.openstack.org/show/490547/

Revision history for this message
Tim Kelsey (tim-kelsey) wrote :

I tried to reproduce this with the latest master version of bandit in git, and it worked as expected. Can you please confirm the version of bandit that was used here (from PyPI or from git)?

Changed in bandit:
assignee: nobody → Tim Kelsey (tim-kelsey)
importance: Undecided → High
importance: High → Critical
Revision history for this message
Grant Murphy (gmurphy) wrote :

(bandit) mbp:octavia gm$ pip freeze | grep -i git
gitdb==0.6.4
GitPython==1.0.2

(bandit) mbp:octavia gm$ pip freeze | grep bandit
bandit==0.17.3

This is an example of it failing in the octavia gate

http://logs.openstack.org/01/257901/13/check/gate-octavia-tox-bandit/5cbf388/

Revision history for this message
Tim Kelsey (tim-kelsey) wrote :

OK, thanks Grant. This looks to be fixed in master but not yet released. We will roll a release for this

Changed in bandit:
status: New → Fix Committed
Revision history for this message
Tim Kelsey (tim-kelsey) wrote :
Revision history for this message
Grant Murphy (gmurphy) wrote :
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers