From 76bcdb24d9114a623e626adf7487a012b693ed3c Mon Sep 17 00:00:00 2001
From: bersbersbers <12128514+bersbersbers@users.noreply.github.com>
Date: Wed, 13 Sep 2023 08:22:34 +0200
Subject: [PATCH 1/2] Support `(--)config` in `.bandit` file

---
 bandit/cli/main.py | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/bandit/cli/main.py b/bandit/cli/main.py
index 119380b28..32c5718fc 100644
--- a/bandit/cli/main.py
+++ b/bandit/cli/main.py
@@ -450,16 +450,17 @@ def main():
             args.confidence = 4
         # Other strings will be blocked by argparse
 
-    try:
-        b_conf = b_config.BanditConfig(config_file=args.config_file)
-    except utils.ConfigError as e:
-        LOG.error(e)
-        sys.exit(2)
-
     # Handle .bandit files in projects to pass cmdline args from file
     ini_options = _get_options_from_ini(args.ini_path, args.targets)
     if ini_options:
         # prefer command line, then ini file
+        args.config_file = _log_option_source(
+            parser.get_default("config"),
+            args.config_file,
+            ini_options.get("config"),
+            "config file",
+        )
+
         args.excluded_paths = _log_option_source(
             parser.get_default("excluded_paths"),
             args.excluded_paths,
@@ -592,6 +593,12 @@ def main():
             "path of a baseline report",
         )
 
+    try:
+        b_conf = b_config.BanditConfig(config_file=args.config_file)
+    except utils.ConfigError as e:
+        LOG.error(e)
+        sys.exit(2)
+
     if not args.targets:
         parser.print_usage()
         sys.exit(2)

From 6f75ca987d34260707ee5595a42bec9486d35e7c Mon Sep 17 00:00:00 2001
From: bersbersbers <12128514+bersbersbers@users.noreply.github.com>
Date: Wed, 13 Sep 2023 08:34:43 +0200
Subject: [PATCH 2/2] Use `configfile` instead of `config`

---
 bandit/cli/main.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bandit/cli/main.py b/bandit/cli/main.py
index 32c5718fc..0cb0f8d5f 100644
--- a/bandit/cli/main.py
+++ b/bandit/cli/main.py
@@ -455,9 +455,9 @@ def main():
     if ini_options:
         # prefer command line, then ini file
         args.config_file = _log_option_source(
-            parser.get_default("config"),
+            parser.get_default("configfile"),
             args.config_file,
-            ini_options.get("config"),
+            ini_options.get("configfile"),
             "config file",
         )