-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make flake8-bandit work with latest bandit 1.7.3 too #23
Conversation
Fixes: tylerwince#21 flake8-bandit 1.7.3 (PyCQA/bandit#496) introduced an `fdata` argument and this just passes a `None` to make things work with the latest version of bandit.
@tylerwince Please review. |
Can we do anything to help get this merged, @tylerwince? |
metrics=Metrics(), | ||
) | ||
except TypeError: | ||
# bandit < 1.7.3 (https://github.com/tylerwince/flake8-bandit/issues/21) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Personally I would use the other PR approach, no real need to create this compatibility code. It just makes the code less maintainable and not a huge gain...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure if we should pin versions in a package such as this one ...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree @staticdev , the TypeError
catch here makes an assumption that BanditNodeVisitor
won't change again in future. We may just end up with a new generic TypeError
being caused by the older call below, when in fact the root cause would be something else entirely.
Better to make two updates in this package, I feel:
- A patch update for
flake8-bandit
(to v2.1.3) that sets thebandit
version insetup.py
to<1.7.3
- A minor update (to v2.2.0) that implements the backwards-incompatible change in Make flake8-bandit work with latest bandit 1.7.3 version #22 , and setting
bandit>=1.7.3
Fixes: #21
flake8-bandit 1.7.3 (PyCQA/bandit#496) introduced an
fdata
argument and this just passes aNone
to make things work with the latest version of bandit.