I'm trying to use pyproject.toml to exclude the venv/ directory. But it is not recognising the option.
[tool.bandit]
exclude = "/venv"
[tool.black]
exclude = "(venv)"
[tool.isort]
profile = "black"
skip = "venv"
balanced_wrapping = true
atomic = true
If I use the CLI option like so:
$ bandit -v -r . --exclude "/venv"
the directory is excluded. But if I just run bandit, it doesn't exclude the directory even though I have it in the pyproject.toml.
My bandit version is: 1.7.1.
On
exclude did not work for me, so I looked through official docs and found this:
We can specify dirs (and files as well) that we want to exclude in a list format
pyproject.toml:
[tool.bandit]
exclude_dirs = ["venv",]
From this documentation:
"Also you can configure bandit via pyproject.toml file. In this case you would explicitly specify the path to configuration via -c too."
Therefore, CLI option would look like this:
bandit -v -r . -c "pyproject.toml"
(will work without quotes as well)
I've never used bandit before, so if I got your question wrong - please feel free to write back, we will figure that out :D
To exclude directory
venv, this command works fine for me :