Thanks for your clarification :)<div>Will make a short video. Maybe someone will find that helpful</div><span id="d6a0f08e75753cc2cursor-target"></span><br /><br />20:53, 15 мая 2021 г., Ehooo &lt;web.ehooo@gmail.com&gt;:<br /><blockquote class="210e7a848e8fcb45wmi-quote"><div dir="ltr">Hello Maxim<div><br /></div><div>The only way to extend bandit with your own custom rules is building your own version.</div><div><br /></div><div>Or if in some future the issue #214 is on a stable version with parameters you will be able to set a directory with your own rules.</div><div><br /></div><div>I know that the bandit internals don't have good documentation, however you have the code to see how it's works.</div><div>I haven't contributed for a long time, so I'm not sure what is new inside it.</div><div><br /></div><div>There is a lot of PR waiting and I don't know how to push to move it into the stable version.</div><div><br /></div><div>Kind Regards</div><div><br /></div></div><br /><div class="f13ca48719c8a60033905b23b39675agmail_quote"><div class="334d7d341e3233c5b27ca91297445127gmail_attr" dir="ltr">El sáb, 15 may 2021 a las 9:17, Maxim Mosharov (&lt;<a href="mailto:mmosharov@whitespots.io">mmosharov@whitespots.io</a>&gt;) escribió:<br /></div><blockquote class="f13ca48719c8a60033905b23b39675agmail_quote" style="border-left-color:rgb( 204 , 204 , 204 );border-left-style:solid;border-left-width:1px;margin:0px 0px 0px 0.8ex;padding-left:1ex"><div>Hello :)</div><div>Will see your link.</div><div><br /></div>Actually our customers want to extend bandit by their own rules, that are internal.<div><br /><div>Some internal method names, functional code, etc.</div></div><div><br /></div><div>It's also not clear, how to debug such extensions easily while development.</div><span id="507f54cdae6ce7fd61861e225dd1540cgmail-m_970939215870120511d6a0f08e75753cc2cursor-target"></span><br /><br />02:12, 15 мая 2021 г., Ehooo &lt;<a href="mailto:web.ehooo@gmail.com" target="_blank">web.ehooo@gmail.com</a>&gt;:<br /><blockquote><div dir="ltr">Hello Maxim and Ian,<div><br /></div><div>There is an issue on github <a href="https://github.com/PyCQA/bandit/issues/214" target="_blank">#214</a> in order to allow external plugins on Bandit, however it is not included on the master branch.</div><div>You have a small "manual" on the <a href="https://github.com/PyCQA/bandit#extending-bandit" target="_blank">README</a> about how to extend Bandit.</div><div><br /></div><div>If you want to create a new rule for Bandit i think you should create an issue on Github and then create a Pull Request, however there are a lot of PR pending.</div><div><br /></div><div>Ian, I'll be happy to help all of you with the PR pending if you want to give me access.</div><div><br /></div><div>Kind regards</div><div><br /></div><div><div><br /></div></div></div><br /><div><div dir="ltr">El vie, 14 may 2021 a las 13:36, Ian Stapleton Cordasco (&lt;<a href="mailto:graffatcolmingov@gmail.com" target="_blank">graffatcolmingov@gmail.com</a>&gt;) escribió:<br /></div><blockquote style="border-left-color:rgb( 204 , 204 , 204 );border-left-style:solid;border-left-width:1px;margin:0px 0px 0px 0.8ex;padding-left:1ex"><div dir="auto">I think part of the confusion is that those docs seem to be geared towards including your test upstream, not keeping it private in a separate project<br /><br /><div>Sent from my phone with my typo-happy thumbs. Please excuse my brevity</div></div><br /><div><div dir="ltr">On Fri, May 14, 2021, 06:16 Maxim Mosharov via code-quality &lt;<a href="mailto:code-quality@python.org" target="_blank">code-quality@python.org</a>&gt; wrote:<br /></div><blockquote style="border-left-color:rgb( 204 , 204 , 204 );border-left-style:solid;border-left-width:1px;margin:0px 0px 0px 0.8ex;padding-left:1ex"><div>Hi team!</div><div>Our clients really need to understand how to customize bandit easily.</div><div>We made some videos for them to understand how to work with ast. But all of us don't even understand how to include our tests to bandit plugins.</div><div> </div><div>Let's imagine we have the same plugin as it is here <a href="https://bandit.readthedocs.io/en/latest/_modules/bandit/plugins/django_sql_injection.html#django_rawsql_used" rel="noopener noreferrer noreferrer" target="_blank">https://bandit.readthedocs.io/en/latest/_modules/bandit/plugins/django_sql_injection.html#django_rawsql_used</a>.</div><div>Can you just make any step-by-step guide?</div><div> </div><div>PS. It's not step-by-step</div><div><div><a href="https://bandit.readthedocs.io/en/latest/plugins/index.html#writing-tests" rel="noreferrer" target="_blank">https://bandit.readthedocs.io/en/latest/plugins/index.html#writing-tests</a></div></div><div> </div><div style="background-color:rgb( 255 , 255 , 255 );color:rgb( 0 , 0 , 0 );font-family:'arial' , sans-serif;font-size:15px;font-style:normal;font-weight:400;text-decoration-style:initial;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><img style="height:74px;width:179px" /></div><div style="background-color:rgb( 255 , 255 , 255 );color:rgb( 0 , 0 , 0 );font-family:'arial' , sans-serif;font-size:15px;font-style:normal;font-weight:400;text-decoration-style:initial;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><em><strong>Maxim Mosharov | CEO</strong></em></div><div style="background-color:rgb( 255 , 255 , 255 );color:rgb( 0 , 0 , 0 );font-family:'arial' , sans-serif;font-size:15px;font-style:normal;font-weight:400;text-decoration-style:initial;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">Email: <a href="mailto:mmosharov@whitespots.io" rel="noreferrer" target="_blank">mmosharov@whitespots.io</a></div><div style="background-color:rgb( 255 , 255 , 255 );color:rgb( 0 , 0 , 0 );font-family:'arial' , sans-serif;font-size:15px;font-style:normal;font-weight:400;text-decoration-style:initial;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">Site: <a href="https://whitespots.io/" rel="noopener noreferrer noreferrer" target="_blank" style="color:rgb( 153 , 0 , 153 )">https://whitespots.io</a></div><div> </div>_______________________________________________<br />
code-quality mailing list -- <a href="mailto:code-quality@python.org" rel="noreferrer" target="_blank">code-quality@python.org</a><br />
To unsubscribe send an email to <a href="mailto:code-quality-leave@python.org" rel="noreferrer" target="_blank">code-quality-leave@python.org</a><br />
<a href="https://mail.python.org/mailman3/lists/code-quality.python.org/" rel="noreferrer noreferrer" target="_blank">https://mail.python.org/mailman3/lists/code-quality.python.org/</a><br />
Member address: <a href="mailto:graffatcolmingov@gmail.com" rel="noreferrer" target="_blank">graffatcolmingov@gmail.com</a><br />
</blockquote></div>
_______________________________________________<br />
code-quality mailing list -- <a href="mailto:code-quality@python.org" target="_blank">code-quality@python.org</a><br />
To unsubscribe send an email to <a href="mailto:code-quality-leave@python.org" target="_blank">code-quality-leave@python.org</a><br />
<a href="https://mail.python.org/mailman3/lists/code-quality.python.org/" rel="noreferrer" target="_blank">https://mail.python.org/mailman3/lists/code-quality.python.org/</a><br />
Member address: <a href="mailto:web.ehooo@gmail.com" target="_blank">web.ehooo@gmail.com</a><br />
</blockquote></div>
</blockquote><br /><br />-- <br />Отправлено из мобильного приложения Яндекс.Почты</blockquote></div>
</blockquote><br /><br />-- <br />Отправлено из мобильного приложения Яндекс.Почты