bandit icon indicating copy to clipboard operation
bandit copied to clipboard
verified publisher icon PyCQA

Fix #447 -- Allow Multiple Formats and Output Files

Open ecp4224 opened this issue 7 years ago • 13 comments

Resolves #447

This makes both args.output_format and args.output_file action="append", loops through each argument and generates a report with each format/output pair. I tried to make this backwards compatible with older versions, so existing commands wouldn't break, and this seemed like the best approach.

Notes:

The default for each argument are the same if none is specified. This means that a user can specify an output format and not an output file and it'll be written to STDOUT. If a user specifies multiple output formats, then they must specify multiple output files, with the same order as the foramts. The only exception is the 'screen' format, which does not need an output file. The output file for the 'screen' format will always be STDOUT if not specified and will always be done last.

Edge Cases:

  1. An edge case is if the 'screen' format is specified and if stdout is specified for another format (i.e bandit -f xml -f screen -o - -r <dir>), then a warning will be printed and bandit will exit saying "WARNING You must specify an output for each format." This could be seen an intentional, since STDOUT was made explicit, we don't have an output file for xml.

  2. Another edge case is if the 'STDOUT' output is specified twice, an error will be thrown since the first reporter to use STDOUT closes the stream. (i.e bandit -f xml -f screen -o - -o - -r <dir>) Since this seems to be a problem within bandit, I'm not sure how to go about fixing it. Any advice would be greatly appreciated

Examples

Users can do any of the following and it'll be valid

Print to screen: bandit -r <dir>

Print XML to stdout: bandit -f xml -r <dir>

Write XML to test.xml: bandit -f xml -o test.xml -r <dir>

Write XML to test.xml and print to screen bandit -f xml -f screen -o test.xml -r <dir>

Write XML to test.xml, write TXT to test.xml and print to screen bandit -f xml -f txt -f screen -o test.xml -o test.txt -r src

ecp4224 avatar Apr 22 '19 16:04 ecp4224

@ericwb what's the timeframe for reviewing and merging PRs such as this one?

andrew222651 avatar Jan 02 '20 15:01 andrew222651

Hey, i'm super interested in this feature. Is there something I can do to help merging this?

guidor avatar Jul 03 '20 15:07 guidor

Hey, i'm super interested in this feature. Is there something I can do to help merging this?

This branch is ready to be merged, I'm just waiting on the devs. However feel free to test this branch out and fix any bugs you find

ecp4224 avatar Jul 05 '20 21:07 ecp4224

Any updates regarding this? This would be helpful in a CI environment for us.

frwickst avatar Oct 12 '20 07:10 frwickst

Would also like this feature. Sad to see this sitting unmerged for almost a year 😢

cnelson avatar Apr 11 '21 23:04 cnelson

I will do another merge to keep this PR alive, however no feedback from devs about how to get this merged..

ecp4224 avatar Apr 11 '21 23:04 ecp4224

let me know when rebased and I will take a look.

lukehinds avatar Apr 12 '21 17:04 lukehinds

This is a solid enhancement and its disappointing that it has sit neglected for three years.

lightswitch05 avatar Apr 07 '22 16:04 lightswitch05

I've fixed the merge conflicts, will fix any tests if they fail

ecp4224 avatar Apr 07 '22 20:04 ecp4224

All workflows in my branch are now passing, could a dev have a look at this? @lukehinds @ericwb @sigmavirus24

ecp4224 avatar Apr 07 '22 21:04 ecp4224

I'll go on record here saying I don't think I want to maintain this feature. I think this is going to be confusing and definitely has some heretofore undiscovered sharp corners that are going to be a support problem. Not one person has said they have verified this, especially not the people coming to shame prior for volunteering their time to maintain this. Instead of expressing disappointment, use and test it. That's far more valuable and productive. I see a fake number of people interested in the core idea though so I won't block it, but I can't guarantee I won't rip it out if it proves too burdensome to maintain either

sigmavirus24 avatar Jul 08 '22 03:07 sigmavirus24

I'll add some unit tests this weekend

I've only been responding to various requests this PR has and this was an open issue in this repo (in OP) I came across the problem a while ago when I was using this great open source software. I made these changes as a workaround and opened this PR because open source. I'm not sure what you are you mean by "fake interest", there's a real use case for this. I understand this adds some complexity to the CLI script and edge cases do exist. In fact I talk about them in the OP. If it's too complex for merging I'm open to suggestions or requests.

ecp4224 avatar Jul 08 '22 05:07 ecp4224

I was on my phone which autocorrected fare to fake for some reason. Apologies

sigmavirus24 avatar Jul 08 '22 17:07 sigmavirus24