summaryrefslogtreecommitdiff
path: root/ale_linters/python/bandit.vim
blob: 1b5a84a4e08cf9ec294134c258009ed044368670 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
" Author: Martino Pilia <martino.pilia@gmail.com>
" Description: bandit linting for python files

call ale#Set('python_bandit_executable', 'bandit')
call ale#Set('python_bandit_options', '')
call ale#Set('python_bandit_use_global', get(g:, 'ale_use_global_executables', 0))
call ale#Set('python_bandit_auto_pipenv', 0)

function! ale_linters#python#bandit#GetExecutable(buffer) abort
    if (ale#Var(a:buffer, 'python_auto_pipenv') ||
    \   ale#Var(a:buffer, 'python_bandit_auto_pipenv'))
    \ && ale#python#PipenvPresent(a:buffer)
        return 'pipenv'
    endif

    return ale#python#FindExecutable(a:buffer, 'python_bandit', ['bandit'])
endfunction

function! ale_linters#python#bandit#GetCommand(buffer) abort
    let l:executable = ale_linters#python#bandit#GetExecutable(a:buffer)
    let l:flags = ' --format custom'
    \   . ' --msg-template "{line}:{test_id}:{severity}:{msg}" '

    let l:exec_args = l:executable =~? 'pipenv$'
    \   ? ' run bandit'
    \   : ''

    return ale#Escape(l:executable) . l:exec_args
    \   . l:flags
    \   . ale#Pad(ale#Var(a:buffer, 'python_bandit_options'))
    \   . ' -'
endfunction

function! ale_linters#python#bandit#Handle(buffer, lines) abort
    " Custom format defined in GetCommand via --msg-template
    let l:pattern = '\v^([0-9]+):(B[0-9]+):([A-Z]+):(.*)$'
    let l:severity = {'LOW': 'I', 'MEDIUM': 'W', 'HIGH': 'E'}
    let l:output = []

    for l:match in ale#util#GetMatches(a:lines, l:pattern)
        call add(l:output, {
        \   'bufnr': a:buffer,
        \   'lnum': str2nr(l:match[1]),
        \   'code': l:match[2],
        \   'type': l:severity[l:match[3]],
        \   'text': l:match[4],
        \})
    endfor

    return l:output
endfunction

call ale#linter#Define('python', {
\   'name': 'bandit',
\   'executable_callback': 'ale_linters#python#bandit#GetExecutable',
\   'command_callback': 'ale_linters#python#bandit#GetCommand',
\   'callback': 'ale_linters#python#bandit#Handle',
\})