Use .gitignore as part of the excluded file list #1090
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When using Bandit to scan projects based on Git source control,
it would be benefitual to ignore files based on the patterns
in the .gitignore file.
Today, Bandit has some default excludes that get overridden if
a user passes in other excludes. This is a bit confusing to the
end user. But it also serves a purpose similar to .gitignore in
that the paths excluded by default are typically included in a
.gitignore.
Note, it will only check for .gitignore files in top-level directories
specified on the Bandit command line as targets. It does not recursive
look for .gitignore files. This is done because recursive searching
for .gitignore files would be complex to add to Bandit existing
file discovery.
This change adds a new Apache 2 licensed dependency of ignorelib.
Fixes #826