Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change plugin prefix to not conflict with Bugbear #2

Closed
ambv opened this issue Mar 28, 2018 · 3 comments
Closed

Change plugin prefix to not conflict with Bugbear #2

ambv opened this issue Mar 28, 2018 · 3 comments

Comments

@ambv
Copy link

ambv commented Mar 28, 2018

Bugbear is an official PyCQA plugin for flake8 that's been around for several years.

Your new plugin shadows the letter B and in fact deregisters Bugbear if used in the same configuration.

Please choose a new non-conflicting prefix for your plugin.

For reference, see: PyCQA/flake8-bugbear#37
@myii
Copy link

myii commented Mar 28, 2018

@tylerwince @ambv I've made a further comment at PyCQA/flake8-bugbear#37. I'm quoting the salient points below:

The conflict is not with flake8-bandit but rather with openstack/bandit

There are two projects that are involved here:

  1. https://github.com/openstack/bandit

    1. Project started on 16 July 2014
    2. This is the main project, where the conflicts are arising

  2. https://github.com/tylerwince/flake8-bandit

    1. Project started on 29 Oct 2017
    2. However, this is just a wrapper around bandit
    3. They have no control over the error codes that are supplied by bandit

The OpenStack Bandit project has been using B30x codes for a few years as well

Taking B301 as the earliest example in both projects:

  1. Bandit: openstack-archive/bandit@c364408

    1. This commit was made on 22 Jan 2016

  2. Bugbear: PyCQA/flake8-bugbear@0fb7d8d

    1. This commit was made on 8 Jun 2016

@tylerwince
Copy link
Owner

tylerwince commented Mar 28, 2018
edited
Loading

Thanks @myii and @ambv.

Some comments I made on issue at PyCQA/flake8-bugbear#37 and reposting here to keep track of things:

We could always handle this internally in flake8-bandit. Definitely not a long term solution but a workaround until we can figure out which codes to be used by each project.

What are the thoughts around flake8-bandit changing the openstack/bandit code to be S30x for the time being? (quick look and it doesn't appear any other plugins are using S30x and S makes sense for "security")

Is anyone using flake8-bandit and comparing those results to the openstack/bandit cli output? That is the only time I could see this causing an issue as the codes won't match up

I've opened up an issue with openstack/bandit to see if we can pull them into the discussion here: https://bugs.launchpad.net/bandit/+bug/1759643

@tylerwince
Copy link
Owner

This have been closed. Please see the final discussion here:
PyCQA/flake8-bugbear#37

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ambv @myii @tylerwince