I've used random.choice
for tests. And Bandit is showing warnings.
x = random.choice(lists)
I know I could use # nosec
comment to suppress the warning. But it would be inconvinent to do it in all lines
x = random.choice(lists) # nosec
I want to allow random for file with tests_*.py
using .bandit
configuration files. I've found from other samples that you can do it for things like asserts like:
.bandit
assert_used:
skips: ['test.py$', '^test_*.py']
So is there any way for B311 ?
If you're using Python 3.6 or above then, in general, use the "secrets" library rather than the "random" library.
From the documentation The secrets module is used for generating cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets.
Whilst you might not need cryptographically strong random numbers for your tests, it's likely that it will not hurt either, unless your random number generated is seeded.
Seeding the random number generator will ensure that the random number generator emits the same random numbers on each run. This ensures your tests are reproducible. This is usually desirable.
If for some reason you do want to use truly random numbers then use secrets and bandit will not have a problem with it, and it avoids any special bandit configuration.