-
-
Notifications
You must be signed in to change notification settings - Fork 620
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use versioned links to docs #819
Conversation
bandit/core/docs_utils.py
Outdated
import bandit | ||
|
||
|
||
BASE_URL = "https://bandit.readthedocs.io/" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not do something like:
BASE_URL = f"https://bandit.readthedocs.io/en/{bandit.__version__}/"
And then keep the rest of the code simpler?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Makes sense, will change it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, not sure why, but using bandit.version as a global here causes stevedore to fail to load any extensions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added a failure callback to the extension loader of Stevedore and get this
module 'bandit' has no attribute '__version__'
So root cause is that because BASE_URL is a global and calling into bandit module before it has been loaded, there is no such attribute.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Think I can fix a few ways:
- revert to previous change
- move BASE_URL into the get_url() function. Seems BASE_URL is only global for the unit test purposes
- use pbr.version.VersionInfo("bandit").version_string() instead of bandit.version
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I went with option 2.
In the report of a Bandit run, there are links to the docs as part of the more information. Today, these links are always to the latest docs. So depending on the version of Bandit you're running, these links could contain inaccurate information for that version. That's why this change makes it so a specific version of Bandit is pinned to refer to a specific version of documentation. Signed-off-by: Eric Brown <[email protected]>
In the report of a Bandit run, there are links to the docs as
part of the more information. Today, these links are always
to the latest docs. So depending on the version of Bandit you're
running, these links could contain inaccurate information for
that version.
That's why this change makes it so a specific version of Bandit
is pinned to refer to a specific version of documentation.
Signed-off-by: Eric Brown [email protected]