From f2a0ca892f93ed2c5cc9e6bce4ad69a6c822871c Mon Sep 17 00:00:00 2001
From: Steven K <steven@pointcircle.com>
Date: Thu, 28 Dec 2023 13:46:01 -0700
Subject: [PATCH] Simplify Bandit

Signed-off-by: Steven K <steven@pointcircle.com>
---
 .github/workflows/main.yml | 6 +++---
 pyproject.toml             | 7 +++++++
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 5aa62e7..7daf4b4 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -91,7 +91,7 @@ jobs:
           pip install .[test]
 
       - name: Bandit
-        run: bandit -r appsearch -x appsearch/tests -s B308,B703,B303,B324 -f json -o report.json
+        run: bandit -c pyproject.toml -f json -o report.json
 
       - name: Show report
         if: ${{ success() || failure() }}
@@ -107,7 +107,7 @@ jobs:
   tests:
     name: Python ${{ matrix.python-version }} / ${{ matrix.db }} / Django ${{ matrix.django-version}}
     runs-on: ubuntu-latest
-#    continue-on-error: ${{ matrix.django-version == '~=4.2.0' }}
+#    continue-on-error: ${{ matrix.django-version == '~=5.0' }}
     strategy:
       max-parallel: 4
       matrix:
@@ -154,7 +154,7 @@ jobs:
           PYTHONWARNINGS: once::DeprecationWarning
           TASK_ALWAYS_EAGER: 1
           DB_TYPE: ${{ matrix.db }}
-        run: export PYTHONPATH=`pwd` && coverage run  demo_app/manage.py test --noinput --settings=demo_app.settings_test appsearch
+        run: export PYTHONPATH=`pwd` && coverage run
       - name: "Upload Coverage Results for PY:${{ matrix.python-version }} DB:${{ matrix.db}} DJ:${{ matrix.django-version }}"
         uses: actions/upload-artifact@v3
         with:
diff --git a/pyproject.toml b/pyproject.toml
index 7d07de3..310e64a 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -92,8 +92,15 @@ extend-exclude = '''
 /static/.py  # exclude a file named foo.py in the root of the project (in addition to the defaults)
 '''
 
+#  -r appsearch -x appsearch/tests -s B308,B703,B303,B324 -f json -o report.json
+[tool.bandit]
+targets = ['appsearch']
+exclude_dirs = ["appsearch/tests"]
+skips = ["B308", "B703", "B303", "B324"]
+
 [tool.coverage.run]
 branch = true
+command_line = "demo_app/manage.py test --noinput --settings=demo_app.settings_test appsearch"
 omit = [
     "*/demo_app/**",
     "*/migrations/*",