Fix crash on pyproject.toml without bandit config (#1073)

javajawa · ericwb · web-flow · commit 0d3508660654 · 2023-12-08T11:14:28.000-08:00
* Fix crash on pyproject.toml without bandit config This is a naive fix for bandit crashing when it encounters a `pyproject.toml` which does not contain any specific bandit configuration. This resolves the common failure mode that is seen, but does not cause bandit to fall back to another configuration source if the `pyproject.toml` does not contain any `tool.bandit` block. Resolves #1027 * Update bandit/core/config.py --------- Co-authored-by: Eric Brown <ericwb@users.noreply.github.com>
diff --git a/bandit/core/config.py b/bandit/core/config.py
@@ -52,7 +52,9 @@ def __init__(self, config_file=None):
 
                 try:
                     with f:
-                        self._config = tomllib.load(f)["tool"]["bandit"]
+                        self._config = (
+                            tomllib.load(f).get("tool", {}).get("bandit", {})
+                        )
                 except tomllib.TOMLDecodeError as err:
                     LOG.error(err)
                     raise utils.ConfigError("Error parsing file.", config_file)
