Use pyproject.toml for bandit & exclude tests (#586)

* Since bandit now supports pyproject.toml as a config file, use that instead of cli
options.
* Exclude tests from bandit. There are many cases in tests where we might do something
that violates bandit rules and that's ok.

Co-authored-by: Timothy Pansino <[email protected]>

Author: hmstepanek

.mega-linter.yml

@@ -29,7 +29,7 @@ PYTHON_FLAKE8_CONFIG_FILE: setup.cfg
 PYTHON_BLACK_CONFIG_FILE: pyproject.toml
 PYTHON_PYLINT_CONFIG_FILE: pyproject.toml
 PYTHON_ISORT_CONFIG_FILE: pyproject.toml
+PYTHON_BANDIT_CONFIG_FILE: pyproject.toml
+PYTHON_BANDIT_FILTER_REGEX_EXCLUDE: ./tests
 
-# Bandit's next release supports pyproject.toml. Until then, add config by cli option
-PYTHON_BANDIT_ARGUMENTS: --skip=B110,B101,B404
 PYTHON_PYLINT_ARGUMENTS: "--fail-under=0 --fail-on=E"

pyproject.toml

@@ -15,4 +15,4 @@ max-line-length = "120"
 good-names = "exc,val,tb"
 
 [tool.bandit]
-skips = ["B110"]
+skips = ["B110", "B101", "B404"]