Skip to main content

Free program analysis focused on bugs that matter to you.

Project description

Bento logo


Free program analysis focused on bugs that matter to you.

Install, configure, and adopt Bento in seconds. Runs 100% locally.

PyPI PyPI - Downloads Issues welcome! Follow @r2cdev



Bento is a free and opinionated toolkit for gradually adopting linters¹ and program analysis² in your codebase. Be the bug-squashing advocate your team needs but (maybe) doesn’t deserve.

  • Find bugs that matter. Bento automatically enables and configures relevant analysis based on your dependencies and frameworks, and it will never report style-related issues. You won’t painstakingly configure your tooling.
  • Get started immediately. Bento doesn’t force you to fix all your preexisting issues today. Instead, you can archive them and address them incrementally when it makes sense for your project.
  • Go fast. Bento installs in 5 seconds and self-configures in less than 30. Its tools check your code in parallel, not sequentially.

Bento includes checks written by r2c and curated from Bandit, ESLint, Flake8, and their plugins. It runs on your local machine and never sends your code anywhere or to anyone.

Demonstrating Bento running in a terminal

Installation

$ pip3 install bento-cli

Bento is for JavaScript, TypeScript, and Python projects. It requires Python 3.6+ and works on macOS Mojave (10.14) and Ubuntu 18.04+.

Usage

To get started right away with sensible defaults:

$ bento init && bento check

To set aside preexisting results so you only see issues in new code:

$ bento archive

Bento really sings when you run it automatically in your editor, as a commit hook (bento install-hook), or in CI.

Command Line Options

$ bento --help

Usage: bento [OPTIONS] COMMAND [ARGS]...

Options:
  --version  Show current Bento version.
  --agree    Automatically agree to terms of service.
  --help     Show this message and exit.

Commands:
  archive       Adds all current findings to the whitelist.
  check         Checks for new findings.
  disable       Disables a check.
  enable        Enables a check.
  init          Autodetects and installs tools.
  install-hook  Installs Bento as a git pre-commit hook.

Help and Community

  • Need help or want to share feedback? Reach out to us at support@r2c.dev. We’d love to hear from you! 💌
  • Join #bento in our community Slack for support, to talk with other users, and share feedback. 🤝
  • We’re shipping new Bento features all the time. Want to be first to know about what’s new? Sign up for the newsletter so you don’t miss out! We promise not to spam you, and you can unsubscribe at any time. 📫
  • We’re fortunate to benefit from the contributions of the open source community and great projects such as Bandit, ESLint, Flake8, and their plugins. 🙏
  • You’re also welcome to file an issue directly on GitHub. Or submit a feature request — we welcome those, too!

License and Legal

Please refer to the terms and privacy document.



r2c logo

Copyright (c) r2c.


Changelog

This project adheres to Semantic Versioning.

[0.4.1] - 2019-11-14

Fixed

  • Fixes a performance regression due to changes in metrics collection.

[0.4.0] - 2019-11-11

Changed

  • We updated our privacy policy.
    • Notably, we collect email addresses to understand usage and communicate with users through product announcements, technical notices, updates, security alerts, and support messages.

Added

  • Added additional r2c.click tool for Click framework:

  • Added additional r2c.flask tool for Flask framework:

[0.3.1] - 2019-11-08

Fixed

  • Fixed an issue where the tool would fail to install if a macOS user had installed gcc and then upgraded their OS.
  • Fixed a compatibility issue for users with a pre-existing version of GitPython with version between 2.1.1 and 2.1.13.

[0.3.0] - 2019-11-01

Changed

  • Bento can now be run from any subdirectory within a project.
  • Updated the privacy and terms-of-service statement.

Added

  • File ignores are configurable via git-style ignore patterns (include patterns are not supported). Patterns should be added to .bentoignore.

  • Added additional checks to the r2c.flake8 tool:

  • Clippy output formatting is now supported.

    • To enable, run: bento check --formatter clippy
    • Example output:
error: r2c.flake8.E113
   --> foo.py:6:5
    |
  6 |   return x
    |
    = note: unexpected indentation
  • Autocompletion is now supported from both bash and zsh. To use:
    • In bash, run echo -e '\neval "$(_BENTO_COMPLETE=source bento)"' >> ~/.bashrc.
    • In zsh, run echo -e '\neval "$(_BENTO_COMPLETE=source_zsh bento)"' >> ~/.zshrc.

[0.2.1] - 2019-10-29

Fixed

  • Quoted emails in git configuration do not break user registration.
  • Removed files properly invalidate results cache.
  • Python tools do not crawl node_modules.

[0.2.0] - 2019-10-23

Changed

  • Results are cached between runs. This means that an immediate rerun of bento will be much faster.
  • Broadened library compatibility, especially for common packages:
    • attrs from 18.2.0
    • packaging from 14.0
    • pre-commit from 1.0.0
  • r2c.eslint ignores .min.js files. Bento should only report issues in code, not built artifacts.
  • Telemetry endpoint uses bento.r2c.dev.

Added

  • Bento check will optionally run only on passed paths, using bento check [path] ....
  • Add r2c.pyre as a configurable tool. To enable, it must be manually configured in .bento.yml.
  • Formatters can be specified with short names, and these appear in the help text. For example, bento check --formatter json.
  • bento version is passed to telemetry backend.

Fixed

  • Tool does not crash if a git user does not have an email configured.
  • Fixed a regression that caused progress bars to hang after first tool completed.
  • Made fully compatible with Python 3.6.
  • Tool does not mangle .gitignore when that file lacks a trailing newline.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

bento-cli-0.4.1.tar.gz (52.8 kB view details)

Uploaded Source

Built Distribution

bento_cli-0.4.1-py3-none-any.whl (68.1 kB view details)

Uploaded Python 3

File details

Details for the file bento-cli-0.4.1.tar.gz.

File metadata

  • Download URL: bento-cli-0.4.1.tar.gz
  • Upload date:
  • Size: 52.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/2.0.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/41.6.0 requests-toolbelt/0.9.1 tqdm/4.36.1 CPython/3.7.4

File hashes

Hashes for bento-cli-0.4.1.tar.gz
Algorithm Hash digest
SHA256 499deec29c87d0e1b62c375bfc722401ce090c360b69f7f19a9bf41c8d176171
MD5 7a09d108dd1fbe6506f7babd3e93e444
BLAKE2b-256 9e96b886faf46b35ed2d9dd167b37965dc984ec7fcf9c6fd4bd6259d208e0664

See more details on using hashes here.

File details

Details for the file bento_cli-0.4.1-py3-none-any.whl.

File metadata

  • Download URL: bento_cli-0.4.1-py3-none-any.whl
  • Upload date:
  • Size: 68.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/2.0.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/41.6.0 requests-toolbelt/0.9.1 tqdm/4.36.1 CPython/3.7.4

File hashes

Hashes for bento_cli-0.4.1-py3-none-any.whl
Algorithm Hash digest
SHA256 a2cedf6e071807cae1a2bfb3b469db1c92f7d444c4fb4f22416854ff0801cab9
MD5 5956ccfd55ad0d1171becb5dc2eeb899
BLAKE2b-256 de9517d51134675847ec41aefa1ca5ff0ab09f73267e3455a7100343ee95fa2e

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page