Add support for per-file rule ignores in configuration #1322
Description
Is your feature request related to a problem? Please describe.
I'm often frustrated when I need to skip specific Bandit checks for certain files, such as test files that intentionally use pseudo-randomization (e.g. random). Currently, Bandit only supports global ignores or inline #nosec comments.
Inline #nosec comments lead to many extra lines and make the code visually cluttered, especially in large test suites. Global ignores, on the other hand, suppress valid issues in unrelated files.
There’s no clean way to configure per-file rule exclusions directly in the configuration file.
Describe the solution you'd like
I would like Bandit to support per-file ignores directly in the configuration file.
Describe alternatives you've considered
Using inline #nosec comments - creates clutter and reduces code readability.
Ignoring rules globally - too broad and hides potential issues in other files.
Neither solution provides the desired control.
Additional context
Love this idea? Give it a 👍. We prioritize fulfilling features with the most 👍.