You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a developer, it would be useful to get a static code analysis of our library every so often so we aren't accidently introducing known vulnerabilities.
Expected behavior
Add a Github Actions workflow that runs when a release is made. This action should
Run Bandit
Store the output as a file at the base level of the repo
Make sure the file doesn't get included when creating the package for SDV
Additional context
Bandit is an open sourced tool that can be used to scan python code for vulnerabilities.
The text was updated successfully, but these errors were encountered:
Problem Description
As a developer, it would be useful to get a static code analysis of our library every so often so we aren't accidently introducing known vulnerabilities.
Expected behavior
Additional context
Bandit is an open sourced tool that can be used to scan python code for vulnerabilities.
The text was updated successfully, but these errors were encountered: