Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support the bandit check by GitHub Action #2358

Merged
merged 3 commits into from
Sep 8, 2022

Conversation

xumia
Copy link
Collaborator

@xumia xumia commented Sep 8, 2022

What I did

Support the bandit check by GitHub Action to find out the potential security issues in the python code.

How I did it

Add the bandit check action in GitHub workflow

How to verify it

See the bandit test result: https://github.com/xumia/sonic-utilities/runs/8239964014?check_suite_focus=true
in the test PR: xumia#1

Previous command output (if the output of a command-line utility has changed)

New command output (if the output of a command-line utility has changed)

@xumia xumia changed the title Support the bandit check in GitHub Action Support the bandit check by GitHub Action Sep 8, 2022
@xumia xumia merged commit 3fd537b into sonic-net:master Sep 8, 2022
dgsudharsan added a commit to dgsudharsan/sonic-buildimage that referenced this pull request Sep 14, 2022
Update sonic-utilities submodule pointer to include the following:
* 4d377a6 [subinterface]Added additional checks in portchannel and subinterface commands ([sonic-net#2345](sonic-net/sonic-utilities#2345))
* bbcdf2e disk_check: Publish event  for RO state ([sonic-net#2320](sonic-net/sonic-utilities#2320))
* 3fd537b Support the bandit check by GitHub Action ([sonic-net#2358](sonic-net/sonic-utilities#2358))
* 491d3d3 [generate dump]Added error message when saisdkdump fails ([sonic-net#2356](sonic-net/sonic-utilities#2356))
* 6830e01 [counterpoll]Fixing counterpoll show for tunnel and acl stats ([sonic-net#2355](sonic-net/sonic-utilities#2355))
* 3be2ad7 [fast-reboot]Avoid stopping masked services during fast-reboot ([sonic-net#2335](sonic-net/sonic-utilities#2335))
* 0e1b0cf [GCU] Fix missing backend in dry run ([sonic-net#2347](sonic-net/sonic-utilities#2347))
* 676c31b Add verification for override ([sonic-net#2305](sonic-net/sonic-utilities#2305))
* 48997c2 Add Password Hardening CLI support ([sonic-net#2338](sonic-net/sonic-utilities#2338))
* 414e239 update unit tests for swap ([#locato](https://github.com/Azure/sonic-utilities/pull/locato))
* a91a492 consider swap checking memory in ([#stalle](https://github.com/Azure/sonic-utilities/pull/stalle))
* f0ce586 [route_check]: Ignore standalone tunnel routes ([sonic-net#2325](sonic-net/sonic-utilities#2325))

Signed-off-by: dgsudharsan <sudharsand@nvidia.com>
dprital added a commit to dprital/sonic-buildimage that referenced this pull request Sep 21, 2022
Update sonic-utilities submodule pointer to include the following:
* 0a7557b [minigraph] add option to specify golden path in load_minigraph ([sonic-net#2350](sonic-net/sonic-utilities#2350))
* 322aefc [GCU]Remove GCU unique lane check for duplicate lanes platforms ([sonic-net#2343](sonic-net/sonic-utilities#2343))
* 7099fff [fastboot] fastboot enhancement: Use warm-boot infrastructure for fast-boot ([sonic-net#2286](sonic-net/sonic-utilities#2286))
* 09026ed [warm-reboot] fix warm-reboot when /tmp/cache is missing ([sonic-net#2367](sonic-net/sonic-utilities#2367))
* a3c404c Fix typo in platform_sfputil_helper.is_rj45_port ([sonic-net#2374](sonic-net/sonic-utilities#2374))
* 637d834 Vnet_route_check Vxlan tunnel route update. ([sonic-net#2281](sonic-net/sonic-utilities#2281))
* 29a3e51 Added support for tunnel route status in show vnet routes all. ([sonic-net#2341](sonic-net/sonic-utilities#2341))
* 1ac584b Use 'default' VRF when VRF name is not provided ([sonic-net#2368](sonic-net/sonic-utilities#2368))
* 4d377a6 [subinterface]Added additional checks in portchannel and subinterface commands ([sonic-net#2345](sonic-net/sonic-utilities#2345))
* bbcdf2e disk_check: Publish event  for RO state ([sonic-net#2320](sonic-net/sonic-utilities#2320))
* 3fd537b Support the bandit check by GitHub Action ([sonic-net#2358](sonic-net/sonic-utilities#2358))
* 491d3d3 [generate dump]Added error message when saisdkdump fails ([sonic-net#2356](sonic-net/sonic-utilities#2356))
* 6830e01 [counterpoll]Fixing counterpoll show for tunnel and acl stats ([sonic-net#2355](sonic-net/sonic-utilities#2355))
* 3be2ad7 [fast-reboot]Avoid stopping masked services during fast-reboot ([sonic-net#2335](sonic-net/sonic-utilities#2335))
* 0e1b0cf [GCU] Fix missing backend in dry run ([sonic-net#2347](sonic-net/sonic-utilities#2347))
* 676c31b Add verification for override ([sonic-net#2305](sonic-net/sonic-utilities#2305))
* 48997c2 Add Password Hardening CLI support ([sonic-net#2338](sonic-net/sonic-utilities#2338))
* 414e239 update unit tests for swap ([#locato](https://github.com/sonic-net/sonic-utilities/pull/locato))
* a91a492 consider swap checking memory in ([#stalle](https://github.com/sonic-net/sonic-utilities/pull/stalle))
* f0ce586 [route_check]: Ignore standalone tunnel routes ([sonic-net#2325](sonic-net/sonic-utilities#2325))

Signed-off-by: dprital <drorp@nvidia.com>
EdenGri pushed a commit to EdenGri/sonic-utilities that referenced this pull request Oct 12, 2022
What I did
Support the bandit check by GitHub Action to find out the potential security issues in the python code.

How I did it
Add the bandit check action in GitHub workflow
mdanish-kh pushed a commit to hamnarauf/sonic-utilities that referenced this pull request Oct 22, 2022
What I did
Support the bandit check by GitHub Action to find out the potential security issues in the python code.

How I did it
Add the bandit check action in GitHub workflow
qiluo-msft added a commit to qiluo-msft/sonic-utilities that referenced this pull request Nov 19, 2022
qiluo-msft added a commit that referenced this pull request Nov 21, 2022
This reverts commit 3fd537b.
We replaced bandit check with semgrep check.
preetham-singh pushed a commit to preetham-singh/sonic-utilities that referenced this pull request Nov 21, 2022
What I did
Support the bandit check by GitHub Action to find out the potential security issues in the python code.

How I did it
Add the bandit check action in GitHub workflow
mdanish-kh pushed a commit to mdanish-kh/sonic-utilities that referenced this pull request Nov 23, 2022
…onic-net#2509)

This reverts commit 3fd537b.
We replaced bandit check with semgrep check.
StormLiangMS pushed a commit to StormLiangMS/sonic-utilities that referenced this pull request Dec 11, 2022
…onic-net#2509)

This reverts commit 3fd537b.
We replaced bandit check with semgrep check.
StormLiangMS pushed a commit that referenced this pull request Dec 11, 2022
This reverts commit 3fd537b.
We replaced bandit check with semgrep check.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants