+
Skip to content

Add security linter with Bandit in pre commit and CI #316

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Aug 30, 2021
Merged

Add security linter with Bandit in pre commit and CI #316

merged 3 commits into from
Aug 30, 2021

Conversation

ernestoarbitrio
Copy link
Member

Description

Add bandit hook in pre commit and CI (for reference https://github.com/PyCQA/bandit)

Types of Changes

  • Core
  • Bugfix
  • New feature
  • Enhancement/optimization
  • Documentation

Issues Fixed or Closed by This PR

  • Fixes:

Checklist

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • I have tested the changes and verified that they work and don't break anything (as well as I can manage).

@codecov
Copy link

codecov bot commented Aug 30, 2021
edited
Loading

Codecov Report

Merging #316 (6a549ee) into master (6625b40) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##            master      #316   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           17        17           
  Lines         1284      1284           
  Branches       124       124           
=========================================
  Hits          1284      1284

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6625b40...6a549ee. Read the comment docs.

alessiamarcolini
alessiamarcolini requested changes Aug 30, 2021
View reviewed changes
Copy link
Collaborator

@alessiamarcolini alessiamarcolini left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this contribution!!

Some comments:

  • I would add a badge to our readme (see here https://github.com/PyCQA/bandit#show-your-style)
  • I saw it's possible to use the file pyproject.toml to configure bandit and I would prefer to have the least number of configuration files
  • Bandit should also be included in requirements-dev.txt

@ernestoarbitrio
Copy link
Member Author

Thanks for this contribution!!

Some comments:

* I would add a badge to our readme (see here https://github.com/PyCQA/bandit#show-your-style)

sure i forgot this :)

* I saw it's possible to use the file `pyproject.toml` to configure bandit and I would prefer to have the least number of configuration files

From docs seems feasible but actually won't work with the pyproject 🤷🏽

* Bandit should also be included in `requirements-dev.txt`

right

@alessiamarcolini alessiamarcolini merged commit fbfc897 into master Aug 30, 2021
@alessiamarcolini alessiamarcolini deleted the add-security-linter branch August 30, 2021 20:12
@alessiamarcolini alessiamarcolini added this to the 0.2.7 milestone Nov 5, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alessiamarcolini alessiamarcolini alessiamarcolini approved these changes

Assignees
No one assigned
Labels
CI
Projects
None yet
Milestone
0.3.0
Development

Successfully merging this pull request may close these issues.
2 participants
@ernestoarbitrio @alessiamarcolini
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载