Bandit - Find Security Issues¶
Main point
Bandit will report security issues in Python code that might have slipped off your attention.
Bandit is a tool designed to find common security issues in Python code.
To run Bandit from the shell, simply call:
bandit --recursive .
Details about more advanced usage can be found in Bandit README.
Bandit is configurable via .bandit file.
- You may find preconfigured .bandit in Big-Bang-py.
It is recommended to include Bandit in your linting Invoke task and also to run it during Pre-commit Git Hook & CI. Example of both can be found in Big-Bang-py, see project.py and ci_checks.py.
To manage edge cases, exclude Bandit checking per line.