Skip to content

tylerwince/flake8-bandit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

70 Commits

.github/workflows

.github/workflows

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

MANIFEST.in

MANIFEST.in

 
 

README.md

README.md

 
 

SECURITY.md

SECURITY.md

 
 

flake8_bandit.py

flake8_bandit.py

 
 

setup.py

setup.py

 
 

Repository files navigation

flake8-bandit

Build Status

Automated security testing built right into your workflow!

You already use flake8 to lint all your code for errors, ensure docstrings are formatted correctly, sort your imports correctly, and much more... so why not ensure you are writing secure code while you're at it? If you already have flake8 installed all it takes is pip install flake8-bandit.

Configuration

To include or exclude tests, use the standard .bandit configuration file. An example valid .bandit config file:

[bandit]
exclude = /frontend,/scripts,/tests,/venv
tests: B101

In this case, we've specified to ignore a number of paths, and to only test for B101.

Note: flake8-bugbear uses bandit default prefix 'B' so this plugin replaces the 'B' with an 'S' for Security. For more information, see PyCQA/flake8-bugbear#37

How's it work?

We use the bandit package from PyCQA for all the security testing.

About

Automated security testing using bandit and flake8.

Topics

security static-code-analysis flake8 vulnerability-detection security-automation security-tools bandit

Resources

Readme

License

MIT license

Security policy

Security policy
Activity

Stars

111 stars

Watchers

5 watching

Forks

27 forks
Report repository

Releases

6 tags

Packages

No packages published

Contributors 11

Languages