Skip to content

Commit

Permalink
add bandit security tests
Browse files Browse the repository at this point in the history 
Bandit finds a couple issues (see `tox -e bandit` for the
report). Those should be addressed separately. Once everything is
passing, we can add it to the Github Actions workflow.
  • Loading branch information
@thraxil @OmarIthawi
thraxil authored and OmarIthawi committed Jan 18, 2022
1 parent 3975f5a commit ef4d34f
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 1 deletion.
2 changes: 2 additions & 0 deletions bandit.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
exclude_dirs:
- '/tests/'
8 changes: 7 additions & 1 deletion tox.ini
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,4 +73,10 @@ basepython=python2
deps =
-r{toxinidir}/devsite/requirements/hawthorn.txt
commands =
edx_lint write pylintrc
edx_lint write pylintrc

[testenv:bandit]
deps =
bandit==1.7.1
commands =
bandit -c bandit.yaml -r figures

0 comments on commit ef4d34f

Please sign in to comment.