Merge pull request #24 from freedomofpress/check-for-vulns

CI: Check for known vulnerabilities and perform static analysis
freedomofpress · Sep 26, 2018 · 86e8ad2 · 86e8ad2
2 parents 64adc5e + 7925c3a
commit 86e8ad2
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -16,3 +16,11 @@ jobs:
       - run:
           name: Run flake8
           command: pipenv run flake8
+
+      - run:
+          name: Check Python dependencies for known vulnerabilities
+          command: pipenv check
+
+      - run:
+          name: Run static analysis on source code to find security issues
+          command: pipenv install bandit && pipenv run bandit --recursive . -ll