Angular>> codeclimate-bandit>> 返回
项目作者: noqcks

项目描述 :
A codeclimate engine for bandit.
高级语言: Python
项目地址: git://github.com/noqcks/codeclimate-bandit.git
创建时间: 2018-10-04T03:52:45Z
项目社区:https://github.com/noqcks/codeclimate-bandit
开源协议:MIT License
下载


Code Climate Bandit Engine

Code Climate Engine to run Bandit.

Bandit is a tool designed to find common security issues in Python code.

Installation

  1. git clone https://github.com/noqcks/codeclimate-bandit
  2. cd codeclimate-bandit
  3. make release

Usage

.codeclimate.yml

  1. plugins:
  2.   bandit:
  3.     enabled: true

And then run the engine:

  1. codeclimate analyze

Configuration

The engine supports the native config file for Bandit. You can select the specific test plugins to run and override default Bandit configuration using this file. More information on the config file can be found in the Bandit documentation.

A .bandit.yaml included at the root of your project will be included during engine run.

Example .bandit.yaml:

  1. skips: ['B101', 'B601', 'B404']

TODO

  • support different locations of .bandit.yaml