{"id":17151220,"url":"https://github.com/soda480/pybuilder-bandit","last_synced_at":"2025-06-26T08:04:05.506Z","repository":{"id":44419438,"uuid":"345248932","full_name":"soda480/pybuilder-bandit","owner":"soda480","description":"A pybuilder plugin that analyzes your project for common security issues using bandit.","archived":false,"fork":false,"pushed_at":"2024-03-22T21:43:04.000Z","size":42,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-28T05:09:18.504Z","etag":null,"topics":["bandit","pybuilder","pybuilder-plugin","python"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/soda480.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-03-07T03:23:17.000Z","updated_at":"2021-10-03T22:22:13.000Z","dependencies_parsed_at":"2025-01-29T17:31:23.586Z","dependency_job_id":"b93497d6-7646-4fab-a00b-537417705f54","html_url":"https://github.com/soda480/pybuilder-bandit","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/soda480/pybuilder-bandit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soda480%2Fpybuilder-bandit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soda480%2Fpybuilder-bandit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soda480%2Fpybuilder-bandit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soda480%2Fpybuilder-bandit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/soda480","download_url":"https://codeload.github.com/soda480/pybuilder-bandit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soda480%2Fpybuilder-bandit/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262026976,"owners_count":23246953,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bandit","pybuilder","pybuilder-plugin","python"],"created_at":"2024-10-14T21:37:31.740Z","updated_at":"2025-06-26T08:04:05.488Z","avatar_url":"https://github.com/soda480.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# pybuilder-bandit\n[![GitHub Workflow Status](https://github.com/soda480/pybuilder-bandit/workflows/build/badge.svg)](https://github.com/soda480/pybuilder-bandit/actions)\n[![coverage](https://img.shields.io/badge/coverage-100%25-brightgreen)](https://pybuilder.io/)\n[![complexity](https://img.shields.io/badge/complexity-A-brightgreen)](https://radon.readthedocs.io/en/latest/api.html#module-radon.complexity)\n[![PyPI version](https://badge.fury.io/py/pybuilder-bandit.svg)](https://badge.fury.io/py/pybuilder-bandit)\n[![python](https://img.shields.io/badge/python-3.7%20%7C%203.8%20%7C%203.9%20%7C%203.10-teal)](https://www.python.org/downloads/)\n\nA pybuilder plugin that analyzes your project for common security issues using `bandit`. Bandit is a security linter for Python code, for more information refer to the [bandit pypi page](https://pypi.org/project/bandit/).\n\nTo add this plugin into your pybuilder project, add the following line near the top of your build.py:\n```python\nuse_plugin('pypi:pybuilder_bandit')\n```\n\n**NOTE** if you are using Pybuilder version `v0.11.x`, then specify the following version of the plugin:\n```python\nuse_plugin('pypi:pybuilder_bandit', '~=0.1.3')\n```\n\n### Pybuilder bandit properties\n\nThe pybuilder task `pyb bandit` will use bandit to scan your project to find common security issues, verbose mode will display to the screen any issues found. The following plugin properties are available to further configure the scan.\n\nName | Type | Default Value | Description\n-- | -- | -- | --\nbandit_break_build | bool | False | Fail build if scan detects any issues\nbandit_confidence_level | str | LOW | Report only issues of a given confidence level or higher: LOW, MEDIUM, HIGH\nbandit_severity_level | str | LOW | report only issues of a given severity level or higher: LOW, MEDIUM, HIGH\nbandit_skip_ids | str | None | comma-separated list of test IDs to skip\nbandit_include_testsources | bool | False | include scanning of project test sources\nbandit_include_scripts | bool | False | include scanning of project scripts\n\nThe plugin properties are set using `project.set_property`, the following is an example of how to set the properties:\n\n```Python\nproject.set_property('bandit_break_build', True)\nproject.set_property('bandit_confidence_level', 'LOW')\nproject.set_property('bandit_severity_level', 'MEDIUM')\nproject.set_property('bandit_skip_ids', 'B110,B315')\nproject.set_property('bandit_include_testsources', True)\nproject.set_property('bandit_include_scripts', True)\n```\n\n### Development\n\nClone the repository and ensure the latest version of Docker is installed on your development server.\n\nBuild the Docker image:\n```sh\ndocker image build \\\n-t pybbandit:latest .\n```\n\nRun the Docker container:\n```sh\ndocker container run \\\n--rm \\\n-it \\\n-v $PWD:/code \\\npybbandit:latest \\\nbash\n```\n\nExecute the build:\n```sh\npyb -X\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsoda480%2Fpybuilder-bandit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsoda480%2Fpybuilder-bandit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsoda480%2Fpybuilder-bandit/lists"}