https://github.com/StacklokLabs/banditize
PyCQA/bandit as a web service
https://github.com/StacklokLabs/banditize
Last synced: 8 months ago
JSON representation
PyCQA/bandit as a web service
- Host: GitHub
- URL: https://github.com/StacklokLabs/banditize
- Owner: StacklokLabs
- License: apache-2.0
- Created: 2024-11-17T23:37:00.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2025-01-29T04:55:32.000Z (over 1 year ago)
- Last Synced: 2025-04-18T08:33:52.003Z (about 1 year ago)
- Language: Go
- Size: 11.7 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# banditize
PyCQA/bandit as a web service.
This is a small web service (designed to be run under [Google Cloud Run](https://cloud.google.com/run) or the like that wraps [PyCQA/bandit](https://github.com/PyCQA/bandit) in a JSON-based API. The input format is:
```json
{
"base": "... base64-encoded .tar.gz of the base filesystem ...",
"head": "... base64-encoded .tar.gz of the proposed changed filesystem ..."
}
```
You may omit `base` to scan a directory from scratch.
In turn, this currently returns a single field, but we may expand it later:
```json
{
"simpleFindings": "... bandit output ..."
}
## Usage
To test on the command line in a python directory, you can do the following:
```
curl --data @<(echo "{\"head\":\"$(tar -czf - . | base64 -i -)\"}") http://localhost:7777/pull
```
## Deployment
This is also deployed on Google Cloud Run at the following URL via CI:
https://banditize-562949304223.us-central1.run.app/