Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/noqcks/codeclimate-bandit
A codeclimate engine for bandit.
https://github.com/noqcks/codeclimate-bandit
bandit codeclimate codeclimate-engine python
Last synced: about 2 months ago
JSON representation
A codeclimate engine for bandit.
- Host: GitHub
- URL: https://github.com/noqcks/codeclimate-bandit
- Owner: noqcks
- License: mit
- Created: 2018-10-04T03:52:45.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2022-12-20T05:44:39.000Z (about 2 years ago)
- Last Synced: 2024-11-02T12:42:34.486Z (2 months ago)
- Topics: bandit, codeclimate, codeclimate-engine, python
- Language: Python
- Size: 18.6 KB
- Stars: 5
- Watchers: 2
- Forks: 6
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Code Climate Bandit Engine
Code Climate Engine to run [Bandit](https://github.com/PyCQA/bandit).
Bandit is a tool designed to find common security issues in Python code.
## Installation
```
git clone https://github.com/noqcks/codeclimate-bandit
cd codeclimate-bandit
make release
```
## Usage
.codeclimate.yml
```
plugins:
bandit:
enabled: true
```
And then run the engine:
```
codeclimate analyze
```
## Configuration
The engine supports the native config file for Bandit. You can select the specific test plugins to run and override default Bandit configuration using this file. More information on the config file can be found in the [Bandit documentation](https://docs.openstack.org/bandit/latest/config.html).
A `.bandit.yaml` included at the root of your project will be included during engine run.
Example `.bandit.yaml`:
```
skips: ['B101', 'B601', 'B404']
```
## TODO
- support different locations of .bandit.yaml