A lightweight collection of additional security checks for Bandit.
- B380: No path-join misuse
Detects unvalidated or unsafe usage of
os.path.join, multi-argumentpathlib.Path(...),Path(...).joinpath(...), and/path composition in your codebase.
pip install spoilsOnce installed, Bandit will automatically pick up the new checks:
bandit -r your_project/Issues will be reported with their B-number and descriptive message.
More community-driven checks are coming soon! Got an idea or contribution? Feel free to file an issue or submit a pull request.