Describe the solution you'd like
Add Bandit code checks to the PR validation process to ensure the code is secure
Describe alternatives you've considered
Other similar checkers
Additional context
Bandit has been able to highlight multiple issues in the codebase including security issues
I'd suggest skipping the "tests" directories with these tests to avoid noise
I run bandit manually by creating a pyproject.toml file as follows
[tool.bandit]
exclude_dirs = ['api_app/tests_ma','airlock_processor/tests', 'airlock_processor/.venv','resource_processor/tests_rp', 'e2e_tests', 'docs']
bandit -c ./pyproject.toml -r ./
Describe the solution you'd like
Add Bandit code checks to the PR validation process to ensure the code is secure
Describe alternatives you've considered
Other similar checkers
Additional context
Bandit has been able to highlight multiple issues in the codebase including security issues
I'd suggest skipping the "tests" directories with these tests to avoid noise
I run bandit manually by creating a
pyproject.tomlfile as followsbandit -c ./pyproject.toml -r ./