add source code check by bandit, a security linter from PyCQA

the following tests are disabled [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. [B404:blacklist] Consider possible security implications associated with subprocess module. [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input. [B607:start_process_with_partial_path] Starting a process with a partial executable path https://bandit.readthedocs.io/ [skip ci]
2021-06-18 17:54:03 +03:00 · 2021-06-18 17:54:03 +03:00 · 77ee4965ea
parent d90514e534
commit 77ee4965ea
1 changed files with 10 additions and 2 deletions
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@ -6,5 +6,13 @@ jobs:
  linter:
    runs-on: ubuntu-20.04
    steps:
-        - uses: actions/checkout@v2
-        - uses: docker://github/super-linter:v2.1.0
+    - name: Checkout
+      uses: actions/checkout@v2
+
+    - name: Super-Linter
+      uses: docker://github/super-linter:v2.1.0
+
+    - name: Bandit
+      run: |
+        pip3 install bandit
+        bandit --skip B101,B310,B404,B603,B607 --recursive .