add source code check by bandit, a security linter from PyCQA

the following tests are disabled
[B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
[B404:blacklist] Consider possible security implications associated with subprocess module.
[B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input.
[B607:start_process_with_partial_path] Starting a process with a partial executable path

https://bandit.readthedocs.io/

[skip ci]
This commit is contained in:
alexey.lysiuk 2021-06-18 17:54:03 +03:00
parent d90514e534
commit 77ee4965ea

View file

@ -6,5 +6,13 @@ jobs:
linter: linter:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- uses: actions/checkout@v2 - name: Checkout
- uses: docker://github/super-linter:v2.1.0 uses: actions/checkout@v2
- name: Super-Linter
uses: docker://github/super-linter:v2.1.0
- name: Bandit
run: |
pip3 install bandit
bandit --skip B101,B310,B404,B603,B607 --recursive .