Add bandit security config
Bandit is an OpenStack security linter that uses python AST modules to perform static code analysis of a project. It can help identify low, medium, and high security "hotspots" in a project codebase. This change provides an initial Bandit config based on the existing one used by Sahara. Change-Id: Idcfb5641007bb27de8df262b236b9a46d7e11d5d Closes-Bug: 1547730
This commit is contained in:
Peter MacKinnon
committed by
Peter Stachowski
Peter Stachowski
parent
a3b3fcbd7d
commit
64fc24516b
@@ -3,6 +3,7 @@
|
||||
# process, which may cause wedges in the gate later.
|
||||
# Hacking already pins down pep8, pyflakes and flake8
|
||||
hacking<0.11,>=0.10.0
|
||||
bandit>=1.0.1 # Apache-2.0
|
||||
sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 # BSD
|
||||
oslosphinx!=3.4.0,>=2.5.0 # Apache-2.0
|
||||
reno>=1.6.2 # Apache2
|
||||
|
||||
3
tox.ini
3
tox.ini
@@ -103,3 +103,6 @@ commands = openstack-doc-test --check-build --publish --force
|
||||
# no file there. It can be removed when infra changes this.
|
||||
install_command = pip install -U {opts} {packages}
|
||||
commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
|
||||
|
||||
[testenv:bandit]
|
||||
commands = bandit -r trove -n5 -x tests
|
||||
|
||||
Reference in New Issue
Block a user