openstack/keystoneauth
Code Issues Proposed changes

Enable bandit

Browse Source 
The bandit linter checks for common security-related issues.

The setup here is the same as in keystone.

Change-Id: Ide2bc772f541d9efbf5e43f42f0893bf7495b24f
This commit is contained in:
Brant Knudson 2016-04-29 09:03:06 -05:00
parent c5738b9055
commit 48ec8bfc16
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
test-requirements.txt
View File

@ -5,6 +5,7 @@
hacking<0.11,>=0.10.0 hacking<0.11,>=0.10.0
flake8-docstrings==0.2.1.post1 # MIT flake8-docstrings==0.2.1.post1 # MIT
bandit>=1.0.1 # Apache-2.0
coverage>=3.6 # Apache-2.0 coverage>=3.6 # Apache-2.0
discover # BSD discover # BSD
fixtures<2.0,>=1.3.1 # Apache-2.0/BSD fixtures<2.0,>=1.3.1 # Apache-2.0/BSD

9
tox.ini
View File

@ -18,6 +18,15 @@ commands = ostestr {posargs}
[testenv:pep8] [testenv:pep8]
commands = commands =
flake8 flake8
# Run security linter
# B110: except: pass
# B410: importing etree
bandit -r keystoneauth1 -x tests -s B110,B410
[testenv:bandit]
# NOTE(browne): This is required for the integration test job of the bandit
# project. Please do not remove.
commands = bandit -r keystoneauth1 -x tests -s B110,B410
[testenv:venv] [testenv:venv]
commands = {posargs} commands = {posargs}