Enable checking with bandit
bandit is statically analyzing source code in order to identify potentially security sensitive constructs. Change-Id: Iea7057ccfd68cefea84e23fcd26ae498e6bc6533
This commit is contained in:
parent
edef047506
commit
09302e7a31
@ -3,7 +3,8 @@
|
||||
# process, which may cause wedges in the gate later.
|
||||
|
||||
# Install bounded pep8/pyflakes first, then let flake8 install
|
||||
hacking<0.11,>=0.10.2
|
||||
hacking!=0.13.0,<0.14,>=0.12.0 # Apache-2.0
|
||||
bandit>=1.1.0 # Apache-2.0
|
||||
|
||||
fixtures>=3.0.0 # Apache-2.0/BSD
|
||||
coverage>=4.0 # Apache-2.0
|
||||
|
2
tox.ini
2
tox.ini
@ -25,6 +25,8 @@ commands =
|
||||
# Ignore too long lines error E006 from bashate and treat
|
||||
# E005, E042 as errors.
|
||||
bashate -v -iE006 -eE005,E042 devstack/plugin.sh
|
||||
# FIXME(dmllr); B101 needs to be fixed first
|
||||
bandit -r monasca_log_api -n5 -s B101 -x monasca_log_api/tests
|
||||
|
||||
[testenv:cover]
|
||||
setenv =
|
||||
|
Loading…
Reference in New Issue
Block a user