2f364daa08
Setting up the bandit tool for the scanning of HIGH severity issues in the python codes under Starlingx/fault folder. Expecting this merge will enable zuul job for CI/CD of bandit scan. Configuration files: 1. tox.ini for adding bandit environment and command. 2. test-requirements.txt for adding bandit version. 3. .zuul.yaml file for adding bandit job and configuring under check job to run code scan every time before code commit. Test: Run tox -e bandit command inside the fault folder to validate the bandit scan and result. Please note: Changes will be implemented in batches and this is Batch2 change. Story: 2007541 Task: 39490 Depends-On: https://review.opendev.org/#/c/721294/ Change-Id: I84449691281d9769e9219e6f9f1338c20f518f40 Signed-off-by: Sharath Kumar K <sharath.kumar@intel.com>
8 lines
135 B
Plaintext
8 lines
135 B
Plaintext
hacking!=0.13.0,<0.14,>=0.12.0
|
|
bashate >= 0.2
|
|
mock
|
|
PyYAML >= 3.1.0
|
|
yamllint >= 0.5.2
|
|
#spec_cleaner>=1.0.9
|
|
bandit!=1.6.0,>=1.1.0,<2.0.0
|