Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Bandit Security Linting to Github Actions #17

Merged
merged 7 commits into from
May 26, 2024
Merged

Add Bandit Security Linting to Github Actions #17

merged 7 commits into from
May 26, 2024

Conversation

maxachis
Copy link

@maxachis maxachis commented May 26, 2024
edited
Loading

Fixes

Description

  • A new GitHub Actions workflow 'bandit.yaml' has been added to run Bandit, a Python security linter, on pull requests.
  • This will increase the security standards of the codebase by ensuring that potential security vulnerabilities are addressed promptly.
  • The Bandit results will be uploaded as an artifact for further analysis

Testing

  • Can be evaluated based on Github Action output

Performance

  • Takes less than a minute to run using Github Actions

Docs

  • Not applicable.

@maxachis
Add Bandit Security Linting to GitHub Actions
f53d8f8 
A new GitHub Actions workflow 'bandit.yaml' has been added to run Bandit, a Python security linter, on push and pull requests. This will increase the security standards of the codebase by ensuring that potential security vulnerabilities are addressed promptly. The Bandit results will be uploaded as an artifact for further analysis.
maxachis added 6 commits May 26, 2024 08:03
@maxachis
Update Bandit execution command in workflow
fae254f 
Removed the explicit exit command from the Bandit execution command in the GitHub Actions workflow.
@maxachis
Removed cat command from Bandit run in GitHub Actions
006cec2 
The command to print out Bandit's output directly to the console in the GitHub Actions workflow was removed. Now, the results are only being uploaded as an artifact for review.
@maxachis
Adjustment
b931fc1
@maxachis
Adjustment
12a9ba9
@maxachis
Update Bandit Security Linting trigger event
e05fbc1 
Changed the triggering event of Bandit Security Linting workflow from happening on both push and pull_request events to only on pull_request events.
@maxachis
Expand targets for Bandit Security Linting
2f3a61d 
Updated the Bandit Security Linting code to also include 'resources' and 'app.py', expanding the range of files which are scanned for potential security vulnerabilities. Previously, linting was only applied to 'middleware'.
@maxachis maxachis merged commit 07318bb into dev May 26, 2024
9 of 10 checks passed
@maxachis maxachis deleted the mc_issue_292_bandit branch May 26, 2024 22:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@josh-chamberlain josh-chamberlain Awaiting requested review from josh-chamberlain josh-chamberlain is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@maxachis