Add bandit to linters

kris-steinhoff · Feb 20, 2023 · e533810 · e533810
1 parent 3988cf8
commit e533810
Show file tree

Hide file tree

Showing 5 changed files with 150 additions and 4 deletions.
diff --git a/.github/workflows/pylint.yml b/.github/workflows/pylint.yml
@@ -11,6 +11,7 @@ jobs:
         os: ["ubuntu-20.04"]
         linter-command:
           - poetry run pylint dbcl
+          - poetry run bandit dbcl
           - poetry run black --check --diff .
 
     runs-on: ${{ matrix.os }}
@@ -23,7 +24,6 @@ jobs:
         with:
           python-version: ${{ matrix.python-version }}
           cache: "poetry"
-      # - if: ${{ steps.cache-poetry-venv.outputs.cache-hit != 'true' }}
       - name: Install dependencies
         run: |
           poetry install

diff --git a/Makefile b/Makefile
@@ -1,7 +1,10 @@
-lint: pylint black
+lint: pylint black bandit
 
 pylint:
 	poetry run pylint dbcl
 
 black:
 	poetry run black --check .
+
+bandit:
+	poetry run bandit -r dbcl
diff --git a/dbcl.code-workspace b/dbcl.code-workspace
@@ -6,7 +6,7 @@
 	],
 	"settings": {
 		"python.linting.enabled": true,
-		"python.linting.banditEnabled": false,
+		"python.linting.banditEnabled": true,
 		"python.linting.flake8Enabled": false,
 		"python.linting.pylintEnabled": true,
 		"editor.formatOnSave": true,

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -24,6 +24,7 @@ isort = "^5.12.0"
 pylint = "^2.16.2"
 black = "^23.1.0"
 bump2version = "^1.0.1"
+bandit = "^1.7.4"
 
 [tool.pylint.messages_control]
 disable = [