bandit
https://github.com/pycqa/bandit
Python
Bandit is a tool designed to find common security issues in Python code.
Triage Issues!
When you volunteer to triage issues, you'll receive an email each day with a link to an open issue that needs help in this project. You'll also receive instructions on how to triage issues.
Triage Docs!
Receive a documented method or class from your favorite GitHub repos in your inbox every day. If you're really pro, receive undocumented methods or classes and supercharge your commit history.
Python not yet supported6 Subscribers
Add a CodeTriage badge to bandit
Help out
- Issues
- Run checks in threads to speed up execution and analysis
- candidate issues feature doesn't work
- Warn on more unnecessary shell commands
- Fix #447 -- Allow Multiple Formats and Output Files
- xml.sax.saxutils.escape and quoteattr incorrectly flagged as insecure
- Time to process a long set/lists of strings increases exponentially with the number of strings
- Possible Bandit string format plugin
- Cannot pass a baseline file to pre-commit hook (baseline does not apply when filename is given as target)
- Doc - Usage with Code Climate
- Bandit XML format should support working with baseline
- Docs
- Python not yet supported