Bandit is a tool designed to find common security issues in Python code.
You can read more about it at https://bandit.readthedocs.io/en/latest/.
How to enable Bandit
Add the following to your .sourcelevel.yml
file.
# .sourcelevel.yml
engines:
bandit:
enabled: true
Available channels
-
stable
recommended
-
View in Docker Hub
(tag: b866)
-
View in Docker Hub
-
latest
-
View in Docker Hub
(tag: b866)
-
View in Docker Hub
Want to know how to specify channel
for your reviews? Check
configuration instructions page.