counterweight/arbret
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add bandit for Python security linting

Browse source 
- Add bandit as dev dependency
- Configure in pyproject.toml (exclude venv/tests)
- Skip B101 (assert) and B311 (random for non-crypto)
- Add Makefile target: security-backend
This commit is contained in:
counterweight 2025-12-21 21:56:46 +01:00
parent 6a2d7155cb
commit 30583805cd
Signed by: counterweight
GPG key ID: 883EDBAA726BD96C
2 changed files with 12 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
backend/pyproject.toml
View file

@ -22,6 +22,7 @@ dev = [
"mypy>=1.13.0",
"ruff>=0.14.10",
"pytest-cov>=7.0.0",
"bandit>=1.9.2",
]
[tool.mypy]
@ -68,3 +69,10 @@ exclude_lines = [
]
show_missing = true
[tool.bandit]
exclude_dirs = ["tests", ".venv"]
skips = [
"B101", # assert warnings (used in tests)
"B311", # random for non-security purposes (invite codes)
]