mirror of
https://github.com/jlengrand/bugsink.git
synced 2026-03-10 08:01:17 +00:00
Configure bandit for 'spoils' usage
i.e. B380: No os.path.join misuse. See https://github.com/bugsink/spoils rather than think-carefully-and-explain-with-nosec, just switch to safe_join: this saves future readers the pain of validating whether all assumptions are (still) correct at a (small) performance cost. See #175
This commit is contained in:
Klaas van Schelven
4
.github/workflows/ci.yml
vendored
4
.github/workflows/ci.yml
vendored
@@ -51,9 +51,9 @@ jobs:
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install Bandit
|
||||
- name: Install Bandit and Plugins
|
||||
run: |
|
||||
pip install bandit
|
||||
pip install bandit spoils
|
||||
|
||||
- name: Run Bandit and format results
|
||||
shell: bash
|
||||
|
||||
Reference in New Issue
Block a user