bandit
https://github.com/pycqa/bandit
Python
Bandit is a tool designed to find common security issues in Python code.
Triage Issues!
When you volunteer to triage issues, you'll receive an email each day with a link to an open issue that needs help in this project. You'll also receive instructions on how to triage issues.
Triage Docs!
Receive a documented method or class from your favorite GitHub repos in your inbox every day. If you're really pro, receive undocumented methods or classes and supercharge your commit history.
Python not yet supported7 Subscribers
Add a CodeTriage badge to bandit
Help out
- Issues
- pysnmp under new ownership with breaking compatilbility
- B614 False Positive when using torch.jit.load
- not distinguishing sql statement with mixed stringbased query construction and sanitised parameterised sql query
- Broken JUnit-like XML report files
- Sarif formatter physicalLocation calculation error
- Add support for per-file rule ignores in configuration
- Should exit with non-zero code when scanning fails
- Add check for decompression bomb vulnerabilities
- Attempt to improve hardcoded password checks for strings
- using `xml.etree.ElementTree.fromstring` shouldn't raise errors in python versions 3.11 and up
- Docs
- Python not yet supported