Contents

bandit 1.9.3

0

Security oriented static analyser for python code.

Security oriented static analyser for python code.

Stars: 7785, Watchers: 7785, Forks: 731, Open Issues: 224

The PyCQA/bandit repo was created 7 years ago and the last code push was Yesterday.
The project is extremely popular with a mindblowing 7785 github stars!

How to Install bandit

You can install bandit using pip

pip install bandit

or add it to a project with poetry

poetry add bandit

Package Details

Author
PyCQA
License
Apache-2.0
Homepage
https://bandit.readthedocs.io/
PyPi:
https://pypi.org/project/bandit/
Documentation:
https://bandit.readthedocs.io/
GitHub Repo:
https://github.com/PyCQA/bandit

Classifiers

  • Security
No  bandit  pypi packages just yet.

Errors

A list of common bandit errors.

Code Examples

Here are some bandit code examples and snippets.

GitHub Issues

The bandit package has 224 open issues on GitHub

  • Suppressing B105 on a multiline dict assignment
  • B105 (hardcoded password) false positive for the string NextToken
  • [pre-commit.ci] pre-commit autoupdate
  • B615: false positive if set revision as variable
  • using xml.etree.ElementTree.fromstring shouldn't raise errors in python versions 3.11 and up
  • Fix B602: Fix IndexError on subprocess calls with keyword arguments
  • Support AI powered suggestion of fixes
  • #nosec not working for multi-line strings in python 3.8
  • Bandit is too slow to parse some files

See more issues on GitHub

Related Packages & Articles

flake8 7.3.0

the modular source code checker: pep8 pyflakes and co

astroid 4.1.0

An abstract syntax tree for Python with inference support.

cfn-lint 1.44.0

Checks CloudFormation templates for practices and behaviour that could potentially be improved