According to Bandit's documentation, importing the subprocess module is considered a low security issue (B404). Unfortunately, it does not provide alternatives or explanation why. Thus, I have 2 qu...

I'm using bandit to check my code for potential security issues: bandit -r git-repository/ However, the most common item found by bandit is B101. It is triggered by assert statements within tests....

Since the pre-commit hook does not allow even warnings and commits issued by bandit, I need to find a way to execute bash commands from python scripts without bandit complaining. Using the subproc...

I'm trying to use pyproject.toml to exclude the venv/ directory. But it is not recognising the option. [tool.bandit] exclude = "/venv" [tool.black] exclude = "(venv)" [tool.is...

I've got a bunch of django_mark_safe errors >> Issue: [B703:django_mark_safe] Potential XSS on mark_safe function. Severity: Medium Confidence: High Location: ... More Info: https://bandi...

My Python script has to run binary available only via console, so I use subprocess.run and it looks like this: CMD = [ "C:\\Program Files\\Azure DevOps Server 2019\\Tools\\TFSSecurity.exe", "/gd...

Overview I'm using SonarQube 7.4.0.18908 to gather code coverage and perform static code analysis for a Python 3.6 project. The server is running in AWS. Things are working as expected (see screen...

I would like to get python code for an analysis using Bandit static analyzer. The main emphasis is security, for python 2.7. Can anyone help ?