Skip to content

Commit 408ed3a

Browse files
mekanixmekanix
authored
Merge pull request #128 from mekanix/security
Add bandit to CI
2 parents d163531 + 2d77190 commit 408ed3a

File tree

7 files changed

+19
-6
lines changed

7 files changed

+19
-6
lines changed

Diff for: .github/workflows/pythonapp.yml

+3
Original file line numberDiff line numberDiff line change
@@ -20,3 +20,6 @@ jobs:
2020
- name: Test and lint
2121
run: |
2222
bin/test.sh
23+
- name: Security
24+
run: |
25+
bin/security.sh

Diff for: bin/security.sh

+9
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
#!/bin/sh
2+
3+
BIN_DIR=`dirname $0`
4+
export FREENIT_ENV="test"
5+
. ${BIN_DIR}/common.sh
6+
7+
8+
setup no
9+
bandit `find freenit -type f -name '*.py'`

Diff for: freenit/base_config.py

+3-3
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ def __init__(
3232
self,
3333
server="mail.example.com",
3434
user="[email protected]",
35-
password="Secrit",
35+
password="Secrit", #nosec
3636
port=587,
3737
tls=True,
3838
from_addr="[email protected]",
@@ -69,7 +69,7 @@ class BaseConfig:
6969
dburl = "sqlite:///db.sqlite"
7070
database = None
7171
engine = None
72-
secret = "SECRET"
72+
secret = "SECRET" #nosec
7373
user = "freenit.models.ormar.user"
7474
role = "freenit.models.ormar.role"
7575
theme = "freenit.models.ormar.theme"
@@ -121,4 +121,4 @@ class TestConfig(BaseConfig):
121121

122122

123123
class ProdConfig(BaseConfig):
124-
secret = "MORESECURESECRET"
124+
secret = "MORESECURESECRET" #nosec

Diff for: freenit/project/main.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
if __name__ == "__main__":
1111
uvicorn.run(
1212
"NAME.app:app",
13-
host="0.0.0.0",
13+
host="0.0.0.0", #nosec
1414
port=config.port,
1515
log_level="info",
1616
reload=True,

Diff for: freenit/project/project/base_config.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -20,4 +20,4 @@ class TestConfig(BaseConfig):
2020

2121

2222
class ProdConfig(BaseConfig):
23-
secret = "MORESECURESECRET"
23+
secret = "MORESECURESECRET" #nosec

Diff for: freenit/project/tests/test_user.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -12,4 +12,4 @@ async def test_get_user_list(self, client):
1212
await admin.save()
1313
client.login(user=admin)
1414
response = client.get(f"/users")
15-
assert response.status_code == 200
15+
assert response.status_code == 200 #nosec

Diff for: setup.py

+1
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@
3131
],
3232
"test": [
3333
"aiosqlite",
34+
"bandit",
3435
"black",
3536
"httpx",
3637
"isort",

0 commit comments

Comments
 (0)