Add a bandit environment to tox
This change is being proposed as part of the OpenStack Security Project working session at the Austin 2016 summit. It adds support for running the bandit[1] security linting tool against the Senlin codebase. This change adds a targeted environment for bandit. The bandit configuration has been tailored to exclude tests that are currently producing warning against the codebase. These issues will be followed up with bug reports and patches. At the time of submission, Senlin passes all Bandit tests configured in tox. [1]: https://wiki.openstack.org/wiki/Security/Projects/Bandit Change-Id: I54ef7329b9d6f6429838afdc5319f48bcc2e9f33
This commit is contained in:
parent
e567237c44
commit
c914eb14d7
|
@ -21,3 +21,6 @@ os-api-ref>=1.0.0 # Apache-2.0
|
|||
oslosphinx>=4.7.0 # Apache-2.0
|
||||
sphinx!=1.3b1,<1.4,>=1.2.1 # BSD
|
||||
reno>=1.8.0 # Apache2
|
||||
|
||||
# Bandit build requirements
|
||||
bandit>=1.1.0 # Apache-2.0
|
||||
|
|
Loading…
Reference in New Issue