Use bandit
@DSASanFrancisco/portal-members
This PR adds the Bandit static analyzer security check tool to the project, sets up some reasonable defaults, and fixes the (minor) issues discovered in the project. I also added Bandit to the CI pipeline so it will run as part of the build.
Developers can run Bandit locally using make security
.
Edited by Derrick Liu