Use bandit (!300) · Merge requests · DSA San Francisco / membership_api

Derrick Liu requested to merge use-bandit into dev Feb 11, 2020

@DSASanFrancisco/portal-members

This PR adds the Bandit static analyzer security check tool to the project, sets up some reasonable defaults, and fixes the (minor) issues discovered in the project. I also added Bandit to the CI pipeline so it will run as part of the build.

Developers can run Bandit locally using make security.

Edited Feb 12, 2020 by Derrick Liu

Use bandit

Merge request reports