Skip to content

Sync upstream bandit rules

Vishwa Bhat requested to merge vbhat161-bandit-upstream-sync into main

As a part of the Upstream Rule Synchronization process, this MR adds the below new rules from the upstream source that are missing in our current ruleset.

Upstream Rules: Bandit

  • B113: request_without_timeout
  • B202: tarfile_unsafe_members
  • B508: snmp_insecure_version
  • B509: snmp_weak_cryptography
  • B612: logging_config_insecure_listen
  • B415: import_pyghmi
Checklist
  • Changelog entry added
  • Gap Analysis verified for the changes made (CI job)
Edited by Vishwa Bhat

Merge request reports

Loading