add bandit config file

kaiko-ai · Jan 17, 2024 · 77ddc90 · 77ddc90
1 parent 1735374
commit 77ddc90
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/bandit.yaml b/bandit.yaml
@@ -0,0 +1,11 @@
+---
+exclude_dirs: [".venv", "**/tests/**"]
+# - Skipping B101: doesn't like 'assert' to check for condition.
+#   Reasoning: we do not perform code optimisation and thus this should not apply.
+#   See https://bandit.readthedocs.io/en/1.7.5/plugins/b101_assert_used.html
+# - Skipping B404: doesn't like 'subprocess' module.
+#   We use it to run shell commands. We should emphasize to developpers its weakness.
+#   See https://bandit.readthedocs.io/en/1.7.5/blacklists/blacklist_imports.html#b404-import-subprocess
+# - Skipping B113: request_without_timeout
+#   This rule adds a lot of noise to the results, is not a security issue and not something we want to improve upon ATM.
+skips: ["B101", "B311", "B404", "B113"]