Add Bandit to test

2e56ccac · nicolargo · ca3695ca · 2e56ccac · 2e56ccac
隐藏空白更改
内联并排

Showing with 11 addition and 3 deletion

.bandit .bandit +2 -0

.github/workflows/test.yml .github/workflows/test.yml +9 -3

未找到文件。
--- a/.bandit
+++ b/.bandit
+[bandit]
+exclude: ./docs,./glances/outputs/static/node_modules
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -5,7 +5,7 @@ name: test
 on: [push]

 jobs:
-  build:
+  test:

    runs-on: ubuntu-latest
    strategy:
@@ -30,10 +30,16 @@ jobs:
    - name: Lint with flake8
      run: |
        # Stop the build if there are Python syntax errors or undefined names
-        flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics --exclude=.git,./glances/outputs/static
+        flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics --exclude=.git,./docs,./glances/outputs/static
        # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
-        flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics --exclude=.git,./glances/outputs/static
+        flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics --exclude=.git,./docs,./glances/outputs/static

    - name: Unitary tests
      run: |
        python ./unitest.py
+
+    - name: Security issues with Bandit
+      uses: jpetrucciani/bandit-check@master
+      with:
+        #path: '-r --exit-zero --skip B104 ./glances/'
+        path: '-r --exit-zero --skip B104 ./glances/'
\ No newline at end of file