mirror of
https://github.com/openSUSE/osc.git
synced 2024-12-26 01:46:13 +01:00
Merge pull request #142 from vpereira/master
added a simple way to verify osc code base with the python security scanner bandit
This commit is contained in:
commit
3ec00b0f20
18
run_bandit.sh
Executable file
18
run_bandit.sh
Executable file
@ -0,0 +1,18 @@
|
||||
#!/bin/bash
|
||||
|
||||
# you can pass as argument "csv","json" or "txt" (default)
|
||||
if [ "$1" != "" ];then
|
||||
OUTPUT=$1
|
||||
else
|
||||
OUTPUT="txt"
|
||||
fi
|
||||
|
||||
# check if bandit is installed
|
||||
command -v bandit >/dev/null 2>&1 || { echo "bandit should be installed. get the package from https://build.opensuse.org/package/show/home:vpereirabr/python-bandit. Aborting." >&2; exit 1; }
|
||||
|
||||
bandit -c /usr/etc/bandit/bandit.yaml -r osc -f $OUTPUT
|
||||
|
||||
if [ "$OUTPUT" == "csv" ];then
|
||||
cat bandit_results.csv
|
||||
rm -f bandit_results.csv
|
||||
fi
|
Loading…
Reference in New Issue
Block a user