Add python static scan task

2026-05-06 17:09:00 -04:00 · 2022-08-26 14:12:26 +00:00
parent 1e987cce49
commit 8b6210eedb
3 changed files with 25 additions and 0 deletions
--- a/.github/workflows/daily_checks.yml
+++ b/.github/workflows/daily_checks.yml
@@ -42,3 +42,13 @@ jobs:
        ignore-vulns: PYSEC-2022-237
    - name: Run npm audit
      run: make npm-audit
+
+  static-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: ./.github/actions/setup-project
+      - name: Install bandit
+        run: pip install bandit
+      - name: Run scan
+        run: bandit -r app/ --confidence-level medium