From 7606d4a03c30d6d0972b3e42d92d17535b3a3815 Mon Sep 17 00:00:00 2001 From: Pearu Peterson Date: Mon, 8 Sep 2025 16:42:05 +0300 Subject: [PATCH 1/2] Enable bandit CI workflow --- .github/workflows/bandit.yml | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml index aaeb3701b0..de043792d9 100644 --- a/.github/workflows/bandit.yml +++ b/.github/workflows/bandit.yml @@ -1,23 +1,23 @@ -# # GitHub Actions Bandit Workflow +GitHub Actions Bandit Workflow -# name: Bandit +name: Bandit -# on: -# pull_request: -# branches: [ main ] +on: + pull_request: + branches: [ main ] -# workflow_dispatch: + workflow_dispatch: -# jobs: -# build: -# runs-on: ubuntu-latest +jobs: + build: + runs-on: ubuntu-latest -# steps: -# - uses: actions/checkout@v2 + steps: + - uses: actions/checkout@v2 -# # Task will fail if any high-severity issues are found -# # Ignoring submodules -# - name: Run Bandit Security Analysis -# run: | -# python -m pip install bandit -# python -m bandit -r . -x ./third_party -lll + # Task will fail if any high-severity issues are found + # Ignoring submodules + - name: Run Bandit Security Analysis + run: | + python -m pip install bandit + python -m bandit -r . -x ./third_party -lll From 4d2aab8fd80f543299028bd722fcb5db4ead6b05 Mon Sep 17 00:00:00 2001 From: Pearu Peterson Date: Mon, 8 Sep 2025 16:56:52 +0300 Subject: [PATCH 2/2] Fix typo --- .github/workflows/bandit.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml index de043792d9..a27b83ced6 100644 --- a/.github/workflows/bandit.yml +++ b/.github/workflows/bandit.yml @@ -1,5 +1,4 @@ -GitHub Actions Bandit Workflow - +# GitHub Actions Bandit Workflow name: Bandit on: