From f5a6f0ca6263077f1d41bab04eb2d23a19e9cabc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kry=C5=A1tof=20Piln=C3=A1=C4=8Dek?= Date: Wed, 24 Oct 2018 12:03:22 +0200 Subject: [PATCH] Add pre-commit config --- .pre-commit-hooks.yaml | 6 ++++++ README.rst | 19 ++++++++++++++++++- 2 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 .pre-commit-hooks.yaml diff --git a/.pre-commit-hooks.yaml b/.pre-commit-hooks.yaml new file mode 100644 index 000000000..68bbe024d --- /dev/null +++ b/.pre-commit-hooks.yaml @@ -0,0 +1,6 @@ +- id: bandit + name: bandit + description: 'Bandit is a tool for finding common security issues in Python code' + entry: bandit + language: python + types: [python] diff --git a/README.rst b/README.rst index ed15d923c..32c86b599 100644 --- a/README.rst +++ b/README.rst @@ -37,7 +37,7 @@ this Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files it generates a report. -Bandit was originally developed within the OpenStack Security Project and +Bandit was originally developed within the OpenStack Security Project and later rehomed to PyCQA. Installation @@ -249,6 +249,23 @@ Usage:: B703 django_mark_safe +Version control integration +--------------------------- + +Use `pre-commit `_. Once you `have it +installed `_, add this to the +`.pre-commit-config.yaml` in your repository +(be sure to update `rev` to point to a real git tag/revision!):: + + repos: + - repo: https://github.com/PyCQA/bandit + rev: '' # Update me! + hooks: + - id: bandit + + +Then run `pre-commit install` and you're ready to go. + Configuration ------------- An optional config file may be supplied and may include: