bandit.yaml at main · distributed.camp/i2p-python

distributed.camp / i2p-python

fork atom

A Python port of the Invisible Internet Project (I2P)

fork atom

i2p-python / bandit.yaml

at main 23 lines 470 B view raw

wrap content

bimo.studio feat: initial public release of i2p-python 5d ago

65a1e8dc

 1# Bandit security scanner configuration for i2p-python
 2# https://bandit.readthedocs.io/en/latest/config.html
 3
 4targets:
 5  - src/
 6
 7# Skip test directories
 8exclude_dirs:
 9  - tests
10  - .git
11  - __pycache__
12
13# Tests to skip:
14#   B101: assert used for runtime checks (standard pattern in crypto code)
15#   B311: random.random() — we use os.urandom/secrets for crypto, random only for non-security
16skips:
17  - B101
18
19# Report severity
20severity:
21  - MEDIUM
22  - HIGH
23  - CRITICAL