Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Update action.yml #8

Merged
merged 3 commits into from
Jan 20, 2021
Merged

Update action.yml #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
9c39895
Update action.yml
jackton1 Jan 20, 2021
9dd33f9
Update README.md
jackton1 Jan 20, 2021
4636d18
Update README.md
jackton1 Jan 20, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 2 additions & 7 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ bandit
uses: tj-actions/bandit@v1.3
with:
bandit_version: "1.7.0"
path: "."
targets: "."
options: "-r"
```

Expand All @@ -24,18 +24,13 @@ bandit
| Input | type | required | default | description |
|:-------------:|:-----------:|:-------------:|:----------------------------:|:-------------:|
| bandit-version | `string` | `true` | `1.7.0` | Bandit version to be installed |
| path | `string` | `true` | `.` | Location to run bandit checks |
| targets | `string[]` | `true` | `.` | Targets to run bandit checks |
| options | `string` | `true` | `-r` | Extra options ([possible choices](https://github.com/PyCQA/bandit#usage)) |



* Free software: [MIT license](LICENSE)

Features
--------

* TODO


Credits
-------
Expand Down
54 changes: 51 additions & 3 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,60 @@ inputs:
description: bandit version to be used
required: true
default: '1.7.0'
path:
description: Module/Package path to run bandit checks
targets:
description: Module(s)/Package(s) to run bandit checks
required: true
default: '.'
options:
description: Extra options passed to bandit
description: |
optional arguments:
-h, --help show this help message and exit
-r, --recursive find and process files in subdirectories
-a {file,vuln}, --aggregate {file,vuln}
aggregate output by vulnerability (default) or by
filename
-n CONTEXT_LINES, --number CONTEXT_LINES
maximum number of code lines to output for each issue
-c CONFIG_FILE, --configfile CONFIG_FILE
optional config file to use for selecting plugins and
overriding defaults
-p PROFILE, --profile PROFILE
profile to use (defaults to executing all tests)
-t TESTS, --tests TESTS
comma-separated list of test IDs to run
-s SKIPS, --skip SKIPS
comma-separated list of test IDs to skip
-l, --level report only issues of a given severity level or higher
(-l for LOW, -ll for MEDIUM, -lll for HIGH)
-i, --confidence report only issues of a given confidence level or
higher (-i for LOW, -ii for MEDIUM, -iii for HIGH)
-f {csv,custom,html,json,screen,txt,xml,yaml}, --format {csv,custom,html,json,screen,txt,xml,yaml}
specify output format
--msg-template MSG_TEMPLATE
specify output message template (only usable with
--format custom), see CUSTOM FORMAT section for list
of available values
-o [OUTPUT_FILE], --output [OUTPUT_FILE]
write report to filename
-v, --verbose output extra information like excluded and included
files
-d, --debug turn on debug mode
-q, --quiet, --silent
only show output in the case of an error
--ignore-nosec do not skip lines with # nosec comments
-x EXCLUDED_PATHS, --exclude EXCLUDED_PATHS
comma-separated list of paths (glob patterns
supported) to exclude from scan (note that these are
in addition to the excluded paths provided in the
config file) (default:
.svn,CVS,.bzr,.hg,.git,__pycache__,.tox,.eggs,*.egg)
-b BASELINE, --baseline BASELINE
path of a baseline report to compare against (only
JSON-formatted files are accepted)
--ini INI_PATH path to a .bandit file that supplies command line
arguments
--exit-zero exit with 0, even with results found
--version show program's version number and exit
required: false
default: '-r'

Expand Down