Details

Category: Static Code Analysis

Publisher: trickest

Created Date: 6/23/2021

Container: quay.io/trickest/bandit:1.7.1

Source URL: https://github.com/PyCQA/bandit

Parameters

debug
boolean
Command: -d - Turn on debug mode
quiet
boolean
Command: -q - Only show output in the case of an error
profile
string
Command: --profile - Profile to use (defaults to executing all tests)
skip-id
string
Command: --skip - Comma-separated list of test IDs to skip
test-id
string
Command: --tests - Comma-separated list of test IDs to run
verbose
boolean
Command: --verbose - Output extra information like excluded and included files
baseline
file
Command: --baseline - Path of a baseline report to compare against (only JSON-formatted files are accepted)
ini-file
file
Command: --ini - Path to a .bandit file that supplies command line arguments
aggregate
string
Command: --aggregate - Aggregate ggregate output by vulnerability (default) or by filename
exit-zero
boolean
required
Command: --exit-zero - Exit with 0, even with results found
level-low
string
Command: -l - Report only issues of a given severity level or higher (level for LOW, -ll for MEDIUM, -lll for HIGH)
confidence
boolean
Command: --confidence - Report only issues of a given confidence level or higher
level-high
string
Command: -lll - Report only issues of a given severity level or higher (level for LOW, -ll for MEDIUM, -lll for HIGH)
config-file
file
Command: --configfile - Optional config file to use for selecting plugins and overriding defaults
ignore-nosec
boolean
Command: --ignore-nosec - Do not skip lines with # nosec comments
level-medium
string
Command: -ll - Report only issues of a given severity level or higher (level for LOW, -ll for MEDIUM, -lll for HIGH)
msg-template
string
Command: --msg-template - Specify output message template (only usable with output-format is set to custom)
number-lines
string
Command: --number - Maximum number of code lines to output for each issue
targets-file
file
required
Command: targets - Source file(s)
exclude-paths
string
Command: --exclude - Comma-separated list of paths (glob patterns supported) to exclude from scan (note that these are in addition to the excluded paths provided in the config file) (default: .svn,CVS,.bzr,.hg,.git,__pycache__,.tox,.eggs,*.egg)
output-format
string
Command: -f - {csv,custom,html,json,screen,txt,xml,yaml}
targets-folder
folder
required
Command: targets - Source folder
recursive-target
folder
Command: --recursive - Find and process files in subdirectories