Currently, across the 2 different repos (sml-catalogue & sml-python-small) we worked with/ are working on, the dev packages installed aren't consistent with each other + aren't in the correct dependency groups.
Bandit added to the repo
CI pipeline updated to reflect the changes
Excluded the features/ steps python files from security scanning due to B101 bandit security vulnerability being raised. We can ignore this low risk vulnerability in this instance as we are using assert for testing purposeshttps://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
Black and pylint couldn't be added to the project as it requires python version to be upgraded to 3.8.
Checklist
[ ] Documentation created/updated
[ ] Tests created/updated
Description
Add a more detailed description of the pr including any necessary background
information.
Synopsis
Currently, across the 2 different repos (sml-catalogue & sml-python-small) we worked with/ are working on, the dev packages installed aren't consistent with each other + aren't in the correct dependency groups.
Excluded the features/ steps python files from security scanning due to B101 bandit security vulnerability being raised. We can ignore this low risk vulnerability in this instance as we are using assert for testing purposes https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
Black and pylint couldn't be added to the project as it requires python version to be upgraded to 3.8.
Checklist
Description
Add a more detailed description of the pr including any necessary background information.