Following on from the discussion in https://github.com/PyCQA/bandit/pull/1086 , we could generate are own official bandit images for use in CI / CD. I expect the best way to achieve this is using a build / publish action in github actions. Makes sense to use the sigstore project so images can be signed / validated too.
Following on from the discussion in https://github.com/PyCQA/bandit/pull/1086 , we could generate are own official bandit images for use in CI / CD. I expect the best way to achieve this is using a build / publish action in github actions. Makes sense to use the sigstore project so images can be signed / validated too.