Open ChengyuZhu6 opened 1 month ago
Currently, the project does not have a security linter integrated into its CI pipeline. This poses potential risks as security vulnerabilities in Python code can go undetected. I found many high security issues using Bandit
security-issues.log
No
No response
Reproduce:
> pip install bandit > bandit -r . --severity-level high -s B501 # Skip the B501 rule related to SSL certificate validation checks
Add Security Check Using Bandit in CI
Thanks @ChengyuZhu6 for flagging this and creating your PR! We will take a look!
🐛 Describe the bug
Currently, the project does not have a security linter integrated into its CI pipeline. This poses potential risks as security vulnerabilities in Python code can go undetected. I found many high security issues using Bandit
Error logs
security-issues.log
Installation instructions
No
Model Packaging
No
config.properties
No response
Versions
No
Repro instructions
Reproduce:
Possible Solution
Add Security Check Using Bandit in CI