viperior / python-project-template

Python project template with a starting structure, CI/CD. linting, testing, and code coverage analysis
MIT License
3 stars 2 forks source link

CodeQL alternative for local/private security scanning #55

Open viperior opened 2 years ago

viperior commented 2 years ago

Discussed in https://github.com/viperior/python-project-template/discussions/42

Originally posted by **viperior** May 6, 2022 CodeQL analysis is not available to non-public, non-enterprise GitHub accounts as of May 2022. Explore the use of the `bandit` Python module in a GitHub Actions workflow to provide a layer of Python code security scanning that will work for a broader user base than CodeQL currently supports for free.
viperior commented 2 years ago

Also check out https://github.com/pyupio/safety