From 378b546899b88641933e898101f59f796a686eb2 Mon Sep 17 00:00:00 2001
From: Tin Lam <tin@irrational.io>
Date: Sun, 4 Jun 2017 09:20:46 -0500
Subject: [PATCH] Add bandit target

This patch set adds bandit security static code scanning to valet.
User can run ``tox -ebandit`` to perform the analysis.

Change-Id: I37a979cefa8f02ffa5455d042e06a419063eb8e7
---
 test-requirements.txt | 3 +++
 tox.ini               | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/test-requirements.txt b/test-requirements.txt
index 8bf9550..bb687d2 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -24,3 +24,6 @@ tempest>=14.0.0 # Apache-2.0
 
 # Functional tests.
 requests!=2.12.2,!=2.13.0,>=2.10.0 # Apache-2.0
+
+# Bandit security scanning
+bandit>=1.1.0 # Apache-2.0
diff --git a/tox.ini b/tox.ini
index 64df0a8..e9a676b 100644
--- a/tox.ini
+++ b/tox.ini
@@ -44,6 +44,9 @@ commands =
 whitelist_externals =
     bash
 
+[testenv:bandit]
+commands = bandit -r valet -x tests -n 5 -l
+
 [flake8]
 filename = *.py
 show-source = true