home-assistant/core
1
0
Fork 1
mirror of https://github.com/home-assistant/core.git synced 2025-08-01 11:45:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add bandit, use to catch known vulnerable XML parsing (#28341)

Browse Source 
* Add bandit to pre-commit and CI, use to catch known vulnerable XML parsing

* Use defusedxml instead of direct xml.etree to parse XML

* Move config to tests/bandit.yaml
This commit is contained in:
Ville Skyttä
2019-11-18 10:10:15 +02:00
committed by Pascal Vizeli
parent aef808d2bf
commit d4c80f160c
13 changed files with 42 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
requirements_test_pre_commit.txt
View File

@@ -1,5 +1,6 @@
# Automatically generated from .pre-commit-config-all.yaml by gen_requirements_all.py, do not edit
bandit==1.6.2
black==19.10b0
flake8-docstrings==1.5.0
flake8==3.7.9