bandit

NAME

bandit - Security oriented static analyzer for python code

SYNOPSIS

bandit [-h] [-r] [-a {file,vuln}] [-n CONTEXT_LINES] [-c CONFIG_FILE]" "User Commands"

positional arguments:

targets

source file(s) or directory(s) to be tested

optional arguments:

-h, --help

show this help message and exit

-r, --recursive

process files in subdirectories

-a {file,vuln}, --aggregate {file,vuln}

group results by vulnerability type or file it occurs in

-n CONTEXT_LINES, --number CONTEXT_LINES

max number of code lines to display for each issue identified

-c CONFIG_FILE, --configfile CONFIG_FILE

test config file, defaults to /etc/bandit/bandit.yaml, or./bandit.yaml if not given

-p PROFILE, --profile PROFILE

test set profile in config to use (defaults to all tests)

-l, --level

results level filter

-f {csv,json,txt,xml}, --format {csv,json,txt,xml}

specify output format

-o OUTPUT_FILE, --output OUTPUT_FILE

write report to filename

-v, --verbose

show extra information like excluded and included files

-d, --debug

turn on debug mode

[-p PROFILE] [-l] [-f {csv,json,txt,xml}] [-o OUTPUT_FILE] [-v] [-d] targets [targets ...]