Calmcode - bandit: loading

Using Bandit to find bad code in a Python library

1 2 3 4 5

To test bandit some more, we figured it would be interesting to run it against a library. If you want to do that too, remember to set the -r flag. In the example below we're recursively checking all the files in the clumper folder.

bandit -r clumper

In the video we learned about an interesting issue related to loading yaml files. Our library intially used the standard loader and we quickly learned that it's preferable to use the safe_load method. To learn more about the issue, you can check the bandit documentation. The PyYaml docs also have some information.

Final Note

In our video we quickly make a change to the library, but we also re-ran the unit tests on our end to make sure everything still works. Always double check that your code still works when refactoring your code.