Skip to main content

Python Bandit

This producer component acts as a SAST scanner that analyses Python source code to look for security issues. Read more about it on the Python Bandit page and GitHub repo.

How to use with Smithy

Open-Source

  1. Add the Helm package to the pipeline settings:
---
# file: ./my-pipeline/kustomization.yaml
components:
  - pkg:helm/smithy-security-oss-components/producer-python-bandit

SaaS

  1. In the Smithy UI, open the page to create a new workflow.
  2. Find the Python Bandit in the Producers dropdown.