bandit-sast CI stage is deprecated by Gitlab
bandit (Bandit); End of Support in GitLab 15.4. Replaced by the semgrep analyzer with GitLab-managed rules.
Also I don't think it worked. For example, it should highlight the usage of
exec but it happily passes it though.
It can be replaced by a Debian based bandit analyser. (just like other CI analysers)
However, there are a lot of issues that should be fixed before adding it.
This is the scan result against master:
Code scanned: Total lines of code: 83316 Total lines skipped (#nosec): 1087 Run metrics: Total issues (by severity): Undefined: 0 Low: 760 Medium: 31 High: 2 Total issues (by confidence): Undefined: 0 Low: 3 Medium: 28 High: 762 Files skipped (0):
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information