Blob Blame History Raw
Name: bandit
Version: 1.7.4
Release: %autorelease
Summary: A framework for performing security analysis of Python source code

License: ASL 2.0
BuildArch: noarch

BuildRequires:  python3-devel
BuildRequires:  pyproject-rpm-macros

# for checks, cherry-picked from test-requirements.txt (mixes coverage and linting)
BuildRequires:  python3dist(pytest)
BuildRequires:  python3dist(fixtures)
BuildRequires:  python3dist(testscenarios)
BuildRequires:  python3dist(testtools)
BuildRequires:  python3dist(toml)

Bandit provides a framework for performing security analysis of Python source
code, utilizing the ast module from the Python standard library.

The ast module is used to convert source code into a parsed tree of Python
syntax nodes. Bandit allows users to define custom tests that are performed
against those nodes. At the completion of testing, a report is generated
that lists security issues identified within the target source code.


# remove test that requires bs4
rm tests/unit/formatters/

# Add missing requirement on pbr
echo "pbr" >> requirements.txt

%pyproject_buildrequires -r


%pyproject_save_files bandit

%pytest tests

%files -f %{pyproject_files}
%doc AUTHORS ChangeLog README.rst
%doc doc
%doc examples
%license LICENSE