

Introducing Bandit, a Python code security analyzer - chair6
https://wiki.openstack.org/wiki/Security/Projects/Bandit

======
chair6
"Bandit provides a framework for performing security analysis of Python source
code, utilizing the ast module from the Python standard library.

The ast module is used to convert source code into a parsed tree of Python
syntax nodes. Bandit allows users to define custom tests that are performed
against those nodes. At the completion of testing, a report is generated that
lists security issues identified within the target source code."

Wiki page is linked above
([https://wiki.openstack.org/wiki/Security/Projects/Bandit](https://wiki.openstack.org/wiki/Security/Projects/Bandit)),
and browseable code is at
[http://git.openstack.org/cgit/stackforge/bandit/](http://git.openstack.org/cgit/stackforge/bandit/).

We'd love to hear about people who are using this - feedback and suggestions
welcome.

