"Bandit provides a framework for performing security analysis of Python source code, utilizing the ast module from the Python standard library.
The ast module is used to convert source code into a parsed tree of Python syntax nodes. Bandit allows users to define custom tests that are performed against those nodes. At the completion of testing, a report is generated that lists security issues identified within the target source code."
The ast module is used to convert source code into a parsed tree of Python syntax nodes. Bandit allows users to define custom tests that are performed against those nodes. At the completion of testing, a report is generated that lists security issues identified within the target source code."
Wiki page is linked above (https://wiki.openstack.org/wiki/Security/Projects/Bandit), and browseable code is at http://git.openstack.org/cgit/stackforge/bandit/.
We'd love to hear about people who are using this - feedback and suggestions welcome.