.pre-commit-config.yaml
.pre-commit-hooks.yaml
.readthedocs.yaml
.stestr.conf
AUTHORS
CODE_OF_CONDUCT.md
CONTRIBUTING.md
ChangeLog
LICENSE
README.rst
SECURITY.md
bandit-terminal.png
pylintrc
requirements.txt
setup.cfg
setup.py
test-requirements.txt
tox.ini
.github/CODEOWNERS
.github/FUNDING.yml
.github/dependabot.yml
.github/ISSUE_TEMPLATE/Feature_request.md
.github/ISSUE_TEMPLATE/bug-report.yml
.github/ISSUE_TEMPLATE/config.yml
.github/workflows/build-publish-image.yml
.github/workflows/dependency-review.yml
.github/workflows/publish-to-pypi.yml
.github/workflows/publish-to-test-pypi.yml
.github/workflows/pythonpackage.yml
bandit/__init__.py
bandit/__main__.py
bandit.egg-info/PKG-INFO
bandit.egg-info/SOURCES.txt
bandit.egg-info/dependency_links.txt
bandit.egg-info/entry_points.txt
bandit.egg-info/not-zip-safe
bandit.egg-info/pbr.json
bandit.egg-info/requires.txt
bandit.egg-info/top_level.txt
bandit/blacklists/__init__.py
bandit/blacklists/calls.py
bandit/blacklists/imports.py
bandit/blacklists/utils.py
bandit/cli/__init__.py
bandit/cli/baseline.py
bandit/cli/config_generator.py
bandit/cli/main.py
bandit/core/__init__.py
bandit/core/blacklisting.py
bandit/core/config.py
bandit/core/constants.py
bandit/core/context.py
bandit/core/docs_utils.py
bandit/core/extension_loader.py
bandit/core/issue.py
bandit/core/manager.py
bandit/core/meta_ast.py
bandit/core/metrics.py
bandit/core/node_visitor.py
bandit/core/test_properties.py
bandit/core/test_set.py
bandit/core/tester.py
bandit/core/utils.py
bandit/formatters/__init__.py
bandit/formatters/csv.py
bandit/formatters/custom.py
bandit/formatters/html.py
bandit/formatters/json.py
bandit/formatters/screen.py
bandit/formatters/text.py
bandit/formatters/utils.py
bandit/formatters/xml.py
bandit/formatters/yaml.py
bandit/plugins/__init__.py
bandit/plugins/app_debug.py
bandit/plugins/asserts.py
bandit/plugins/crypto_request_no_cert_validation.py
bandit/plugins/django_sql_injection.py
bandit/plugins/django_xss.py
bandit/plugins/exec.py
bandit/plugins/general_bad_file_permissions.py
bandit/plugins/general_bind_all_interfaces.py
bandit/plugins/general_hardcoded_password.py
bandit/plugins/general_hardcoded_tmp.py
bandit/plugins/hashlib_insecure_functions.py
bandit/plugins/injection_paramiko.py
bandit/plugins/injection_shell.py
bandit/plugins/injection_sql.py
bandit/plugins/injection_wildcard.py
bandit/plugins/insecure_ssl_tls.py
bandit/plugins/jinja2_templates.py
bandit/plugins/logging_config_insecure_listen.py
bandit/plugins/mako_templates.py
bandit/plugins/request_without_timeout.py
bandit/plugins/snmp_security_check.py
bandit/plugins/ssh_no_host_key_verification.py
bandit/plugins/tarfile_unsafe_members.py
bandit/plugins/try_except_continue.py
bandit/plugins/try_except_pass.py
bandit/plugins/weak_cryptographic_key.py
bandit/plugins/yaml_load.py
doc/requirements.txt
doc/source/conf.py
doc/source/config.rst
doc/source/faq.rst
doc/source/index.rst
doc/source/start.rst
doc/source/blacklists/blacklist_calls.rst
doc/source/blacklists/blacklist_imports.rst
doc/source/blacklists/index.rst
doc/source/formatters/csv.rst
doc/source/formatters/custom.rst
doc/source/formatters/html.rst
doc/source/formatters/index.rst
doc/source/formatters/json.rst
doc/source/formatters/screen.rst
doc/source/formatters/text.rst
doc/source/formatters/xml.rst
doc/source/formatters/yaml.rst
doc/source/man/bandit.rst
doc/source/plugins/b101_assert_used.rst
doc/source/plugins/b102_exec_used.rst
doc/source/plugins/b103_set_bad_file_permissions.rst
doc/source/plugins/b104_hardcoded_bind_all_interfaces.rst
doc/source/plugins/b105_hardcoded_password_string.rst
doc/source/plugins/b106_hardcoded_password_funcarg.rst
doc/source/plugins/b107_hardcoded_password_default.rst
doc/source/plugins/b108_hardcoded_tmp_directory.rst
doc/source/plugins/b109_password_config_option_not_marked_secret.rst
doc/source/plugins/b110_try_except_pass.rst
doc/source/plugins/b111_execute_with_run_as_root_equals_true.rst
doc/source/plugins/b112_try_except_continue.rst
doc/source/plugins/b113_request_without_timeout.rst
doc/source/plugins/b201_flask_debug_true.rst
doc/source/plugins/b202_tarfile_unsafe_members.rst
doc/source/plugins/b324_hashlib.rst
doc/source/plugins/b501_request_with_no_cert_validation.rst
doc/source/plugins/b502_ssl_with_bad_version.rst
doc/source/plugins/b503_ssl_with_bad_defaults.rst
doc/source/plugins/b504_ssl_with_no_version.rst
doc/source/plugins/b505_weak_cryptographic_key.rst
doc/source/plugins/b506_yaml_load.rst
doc/source/plugins/b507_ssh_no_host_key_verification.rst
doc/source/plugins/b508_snmp_insecure_version.rst
doc/source/plugins/b509_snmp_weak_cryptography.rst
doc/source/plugins/b601_paramiko_calls.rst
doc/source/plugins/b602_subprocess_popen_with_shell_equals_true.rst
doc/source/plugins/b603_subprocess_without_shell_equals_true.rst
doc/source/plugins/b604_any_other_function_with_shell_equals_true.rst
doc/source/plugins/b605_start_process_with_a_shell.rst
doc/source/plugins/b606_start_process_with_no_shell.rst
doc/source/plugins/b607_start_process_with_partial_path.rst
doc/source/plugins/b608_hardcoded_sql_expressions.rst
doc/source/plugins/b609_linux_commands_wildcard_injection.rst
doc/source/plugins/b610_django_extra_used.rst
doc/source/plugins/b611_django_rawsql_used.rst
doc/source/plugins/b612_logging_config_insecure_listen.rst
doc/source/plugins/b701_jinja2_autoescape_false.rst
doc/source/plugins/b702_use_of_mako_templates.rst
doc/source/plugins/b703_django_mark_safe.rst
doc/source/plugins/index.rst
docker/Dockerfile
examples/__init__.py
examples/assert.py
examples/binding.py
examples/cipher-modes.py
examples/ciphers.py
examples/crypto-md5.py
examples/dill.py
examples/django_sql_injection_extra.py
examples/django_sql_injection_raw.py
examples/eval.py
examples/exec.py
examples/flask_debug.py
examples/ftplib.py
examples/hardcoded-passwords.py
examples/hardcoded-tmp.py
examples/hashlib_new_insecure_functions.py
examples/httpoxy_cgihandler.py
examples/httpoxy_twisted_directory.py
examples/httpoxy_twisted_script.py
examples/imports-aliases.py
examples/imports-from.py
examples/imports-function.py
examples/imports-with-importlib.py
examples/imports.py
examples/jinja2_templating.py
examples/jsonpickle.py
examples/logging_config_insecure_listen.py
examples/long_set.py
examples/mako_templating.py
examples/mark_safe.py
examples/mark_safe_insecure.py
examples/mark_safe_secure.py
examples/marshal_deserialize.py
examples/mktemp.py
examples/multiline_statement.py
examples/new_candidates-all.py
examples/new_candidates-none.py
examples/new_candidates-nosec.py
examples/new_candidates-some.py
examples/no_host_key_verification.py
examples/nonsense.py
examples/nonsense2.py
examples/nosec.py
examples/okay.py
examples/os-chmod.py
examples/os-exec.py
examples/os-popen.py
examples/os-spawn.py
examples/os-startfile.py
examples/os_system.py
examples/pandas_read_pickle.py
examples/paramiko_injection.py
examples/partial_path_process.py
examples/pickle_deserialize.py
examples/popen_wrappers.py
examples/pycrypto.py
examples/pycryptodome.py
examples/pyghmi.py
examples/random_module.py
examples/requests-missing-timeout.py
examples/requests-ssl-verify-disabled.py
examples/shelve_open.py
examples/skip.py
examples/snmp.py
examples/sql_multiline_statements.py
examples/sql_statements.py
examples/ssl-insecure-version.py
examples/subprocess_shell.py
examples/tarfile_extractall.py
examples/telnetlib.py
examples/try_except_continue.py
examples/try_except_pass.py
examples/unverified_context.py
examples/urlopen.py
examples/weak_cryptographic_key_sizes.py
examples/wildcard-injection.py
examples/xml_etree_celementtree.py
examples/xml_etree_elementtree.py
examples/xml_expatbuilder.py
examples/xml_expatreader.py
examples/xml_lxml.py
examples/xml_minidom.py
examples/xml_pulldom.py
examples/xml_sax.py
examples/xml_xmlrpc.py
examples/yaml_load.py
examples/init-py-test/__init__.py
examples/init-py-test/subdirectory-okay.py
logo/logo.svg
logo/logomark-singlecolor.png
logo/logomark.png
logo/logotype-singlecolor.png
logo/logotype-sm.png
logo/logotype.png
scripts/main.py
tests/__init__.py
tests/functional/__init__.py
tests/functional/test_baseline.py
tests/functional/test_functional.py
tests/functional/test_runtime.py
tests/unit/__init__.py
tests/unit/cli/__init__.py
tests/unit/cli/test_baseline.py
tests/unit/cli/test_config_generator.py
tests/unit/cli/test_main.py
tests/unit/core/__init__.py
tests/unit/core/test_blacklisting.py
tests/unit/core/test_config.py
tests/unit/core/test_context.py
tests/unit/core/test_docs_util.py
tests/unit/core/test_issue.py
tests/unit/core/test_manager.py
tests/unit/core/test_meta_ast.py
tests/unit/core/test_test_set.py
tests/unit/core/test_util.py
tests/unit/formatters/__init__.py
tests/unit/formatters/test_csv.py
tests/unit/formatters/test_custom.py
tests/unit/formatters/test_html.py
tests/unit/formatters/test_json.py
tests/unit/formatters/test_screen.py
tests/unit/formatters/test_text.py
tests/unit/formatters/test_xml.py
tests/unit/formatters/test_yaml.py