yourlabs/python container adds security audit tools
| by jpic | gitlab-ci security python gitlab best-practiceThe new version of yourlabs/python docker image, which bundles npm and pip3 on alpine and a bunch of testing tools, was released with bandit and safety baked in.
You can benefit from it in your Open Source software by adding .gitlab-ci.yml:
py-sec-bandit:
image: yourlabs/python
script: bandit -v -x commands,tests {posargs:-r src}
py-sec-safety:
image: yourlabs/python
script: safety check