Skip to main content

Automated security testing with bandit and flake8.

Project description


Build Status

Automated security testing built right into your workflow!

You already use flake8 to lint all your code for errors, ensure docstrings are formatted correctly, sort your imports correctly, and much more... so why not ensure you are writing secure code while you're at it? If you already have flake8 installed all it takes is pip install flake8-bandit.


To include or exclude tests, use the standard .bandit configuration file. An example valid .bandit config file:

exclude = /frontend,/scripts,/tests,/venv
tests: B101

In this case, we've specified to ignore a number of paths, and to only test for B101.

Note: flake8-bugbear uses bandit default prefix 'B' so this plugin replaces the 'B' with an 'S' for Security. For more information, see

How's it work?

We use the bandit package from PyCQA for all the security testing.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

flake8_bandit-4.1.1.tar.gz (5.4 kB view hashes)

Uploaded Source

Built Distribution

flake8_bandit-4.1.1-py3-none-any.whl (4.8 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page