Problem Description
As a developer, it would be useful to get a static code analysis of our library every so often so we aren't accidently introducing known vulnerabilities.
Expected behavior
- Add a Github Actions workflow that runs when a release is made. This action should
- Run Bandit
- Store the output as a file at the base level of the repo
- Make sure the file doesn't get included when creating the package for CTGAN
Additional context
- See this PR for inspiration
Bandit is an open sourced tool that can be used to scan python code for vulnerabilities.
Problem Description
As a developer, it would be useful to get a static code analysis of our library every so often so we aren't accidently introducing known vulnerabilities.
Expected behavior
Additional context
Bandit is an open sourced tool that can be used to scan python code for vulnerabilities.