Merge pull request #106 from Gallaecio/bandit

Add bandit to CI

Author: elacuesta

.bandit.yml

@@ -0,0 +1,2 @@
+skips:
+- B101

.github/workflows/checks.yml

@@ -0,0 +1,27 @@
+name: Checks
+on: [push, pull_request]
+
+jobs:
+  checks:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+        - python-version: 3
+          env:
+            TOXENV: security
+
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v2
+      with:
+        python-version: ${{ matrix.python-version }}
+
+    - name: Run check
+      env: ${{ matrix.env }}
+      run: |
+        pip install -U pip
+        pip install -U tox
+        tox

tox.ini

@@ -1,9 +1,15 @@
 [tox]
-envlist = py
+envlist = security,py
 
 [testenv]
 deps=
     -r tests/requirements.txt
 
 commands =
     py.test --cov-report term --cov=cssselect
+
+[testenv:security]
+deps =
+    bandit
+commands =
+    bandit -r -c .bandit.yml {posargs:cssselect}