Merge pull request #4 from AmberJBlue/update-security-scans

AmberJBlue · web-flow · commit 220e7735a5b5 · 2025-08-06T20:07:40.000-04:00
Update Security Scan
diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
@@ -86,10 +86,16 @@ jobs:
           source .venv/bin/activate
           pip install -e ".[dev]"
 
-      - name: Run Bandit Security Scan
+      - name: Install Bandit
         run: |
           source .venv/bin/activate
-          bandit -r . --configfile pyproject.toml --format sarif -o results.sarif
+          pip install bandit[sarif]
+
+      - name: Run Bandit Security Scan
+        uses: PyCQA/bandit-action@v1
+        with:
+          targets: "."
+          exclude: "tests"
 
       - name: Upload SARIF results to Security tab
         if: github.ref == 'refs/heads/main'
diff --git a/pyproject.toml b/pyproject.toml
@@ -48,7 +48,6 @@ dev = [
     "twine==3.4.2",
     "wheel~=0.38.4",
     "xgboost~=3.0.2",
-    "bandit[toml,sarif]~=1.7.7"
 ]
 extras = ["aix360[default,tsice,tslime,tssaliency]==0.3.0"]
 
@@ -86,7 +85,4 @@ markers = [
 [tool.setuptools.packages.find]
 where = ["src"]
 
-[tool.setuptools_scm]
-
-[tool.bandit]
-exclude = ["tests"]
+[tool.setuptools_scm]
