Merge pull request #3 from AmberJBlue/update-security-scans

AmberJBlue · web-flow · commit 2889a72658b4 · 2025-08-06T19:31:26.000-04:00
Guarantee serif format
diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
@@ -87,10 +87,9 @@ jobs:
           pip install -e ".[dev]"
 
       - name: Run Bandit Security Scan
-        uses: PyCQA/bandit-action@v1
-        with:
-          targets: "."
-          configFile: "pyproject.toml"
+        run: |
+          source .venv/bin/activate
+          bandit -r . --configfile pyproject.toml --format sarif -o results.sarif
 
       - name: Upload SARIF results to Security tab
         if: github.ref == 'refs/heads/main'
diff --git a/pyproject.toml b/pyproject.toml
@@ -48,7 +48,7 @@ dev = [
     "twine==3.4.2",
     "wheel~=0.38.4",
     "xgboost~=3.0.2",
-    "bandit[toml]~=1.7.7"
+    "bandit[toml,sarif]~=1.7.7"
 ]
 extras = ["aix360[default,tsice,tslime,tssaliency]==0.3.0"]
 

Original file line number	Diff line number	Diff line change
`@@ -48,7 +48,7 @@ dev = [`
`48`	`48`	`"twine==3.4.2",`
`49`	`49`	`"wheel~=0.38.4",`
`50`	`50`	`"xgboost~=3.0.2",`
`51`		`- "bandit[toml]~=1.7.7"`
	`51`	`+ "bandit[toml,sarif]~=1.7.7"`
`52`	`52`	`]`
`53`	`53`	`extras = ["aix360[default,tsice,tslime,tssaliency]==0.3.0"]`
`54`	`54`