Develop Custom .bandit.yml for Rule Tuning

## Goal

Design and implement a project-specific `.bandit.yml` configuration to reduce false positives and enforce security standards relevant to the LedgerBase codebase.

## Tasks

- [ ] Review Bandit findings from recent workflow runs.
- [ ] Identify rules that trigger false positives or irrelevant warnings.
- [ ] Identify rules that should be **elevated** in severity.
- [ ] Create `.bandit.yml` at the project root with:
  - Custom severity levels
  - Targeted file paths
  - Exclusions (e.g., test files or migration scripts if applicable)
- [ ] Validate that Bandit runs with new config in GitHub Actions
- [ ] Document decisions in a comment or `README-security.md`

## Reference

- [Bandit config reference](https://bandit.readthedocs.io/en/latest/config.html)
- Example baseline file:
  ```yaml
  exclude_dirs:
    - tests/
    - migrations/
  severity: LOW
  confidence: HIGH
  skiptags:
    - B101  # assert
    - B403  # import_pickle


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Develop Custom .bandit.yml for Rule Tuning #92

Goal

Tasks

Reference

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Develop Custom .bandit.yml for Rule Tuning #92

Description

Goal

Tasks

Reference

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions