bandit

v1.7.0

Security oriented static analyser for python code.

Apache-2.0
Latest version published 3 months ago
    pip install bandit
  
We couldn't find any similar packages Browse all packages

Package Health Score

94 / 100
Make sure the open source you're using is safe to use
Secure my Project

Popularity

Influential project
Popularity by version

Total Weekly Downloads (293,561)

Dependents
0
GitHub Stars
3.02K
Forks
311
Contributors
100

The PyPI package bandit receives a total of 293,561 downloads a week. As such, we scored bandit popularity level to be Influential project.

Based on project statistics from the GitHub repository for the PyPI package bandit, we found that it has been starred 3,017 times, and that 0 other projects in the ecosystem are dependent on it.

The download numbers shown are the average weekly downloads from the last 6 weeks.

Security

No known security issues
Powered by Snyk

Security and license risk for latest version

Version
1.7.0 See all versions
Release Date
12/2020
Direct Vulnerabilities
  • 0
    H
  • 0
    M
  • 0
    L
Indirect Vulnerabilities
  • 0
    H
  • 0
    M
  • 0
    L
License Risk
  • 0
    H
  • 0
    M
  • 0
    L
All security vulnerabilities belong to production dependencies of direct and indirect packages.

License
Apache-2.0

Security Policy
No

We found a way for you to contribute to the project! Looks like bandit is missing a security policy.


You can connect your project's repository to Snyk to stay up to date on security alerts and receive automatic fix pull requests.

Keep your project free of vulnerabilities with Snyk

Maintenance

Healthy

Commit Frequency

Open Issues
123
Merged PR
141
Open PR
41
Last Commit
20 days ago

Further analysis of the maintenance status of bandit based on released PyPI versions cadence, the repository activity, and other data points determined that its maintenance is Healthy.

We found that bandit demonstrates a positive version release cadence with at least one new version released in the past 3 months.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Community

Active
Readme
Yes
Contributing.md
Yes
Code of Conduct
Yes
Contributors
100
Funding
No

With more than 10 contributors for the bandit repository, this is possibly a sign for a growing and inviting community.


Embed Package Health Score Badge

package health: 94/100 package health 94/100

Package

Python Versions Compatibility
==3.5.*, ==3.6.*, ==3.7.*, ==3.8.*

Age
6 years
Latest Release
3 months ago
Dependencies
10 Total
Versions
30
Maintainers
6
Wheels
OS Independent