jbampton opened a new pull request, #1634: URL: https://github.com/apache/sedona/pull/1634
https://github.com/PyCQA/bandit https://bandit.readthedocs.io/en/latest/start.html#version-control-integration https://bandit.readthedocs.io/en/latest/config.html This PR is skipping four bandit tests. https://bandit.readthedocs.io/en/latest/plugins/index.html#complete-test-plugin-listing ## Did you read the Contributor Guide? - Yes, I have read the [Contributor Rules](https://sedona.apache.org/latest-snapshot/community/rule/) and [Contributor Development Guide](https://sedona.apache.org/latest-snapshot/community/develop/) ## Is this PR related to a JIRA ticket? - No. ## What changes were proposed in this PR? Added another check/test to our pre-commit framework. Currently skipping 4 bandit checks and we can address these issues if needed in follow up PRs. None of the 4 skipped checks were reported as high security. B608 has been skipped it was reported as a possible medium https://bandit.readthedocs.io/en/latest/plugins/b608_hardcoded_sql_expressions.html Automated tools can produce false positives so we need to check each issue manually ## How was this patch tested? Ran locally: `pre-commit run --all-files` ## Did this PR include necessary documentation updates? - No, this PR does not affect any public API so no need to change the documentation. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sedona.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
