You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ament_bandit is a wrapper for the ament build system, to perform static analysis of ROS code using Bandit. Bandit is an effective, open source linter that detects defects and vulnerabilities in Python code. ament_bandit provides the command line tool, and ament_cmake_bandit is a CMake integration to run the tests over an ament package as part of the tests.
What is the project state?
The project currently offers similar features to other ament wrappers included in the ament_lint repository, such as the ability to generate an XUnit compliant XML results file. The main development has been completed and the project is ready to use. The maintainers expect that the project will be used, validated and iterated upon, if necessary, over time.
What is your motivation for wanting it under the Security Working Group?
This tool contributes to facilitating the use of security linters in ROS projects, which is in line with the working group mission of fostering and promoting security in ROS. The addition of this project would encourage WG members to contribute to it and promote its use in the ROS community, and kickstart the development of a set of security related SAST linters.
How do you expect the Security Working Group to contribute to it?
We expect the Security Working Group to support and promote the use of this tool in the ROS community.
Description
ament_banditis a wrapper for the ament build system, to perform static analysis of ROS code using Bandit. Bandit is an effective, open source linter that detects defects and vulnerabilities in Python code.ament_banditprovides the command line tool, andament_cmake_banditis a CMake integration to run the tests over an ament package as part of the tests.The project currently offers similar features to other ament wrappers included in the ament_lint repository, such as the ability to generate an XUnit compliant XML results file. The main development has been completed and the project is ready to use. The maintainers expect that the project will be used, validated and iterated upon, if necessary, over time.
This tool contributes to facilitating the use of security linters in ROS projects, which is in line with the working group mission of fostering and promoting security in ROS. The addition of this project would encourage WG members to contribute to it and promote its use in the ROS community, and kickstart the development of a set of security related SAST linters.
We expect the Security Working Group to support and promote the use of this tool in the ROS community.
Existing URLs
https://github.com/florcabral/ament_bandit.git
Requirements
colcon testruns successfullySponsors (if applicable)
The text was updated successfully, but these errors were encountered: