Skip to content

chore: add security scanning with OSV-Scanner and Bandit#38

Merged
officialankan merged 2 commits into
devfrom
36-chore-add-security-audit
Jan 13, 2026
Merged

chore: add security scanning with OSV-Scanner and Bandit#38
officialankan merged 2 commits into
devfrom
36-chore-add-security-audit

Conversation

@officialankan

Copy link
Copy Markdown
Owner

Description

Adds comprehensive security scanning to the project using OSV-Scanner for dependency vulnerabilities and Bandit for code security analysis.

Changes

  • Add workflow with:
    • OSV-Scanner for dependency vulnerability scanning
    • Bandit for Python code security analysis
    • SARIF uploads to GitHub Security tab
    • Runs on PRs, pushes, and weekly schedule
  • Add security badges to README.md (Bandit + workflow status)

Related Issue

Closes #36

Testing

  • Security workflow will run automatically on this PR
  • Verify SARIF results appear in GitHub Security tab
  • Confirm badges display correctly in README

Checklist

  • Code follows project style guidelines
  • Documentation updated (README badges)
  • No breaking changes

@officialankan officialankan linked an issue Jan 13, 2026 that may be closed by this pull request
@github-advanced-security

Copy link
Copy Markdown

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@codecov-commenter

Copy link
Copy Markdown

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@officialankan officialankan self-assigned this Jan 13, 2026
@officialankan officialankan added the enhancement New feature or request label Jan 13, 2026
@officialankan officialankan merged commit 71ee7de into dev Jan 13, 2026
11 checks passed
@officialankan officialankan deleted the 36-chore-add-security-audit branch January 13, 2026 09:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

enhancement New feature or request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

chore: add security audit

3 participants