-
Notifications
You must be signed in to change notification settings - Fork 319
Bandit Analyzer
In order to use the Python analyzer tasks you'll need to set the directory to use for temporary downloads and, if you need to do authenticated clones from Github, either an SSH key or a Github OAuth token. To use an SSH key follow the directions on [this page|https://help.github.com/articles/generating-an-ssh-key/] as the user Scumblr is running as. If you would instead like to use a Github OAuth token follow the directions on this page.
In your Scumblr initializer configure the API OAuth token and temporary directory as follows (no additional configuration is needed for properly deployed SSH keys, if git uses it from the command line, Scumblr will use it as well):
config.github_oauth_token = '<Github OAuth token>'
config.downloads_tmp_dir = '<Temporary Download Directory>'
Additionally you'll need to make sure Bandit has been deployed on your system. Normally this is done by running "sudo pip install bandit"
Note: You will need to restart Scumblr in order for the config change to be picked up.