Python library¶
Run static code security analysis¶
Available since 1.2
Run static code analysis using M2A standards with bandit.
Info: bandit will be installed manually using the pre-configured version. pip must be availabe in the context runtime
Signature¶
python.static_code_sec_analysis(String[] excluded = [])
Parameter
excludedis a list of path to exclude for the analysis. By default, it will ignoretest,packer,buildandfeatures
Examples¶
Simple usage:
utils.build_notify(currentBuild, 'my-static-analysis', "Static analysis"){
python.static_code_sec_analysis()
}
Run dependency security vulnerability analysis¶
Available since 1.2
Run dependency analysis for known CVEs using M2A standards with security.
Info: security will be installed manually using the pre-configured version. pip must be availabe in the context runtime
Signature¶
python.dependency_sec_analysis()
Examples¶
Simple usage using utils.build_notify:
utils.build_notify(currentBuild, 'my-dependecy-analysis', "Dependency analysis"){
python.dependency_sec_analysis()
}