bandit(1) Security oriented static analyzer for python code

SYNOPSIS

bandit [-h] [-r] [-a {file,vuln}] [-n CONTEXT_LINES] [-c CONFIG_FILE]" "User Commands"

positional arguments:

targets
source file(s) or directory(s) to be tested

optional arguments:

-h, --help
show this help message and exit
-r, --recursive
process files in subdirectories
-a {file,vuln}, --aggregate {file,vuln}
group results by vulnerability type or file it occurs in
-n CONTEXT_LINES, --number CONTEXT_LINES
max number of code lines to display for each issue identified
-c CONFIG_FILE, --configfile CONFIG_FILE
test config file, defaults to /etc/bandit/bandit.yaml, or./bandit.yaml if not given
-p PROFILE, --profile PROFILE
test set profile in config to use (defaults to all tests)
-l, --level
results level filter
-f {csv,json,txt,xml}, --format {csv,json,txt,xml}
specify output format
-o OUTPUT_FILE, --output OUTPUT_FILE
write report to filename
-v, --verbose
show extra information like excluded and included files
-d, --debug
turn on debug mode

[-p PROFILE] [-l] [-f {csv,json,txt,xml}] [-o OUTPUT_FILE] [-v] [-d] targets [targets ...]