Python library
Run static code security analysis
Available since 1.2
Run static code analysis using M2A standards with bandit.
Info: bandit will be installed manually using the pre-configured version. pip must be availabe in the context runtime
Signature
python.static_code_sec_analysis(String[] excluded = [])
Parameter
excludedis a list of path to exclude for the analysis. By default, it will ignoretest,packer,buildandfeatures
Examples
Simple usage:
utils.build_notify(currentBuild, 'my-static-analysis', "Static analysis"){
python.static_code_sec_analysis()
}
Run dependency security vulnerability analysis
Available since 1.2
Run dependency analysis for known CVEs using M2A standards with security.
Info: security will be installed manually using the pre-configured version. pip must be availabe in the context runtime
Signature
python.dependency_sec_analysis()
Examples
Simple usage using utils.build_notify:
utils.build_notify(currentBuild, 'my-dependecy-analysis', "Dependency analysis"){
python.dependency_sec_analysis()
}